SlideShare une entreprise Scribd logo

Symantec Control Compliance Suite 11, February 2012

Symantec
Symantec

Symantec Control Compliance Suite 11 is the latest version of its enterprise-class IT governance, risk and compliance (GRC) solution. It will feature the new Control Compliance Suite Risk Manager module which enables security leaders to better understand and communicate risks to the business environment from their IT infrastructure. Risk Manager translates technical issues into risks relevant to business processes, delivers customized views of IT risk for different stakeholders, and helps prioritize remediation efforts based on business criticality rather than technical severity.

TechnologieBusiness
1  sur  15
Symantec Control Compliance Suite 11 February 14, 2012
Connecting IT Risk to the Business • 70% of security decision makers report increased executive awareness of IT security due to high profile attacks and breaches • Changes to IT risk management programs that would have the most positive impact on business counterparts – 47%: better explain the value of security in business terms – 44%: provide more accurate and timely data – 40%: more frequent reporting of risk and compliance data Symantec Control Compliance Suite 11 2
Organizational Evolution From Compliance to Business Risk Management Build Connect to sustainable business Focus on risk program top priorities Stay ahead of threats Comply with key mandates Only 1 in 8 best performing organizations feel Info Sec can influence business decisions Source: Information Risk Executive Council, 2011 Symantec Control Compliance Suite 11 3
Structured Approach to Addressing IT Risk and Compliance Stakeholders Security / Audit IT / Operations Business / Mgmt. 1. PLAN 3. REPORT Define policy and Customize reports for IT risk objectives multiple stakeholders 2. ASSESS 4. REMEDIATE Assess environment Remediate based on against objectives highest priority risks Environment Symantec Control Compliance Suite 11 4
Symantec Control Compliance Suite Stakeholders Security / Audit IT / Operations Business / Mgmt. PLAN REPORT • Demonstrate compliance to multiple • Define Policy risk objectives CCS business CCS Risk CCS Reporting CCS Dynamic Manager Manager* stakeholders • Create policies for multiple mandates • Correlate risk across business assets & Analytics Dashboards • Map to controls and de-duplicate CCS Content • High level dashboards with drill down EVIDENCE ASSETS CONTROLS ASSESS REMEDIATE • Identify deviations from technical Symantec Data Extended Data CCS Standards CCS Response Vulnerability 3rd Party • Risk-based prioritization Symantec Assessment Connectors Connectors standards Symantec Manager Manager Manager • Discover critical vulnerabilities • Closed loop tracking of deficiencies Ticketing Workflow ServiceDesk CCS • Evaluate procedural controls • Integration Integration systems with ticketing Integration • Combine data from 3rd party sources Environment Symantec Control Compliance Suite 11 5 * Planned new product. Roadmap subject to change.
Control Compliance Suite Risk Manager  Define a business asset you want to manage  Visualize and understand IT risk for this business asset  Prioritize remediation based on IT risk, not technical severity  Monitor risk reduction over time Symantec Control Compliance Suite 11 6
Visualize and Understand IT Risk Enterprise Wide View of Business Risk Risk Overview for People’s Bank Symantec Control Compliance Suite 11 7
Visualize and Understand IT Risk Business Unit Level View of Risk Risk Overview for Internet Banking Symantec Control Compliance Suite 11 8
Visualize and Understand IT Risk Balanced View of Business and Operational Metrics Drill down to technical details Symantec Control Compliance Suite 11 9
Prioritize Remediation Based on Risk Risk Modeling Symantec Control Compliance Suite 11 10
Prioritize Remediation Based on Risk Remediation Plan by Security Objective Review & finalize remediation plan Symantec Control Compliance Suite 11 11
Monitor Risk Reduction Over Time Manage Remediation Plans Track risk reduction for remediation plans Symantec Control Compliance Suite 11 12
Visualize and Understand IT Risk High Level Progress Reporting on Security Objectives Risk Overview for Internet Banking Review progress, discuss gaps and drive further actions, investments and accountability Symantec Control Compliance Suite 11 13
Key Benefits of Control Compliance Suite Risk Manager Visualize IT Risk • Holistic view of IT risk across the enterprise • Customized views for different audiences Translate into Business Terms • Business stakeholders make better decisions • IT operations prioritize based on business impact Drive Action to Reduce Risk • Relevant metrics drive awareness and action • Better justification for security investments Symantec Control Compliance Suite 11 14
Thank you! Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Symantec Control Compliance Suite 11 15

Recommandé

Control Compliance Suite 10
Control Compliance Suite 10Control Compliance Suite 10
Control Compliance Suite 10
Symantec
 
Symantec control compliance suite
Symantec control compliance suiteSymantec control compliance suite
Symantec control compliance suite
Symantec
 
Symantec Brightmail Gateway 9
Symantec Brightmail Gateway 9Symantec Brightmail Gateway 9
Symantec Brightmail Gateway 9
Symantec
 
IT GRC with Symantec
IT GRC with SymantecIT GRC with Symantec
IT GRC with Symantec
Arrow ECS UK
 
SPS Enterprise Family
SPS Enterprise FamilySPS Enterprise Family
SPS Enterprise Family
Symantec
 
Windows Host Access Management with CA Access Control
Windows Host Access Management with CA Access ControlWindows Host Access Management with CA Access Control
Windows Host Access Management with CA Access Control
webhostingguy
 
Symantec AntiSpam Complete Overview (PowerPoint)
Symantec AntiSpam Complete Overview (PowerPoint)Symantec AntiSpam Complete Overview (PowerPoint)
Symantec AntiSpam Complete Overview (PowerPoint)
webhostingguy
 
Fedramp developing-system-security-plan-slides
Fedramp developing-system-security-plan-slidesFedramp developing-system-security-plan-slides
Fedramp developing-system-security-plan-slides
Tuan Phan
 

Recommandé

Control Compliance Suite 10
Control Compliance Suite 10Control Compliance Suite 10
Control Compliance Suite 10
Symantec
 
Symantec control compliance suite
Symantec control compliance suiteSymantec control compliance suite
Symantec control compliance suite
Symantec
 
Symantec Brightmail Gateway 9
Symantec Brightmail Gateway 9Symantec Brightmail Gateway 9
Symantec Brightmail Gateway 9
Symantec
 
IT GRC with Symantec
IT GRC with SymantecIT GRC with Symantec
IT GRC with Symantec
Arrow ECS UK
 
SPS Enterprise Family
SPS Enterprise FamilySPS Enterprise Family
SPS Enterprise Family
Symantec
 
Windows Host Access Management with CA Access Control
Windows Host Access Management with CA Access ControlWindows Host Access Management with CA Access Control
Windows Host Access Management with CA Access Control
webhostingguy
 
Symantec AntiSpam Complete Overview (PowerPoint)
Symantec AntiSpam Complete Overview (PowerPoint)Symantec AntiSpam Complete Overview (PowerPoint)
Symantec AntiSpam Complete Overview (PowerPoint)
webhostingguy
 
Fedramp developing-system-security-plan-slides
Fedramp developing-system-security-plan-slidesFedramp developing-system-security-plan-slides
Fedramp developing-system-security-plan-slides
Tuan Phan
 
Barqa Edinburgh Final
Barqa Edinburgh FinalBarqa Edinburgh Final
Barqa Edinburgh Final
David Stephenson
 
Gpc case study_eng_0221
Gpc case study_eng_0221Gpc case study_eng_0221
Gpc case study_eng_0221
SALIH AHMED ISLAM
 
Getting started on fed ramp sec auth for csp
Getting started on fed ramp sec auth for cspGetting started on fed ramp sec auth for csp
Getting started on fed ramp sec auth for csp
Tuan Phan
 
Norman Patch and Remediation
Norman Patch and RemediationNorman Patch and Remediation
Norman Patch and Remediation
KavlieBorge
 
Managing Compliance
Managing ComplianceManaging Compliance
Managing Compliance
SecPod Technologies
 
FedRAMP 3PAO Training
FedRAMP 3PAO Training FedRAMP 3PAO Training
FedRAMP 3PAO Training
1ECG
 
Centralizing security on the mainframe
Centralizing security on the mainframeCentralizing security on the mainframe
Centralizing security on the mainframe
Arun Gopinath
 
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec
 
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareBMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
Mike Rizzo
 
AccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC ConvergenceAccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC Convergence
Stephen Tsuchiyama
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust
 
Nist.sp.800 37r2
Nist.sp.800 37r2Nist.sp.800 37r2
Nist.sp.800 37r2
newbie2019
 
Implementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWSImplementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWS
Amazon Web Services
 
TrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security Authorization
Tuan Phan
 
ITFM Business Brief
ITFM Business BriefITFM Business Brief
ITFM Business Brief
wdjohnson1
 
FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0
FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0
FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0
Valdez Ladd MBA, CISSP, CISA,
 
Federal Risk and Authorization Management Program (FedRAMP)
Federal Risk and Authorization Management Program (FedRAMP)Federal Risk and Authorization Management Program (FedRAMP)
Federal Risk and Authorization Management Program (FedRAMP)
GovCloud Network
 
CMMC Breakdown
CMMC BreakdownCMMC Breakdown
CMMC Breakdown
Ignyte Assurance Platform
 
Productivity Measurement by Dr. Bill Curtis
Productivity Measurement by Dr. Bill CurtisProductivity Measurement by Dr. Bill Curtis
Productivity Measurement by Dr. Bill Curtis
CISQ - Consortium for IT Software Quality
 
Fisma FedRAMP Drupal
Fisma FedRAMP DrupalFisma FedRAMP Drupal
Fisma FedRAMP Drupal
Mike Lemire
 
DSS ITSEC Conference 2012 - RISK & COMPLIANCE
DSS ITSEC Conference 2012 - RISK & COMPLIANCEDSS ITSEC Conference 2012 - RISK & COMPLIANCE
DSS ITSEC Conference 2012 - RISK & COMPLIANCE
Andris Soroka
 
Risk Management and Remediation
Risk Management and RemediationRisk Management and Remediation
Risk Management and Remediation
Carahsoft
 

Contenu connexe

Tendances

Getting started on fed ramp sec auth for csp
Getting started on fed ramp sec auth for cspGetting started on fed ramp sec auth for csp
Getting started on fed ramp sec auth for csp
Tuan Phan
 
FedRAMP 3PAO Training
FedRAMP 3PAO Training FedRAMP 3PAO Training
FedRAMP 3PAO Training
1ECG
 
Centralizing security on the mainframe
Centralizing security on the mainframeCentralizing security on the mainframe
Centralizing security on the mainframe
Arun Gopinath
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust
 

Tendances (20)

Barqa Edinburgh Final
Barqa Edinburgh FinalBarqa Edinburgh Final
Barqa Edinburgh Final
 
Gpc case study_eng_0221
Gpc case study_eng_0221Gpc case study_eng_0221
Gpc case study_eng_0221
 
Getting started on fed ramp sec auth for csp
Getting started on fed ramp sec auth for cspGetting started on fed ramp sec auth for csp
Getting started on fed ramp sec auth for csp
 
Norman Patch and Remediation
Norman Patch and RemediationNorman Patch and Remediation
Norman Patch and Remediation
 
Managing Compliance
Managing ComplianceManaging Compliance
Managing Compliance
 
FedRAMP 3PAO Training
FedRAMP 3PAO Training FedRAMP 3PAO Training
FedRAMP 3PAO Training
 
Centralizing security on the mainframe
Centralizing security on the mainframeCentralizing security on the mainframe
Centralizing security on the mainframe
 
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
 
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareBMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
 
AccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC ConvergenceAccelOps & SOC-NOC Convergence
AccelOps & SOC-NOC Convergence
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
 
Nist.sp.800 37r2
Nist.sp.800 37r2Nist.sp.800 37r2
Nist.sp.800 37r2
 
Implementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWSImplementing FISMA Moderate Applications on AWS
Implementing FISMA Moderate Applications on AWS
 
TrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security AuthorizationTrustedAgent FedRAMP Security Authorization
TrustedAgent FedRAMP Security Authorization
 
ITFM Business Brief
ITFM Business BriefITFM Business Brief
ITFM Business Brief
 
FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0
FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0
FedRAMP - Federal Agencies & Cloud Service Providers meet FISMA 2.0
 
Federal Risk and Authorization Management Program (FedRAMP)
Federal Risk and Authorization Management Program (FedRAMP)Federal Risk and Authorization Management Program (FedRAMP)
Federal Risk and Authorization Management Program (FedRAMP)
 
CMMC Breakdown
CMMC BreakdownCMMC Breakdown
CMMC Breakdown
 
Productivity Measurement by Dr. Bill Curtis
Productivity Measurement by Dr. Bill CurtisProductivity Measurement by Dr. Bill Curtis
Productivity Measurement by Dr. Bill Curtis
 
Fisma FedRAMP Drupal
Fisma FedRAMP DrupalFisma FedRAMP Drupal
Fisma FedRAMP Drupal
 

Similaire à Symantec Control Compliance Suite 11, February 2012

DSS ITSEC Conference 2012 - RISK & COMPLIANCE
DSS ITSEC Conference 2012 - RISK & COMPLIANCEDSS ITSEC Conference 2012 - RISK & COMPLIANCE
DSS ITSEC Conference 2012 - RISK & COMPLIANCE
Andris Soroka
 
Ta Security
Ta SecurityTa Security
Ta Security
jothsna
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_final
Arrow ECS UK
 
Solvency II - Programme Assurance
Solvency II - Programme AssuranceSolvency II - Programme Assurance
Solvency II - Programme Assurance
gainline
 
Corporate Presentation
Corporate PresentationCorporate Presentation
Corporate Presentation
Arul Nambi
 
Solvency - II Programme Setup
Solvency - II Programme SetupSolvency - II Programme Setup
Solvency - II Programme Setup
gainline
 
Cdesc dlp 105_ef_ilt
Cdesc dlp 105_ef_iltCdesc dlp 105_ef_ilt
Cdesc dlp 105_ef_ilt
vncsrabelo
 
Presentation crafting your active security management strategy 3 keys and 4...
Presentation crafting your active security management strategy 3 keys and 4...Presentation crafting your active security management strategy 3 keys and 4...
Presentation crafting your active security management strategy 3 keys and 4...
xKinAnx
 
Five Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersFive Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption Disasters
Venafi
 

Similaire à Symantec Control Compliance Suite 11, February 2012 (20)

DSS ITSEC Conference 2012 - RISK & COMPLIANCE
DSS ITSEC Conference 2012 - RISK & COMPLIANCEDSS ITSEC Conference 2012 - RISK & COMPLIANCE
DSS ITSEC Conference 2012 - RISK & COMPLIANCE
 
Risk Management and Remediation
Risk Management and RemediationRisk Management and Remediation
Risk Management and Remediation
 
AIA SOX Conference May 2009 - CCM & Data Analytics
AIA SOX Conference May 2009 - CCM & Data AnalyticsAIA SOX Conference May 2009 - CCM & Data Analytics
AIA SOX Conference May 2009 - CCM & Data Analytics
 
Ta Security
Ta SecurityTa Security
Ta Security
 
TA security
TA securityTA security
TA security
 
7 Mistakes of IT Security Compliance - and Steps to Avoid Them
7 Mistakes of IT Security Compliance - and Steps to Avoid Them7 Mistakes of IT Security Compliance - and Steps to Avoid Them
7 Mistakes of IT Security Compliance - and Steps to Avoid Them
 
Qradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_finalQradar ibm partner_enablement_220212_final
Qradar ibm partner_enablement_220212_final
 
Solvency II - Programme Assurance
Solvency II - Programme AssuranceSolvency II - Programme Assurance
Solvency II - Programme Assurance
 
Risk Management Methodology
Risk Management MethodologyRisk Management Methodology
Risk Management Methodology
 
How to implement interoperability
How to implement interoperabilityHow to implement interoperability
How to implement interoperability
 
Corporate Presentation
Corporate PresentationCorporate Presentation
Corporate Presentation
 
Solvency - II Programme Setup
Solvency - II Programme SetupSolvency - II Programme Setup
Solvency - II Programme Setup
 
TechNet Live spor 2 sesjon 4 - sc-forefront
TechNet Live spor 2 sesjon 4 - sc-forefrontTechNet Live spor 2 sesjon 4 - sc-forefront
TechNet Live spor 2 sesjon 4 - sc-forefront
 
Metrics, Risk Management & DLP
Metrics, Risk Management & DLPMetrics, Risk Management & DLP
Metrics, Risk Management & DLP
 
Schlegel RISK Assessment Engagements 2011
Schlegel RISK Assessment Engagements 2011Schlegel RISK Assessment Engagements 2011
Schlegel RISK Assessment Engagements 2011
 
Cdesc dlp 105_ef_ilt
Cdesc dlp 105_ef_iltCdesc dlp 105_ef_ilt
Cdesc dlp 105_ef_ilt
 
Integrating Internal Controls
Integrating Internal Controls Integrating Internal Controls
Integrating Internal Controls
 
Sym Sure Loan Portfolio
Sym Sure Loan PortfolioSym Sure Loan Portfolio
Sym Sure Loan Portfolio
 
Presentation crafting your active security management strategy 3 keys and 4...
Presentation crafting your active security management strategy 3 keys and 4...Presentation crafting your active security management strategy 3 keys and 4...
Presentation crafting your active security management strategy 3 keys and 4...
 
Five Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersFive Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption Disasters
 

Plus de Symantec

Plus de Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 

Dernier

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 

Dernier (20)

Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Symantec Control Compliance Suite 11, February 2012

  • 1. Symantec Control Compliance Suite 11 February 14, 2012
  • 2. Connecting IT Risk to the Business • 70% of security decision makers report increased executive awareness of IT security due to high profile attacks and breaches • Changes to IT risk management programs that would have the most positive impact on business counterparts – 47%: better explain the value of security in business terms – 44%: provide more accurate and timely data – 40%: more frequent reporting of risk and compliance data Symantec Control Compliance Suite 11 2
  • 3. Organizational Evolution From Compliance to Business Risk Management Build Connect to sustainable business Focus on risk program top priorities Stay ahead of threats Comply with key mandates Only 1 in 8 best performing organizations feel Info Sec can influence business decisions Source: Information Risk Executive Council, 2011 Symantec Control Compliance Suite 11 3
  • 4. Structured Approach to Addressing IT Risk and Compliance Stakeholders Security / Audit IT / Operations Business / Mgmt. 1. PLAN 3. REPORT Define policy and Customize reports for IT risk objectives multiple stakeholders 2. ASSESS 4. REMEDIATE Assess environment Remediate based on against objectives highest priority risks Environment Symantec Control Compliance Suite 11 4
  • 5. Symantec Control Compliance Suite Stakeholders Security / Audit IT / Operations Business / Mgmt. PLAN REPORT • Demonstrate compliance to multiple • Define Policy risk objectives CCS business CCS Risk CCS Reporting CCS Dynamic Manager Manager* stakeholders • Create policies for multiple mandates • Correlate risk across business assets & Analytics Dashboards • Map to controls and de-duplicate CCS Content • High level dashboards with drill down EVIDENCE ASSETS CONTROLS ASSESS REMEDIATE • Identify deviations from technical Symantec Data Extended Data CCS Standards CCS Response Vulnerability 3rd Party • Risk-based prioritization Symantec Assessment Connectors Connectors standards Symantec Manager Manager Manager • Discover critical vulnerabilities • Closed loop tracking of deficiencies Ticketing Workflow ServiceDesk CCS • Evaluate procedural controls • Integration Integration systems with ticketing Integration • Combine data from 3rd party sources Environment Symantec Control Compliance Suite 11 5 * Planned new product. Roadmap subject to change.
  • 6. Control Compliance Suite Risk Manager  Define a business asset you want to manage  Visualize and understand IT risk for this business asset  Prioritize remediation based on IT risk, not technical severity  Monitor risk reduction over time Symantec Control Compliance Suite 11 6
  • 7. Visualize and Understand IT Risk Enterprise Wide View of Business Risk Risk Overview for People’s Bank Symantec Control Compliance Suite 11 7
  • 8. Visualize and Understand IT Risk Business Unit Level View of Risk Risk Overview for Internet Banking Symantec Control Compliance Suite 11 8
  • 9. Visualize and Understand IT Risk Balanced View of Business and Operational Metrics Drill down to technical details Symantec Control Compliance Suite 11 9
  • 10. Prioritize Remediation Based on Risk Risk Modeling Symantec Control Compliance Suite 11 10
  • 11. Prioritize Remediation Based on Risk Remediation Plan by Security Objective Review & finalize remediation plan Symantec Control Compliance Suite 11 11
  • 12. Monitor Risk Reduction Over Time Manage Remediation Plans Track risk reduction for remediation plans Symantec Control Compliance Suite 11 12
  • 13. Visualize and Understand IT Risk High Level Progress Reporting on Security Objectives Risk Overview for Internet Banking Review progress, discuss gaps and drive further actions, investments and accountability Symantec Control Compliance Suite 11 13
  • 14. Key Benefits of Control Compliance Suite Risk Manager Visualize IT Risk • Holistic view of IT risk across the enterprise • Customized views for different audiences Translate into Business Terms • Business stakeholders make better decisions • IT operations prioritize based on business impact Drive Action to Reduce Risk • Relevant metrics drive awareness and action • Better justification for security investments Symantec Control Compliance Suite 11 14
  • 15. Thank you! Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Symantec Control Compliance Suite 11 15