Strategische Informationssicherheit im Kontext von ... · Strategische Informationssicherheit im...
Transcript of Strategische Informationssicherheit im Kontext von ... · Strategische Informationssicherheit im...
Strategische Informationssicherheit im
Kontext von aktuellen Anforderungen zum
Schutz kritischer Infrastrukturen
Neue Strategien zum Schutz sensibler Informationen und zur besseren
Erkennung von Sicherheitsvorfällen
Arrow ECS AG - Dr. Volker Strecke - 13. September 2016
Foto: Volker Strecke
2
On Premise Resources Cloud Resources
Manage Risk
Analytics
Authentication
Access
GO
VE
RN
AN
CE
, R
ISK
& C
OM
PL
IAN
CE
MO
NIT
OR
ING
& A
NA
LY
TIC
S
IDE
NT
ITY
& A
CC
ES
S
Single
Sign On
Single
Sign On
Lifecycle & Governance
Informationssicherheit - Infrastruktur
3
Informationssicherheit - Technologien
IDENTITY Secure Access, Identity Lifecycle, Identity Governance,
Verwalten von sicheren
Identitäten und Zugangs-
Berechtigungen
ADVANCED SECURITY OPERATIONS SIEM: Logs, Packets, Endpoints
SecOps Manager
Advanced Cyber Defense / Incident Response Services
Aufspüren und Abwehren von
Cyber-Angriffen
GOVERNANCE, RISK & COMPLIANCE GRC
Verstehen und Managen von
Vorgaben und Risiken
IDE
NT
ITY
& A
CC
ES
S
MO
NIT
OR
ING
& A
NA
LY
TIC
S
GO
VE
RN
AN
CE
, R
ISK
& C
OM
PL
IAN
CE
5
On
Prem
Cloud
Erfassen, Anreichern und Analysieren sicherheits-relevanter Daten
Investigation
Compliance
Reporting
Endpoint Analysis
Session
Reconstruction
Incident
Management
Capture Time
Data Enrichment
TI
LOGS
PACKETS
ENDPOINT
NETFLOW
Action Analysis Visibility
TI
Threat Intel | Biz Context
Threat
Intelligence
Advanced
Analytics
ENRICH
Rules | Parsers | DS Models Reports | Feeds
Research, Incident Response & Engineering
TI
Skalierbares Advanced Security Operations Center (ASOC)
6
Automate Detection, Speed Investigation, Orchestrate Response
Skalierbares Advanced Security Operations Center (ASOC)
Logs, Packets, Netflow:
Pervasive visibility from
on-prem to cloud to detect
and investigate advanced threats.
Endpoints:
Continuous visibility to analyze,
detect, investigate and contain
suspicious endpoint activities.
Advanced Analytics Engine speeds detection of
anomalous behavior,
identify high risk activities and focused responses.
Expanded investigations through
Context Enrichment enables
analysts to understand complete
scope of threat actors.
SecOps
Prioritize and respond
to security incidents by
automating and
orchestrating
SOC people, process and
technology.
Live Connect
Crowd Sourced Intelligence
Services
ACD - Assess and
develop SOC Strategy
IR - Detect and
investigate breaches
Live
Actionable Threat
Intelligence
7
Processes
Tools
People
Business Goals:
- Managing Threats
- Managing Fraud
- Managing Risks
- Proving Compliance
Security Functions:
- Visibility and Analytics
- Controls
- GRC Integration
Strategische Informationssicherheit
Foto: Volker Strecke
Identity as Key Security Aspect
Security Orchestration and Threat Intelligence Sharing
Governance, Risk and Compliance Management
Dr. Volker Strecke
Tel. +49 89 93099 140
Viel Erfolg in Ihren KRITIS Projekten !
Foto: Volker Strecke
http://www.kritis.bund.de/ https://www.rsa.com/de-de/perspectives/industry