Most organizations view PCI as a punishment rather than a means of strengthening their security posture. But once these organizations make peace with PCI and embrace it, they create positive value within their organization. PCI not only unlocks security budgets, but provides a framework for security best practices that minimize security risks and costs associated with data breaches.
In this webcast moderated by Cindy Valladares, Compliance Solutions Manager at Tripwire, John Kindervag, Senior Analyst at Forrester Research, Inc. discusses:
Common misperceptions about PCI
Why PCI compliance does not guarantee security
The value of using PCI as a security framework
How you can begin using PCI as a security framework
PCI: A Valuable Security Framework, Not a Punishment
1. PCI: A Valuable Security Framework,
Not a Punishment
IT Security and
Configuration Assessment &
Change Auditing Automation
Compliance Solutions
VISIBILITY
INTELLIGENCE
AUTOMATION
2. Today’s Speakers
John Kindervag
Senior Analyst
Forrester Research
Cindy Valladares
PCI Solutions Manager
Tripwire
IT SECURITY and COMPLIANCE AUTOMATION 2 Don’t Take Chances. TAKE CONTROL.
3.
4. PCI Unleashed:
Embracing PCI As A
Next-Generation
Security Architecture
John Kindervag
Senior Analyst
Forrester Research
28. Problem: Taking Too Long to Find Breaches/Risks
Breaches go undiscovered and uncontained
for weeks or months in 75 % of cases.
2009
Breach Average time between a breach and the detection of Discovery
it: 156 days [5.2 months]
Feb. 2010
“…breaches targeting stored data averaged 686 days
[of exposure]”
2010
“More than 75,000 computers … hacked” -- The attack
began late 2008 and discovered last month
Feb. 2010
28 Don’t Take Chances. TAKE CONTROL.
29. Result: The Time Delay Of Discovery Is Costly!
Breach Discovery
“Heartland Payment Systems
announced today that it will pay
“The average cost per breach in
Visa-branded credit and debit
2009 was $6.7 million…”
card issuers up 2010 $60 million…”
Ponemon Institute, Jan. 25, to
Bank Info Security, Jan. 8, 2010
29 Don’t Take Chances. TAKE CONTROL.
30. Need: Close The Time Gap
Breach Discovery Discovery Discovery
30 Don’t Take Chances. TAKE CONTROL.
31. Need: Close The Time Gap
Many Compromising Problems Are Difficult To Discover
Logging turned off FTP event to foreign IP
New user added
Login successful
FTP enabled
10 failed logins
DLL modified by new user
31 Don’t Take Chances. TAKE CONTROL.
32. Just Detecting Change Is Not Enough…
Policy-Based Intelligence Is Required
Logging turned off
New user added
Typical FIM cannot make these types FTP enabled
alerts. Change intelligence is required.
DLL modified by new user
32 Don’t Take Chances. TAKE CONTROL.
33. Just Detecting Log Events Is Not Enough…
Policy-Based Intelligence Is Required
FTP event to foreign IP
Login successful
10 failed logins Log management alone cannot alert
on these events—SIEM is required.
33 Don’t Take Chances. TAKE CONTROL.
34. Relating Change Events to Log Events…
Best Chance To Discover Compromising Problems Quickly
Logging turned off FTP event to foreign IP
Events New user added
of Login successful
Interest FTP enabled
10 failed logins
DLL modified by new user
34 Don’t Take Chances. TAKE CONTROL.
35. Solution:
35 Don’t Take Chances. TAKE CONTROL.
36. Questions
John Kindervag | Forrester Research Cindy Valladares | Tripwire
jkindervag@forrester.com cvalladares@tripwire.com
www.forrester.com www.tripwire.com
Twitter: @cindyv @TripwireInc
36 Don’t Take Chances. TAKE CONTROL.
Notes de l'éditeur
Many organizations have file integrity monitoring, log management and even event management solutions in place.But the average time it takes these same organizations to discover that a breach has occurred is months.During that time their critical data and infrastructure is at risk of compromise—if it has not already been compromised.There is an industry-wide problem: The time it takes to discover breaches is far too long and it needs to be shortened.
The cost of this time delay is enormous.These organizations not only suffer monetarily, their “mojo” is also badly damaged.They loose shareholder trust and value.Their name remains in the press and presentation like this for a very long time.
Automated help is needed to enable these organizations to more quickly know their data is at risk due to a breach activity.They need to close the breach to discover time gap.
Tripwire VIA delivers intelligent threat control by providing…Visibility across your infrastructure to know what is happening at all times.Intelligence to know which changes or events are suspect and may put your infrastructure and data at risk of compromise.Automation to help you to categorize high risk changes and events, remediate certain conditions, and automate compliance requirements such as reporting.