Beruflich Dokumente
Kultur Dokumente
Brett Paskin
Chief Enterprise Security Architect, CISSP
Managing Certified Consultant
IBM Security & Privacy
Tivoli Now
Agenda
Security Trends
¾ Business Model
¾ Current Trends
¾ 2006 Threat Predictions
¾ Regulations
Comprehensive Approach
¾ Component Model – a Solution Framework
¾ Capability Model – an Information Security
Roadmap
Application Security
Security Architecture
Security Capabilities
Security Framework
Security Component What do we do ?
Model
How we deliver it ?
Process Enablement What level of maturity?
Security Framework
Process Enablement
Security Component How do you link to and
Model
support the business
Process Enablement processes?
Security Framework
Application Security
Security Component How
Modeldo you ensure new
projects don’t introduce
Process Enablement new risks?
Security Framework
risk levels.
Security Architecture
• Systems Development Life
Cycle, standards, design
Security Capabilities
solutions, patterns, controls,
services integration
11 © 2006 IBM Corporation
Tivoli Now
Security Architecture
Security Component How do you supply
Model
services? Consistency and
Process Enablement integration of the services.
Security Framework
(SOA)
Application Security • Design principles,
Portal B2B Finance ERP
cost/risk/service, self-serve,
Security Architecture
roadmaps, compliance ..
Security Capabilities
Security Capabilities
Security Component How do you delivery
Model
operational capability?
Process Enablement Ensure operational coverage
Security Framework
and compliance.
Application Security • Identity Management
• Threat Management
Security Architecture
• Privacy
• Logical Asset protection
• Transaction Security
Security Capabilities • Border Protection
a b i e a
Application Security
c a p fo r
ch e s t
Standards
h i i nv Process Architecture
Security Architecture
ut w o I
B h d
u c Procedure Product
Security Capabilities m
Architecture
Procedure
Standards
Principle
Process
Product
Capability - Level 1 to 2
Policy
Implementation of off the shelf software and tools for inbound filtering of inappropriate
9 9
content. Regular update of filtering rules.
Content policy established. Policy established on the use of unauthorised software and un-
9
trusted sites.
Incident tracking and reporting functions are established, with regular reporting of results and
9
significant issues.
Retrospective analysis of significant incidents. 9
Maturity Capability - Level 2 to 3
Reviews are conducted on a regular basis to check compliance with policies, architectures
9 9
and standards.
Deviations from policy/standards are managed and non compliance investigated. 9 9
Implement enterprise wide awareness and training programs. 9 9 9
Tight integration with support functions/teams 9
Detection and repair tools are deployed as part of standards platform configuration. 9
New threats and vulnerabilities are monitored, underlying weaknesses are identified with
preventative measures established and standardised 9 9 9
Capability - Level 3 to 4
Customised/tailored software and tools for automatic detection and repair. 9 9
Implement pre-emptive measures through analysis, trends, research and external advice to
9 9
mitigate specific threats/risks.
Strategic real-time security monitoring of critical enterprise wide business process and high
value information assets. 9 9 9 9
Capability - Level 4 to 5
Customised/tailored software and tools for pre-emptive detection and prevention of new
9
threats.
Automatic update of security policies and enterprise wide implementation. 9 9 9
Strategic real-time event correlation and pre-emptive risk/threat identification. 9 9 9 9
All critical processes employ automated response capabilities. 9 9
1
2
Assessment tool
Assessment tool
Reference library
Thank you
22 © 2006 IBM Corporation
Tivoli Now