SlideShare une entreprise Scribd logo

Real Time Risk Management

Télécharger en tant que PPTX, PDF
Mike Popham MBA PhD CPEng FRSA
Mike Popham MBA PhD CPEng FRSA

Integrated Physical, Environmental, Information, Risk Measures and Controls in Real Time for Measured Protection

Technologie
1  sur  16
13 e 14 de Março de 2013 Mr. Mike Popham MBA FRSA Brasília - Brasil Partner Syndicus IS LLP mike.popham@syndicusis.com +44 797 650 4897
Proteus ® Real Time Risk Operations Integrated Physical, Environmental, Information, Risk Measures and Controls in Real Time for Measured Protection Mr. Mike Popham MBA FRSA Partner Syndicus IS LLP mike.popham@syndicusis.com +44 797 650 4897 2
Proteus® Real Time Risk Operations AGENDA  Presentation of Syndicus IS LLP  Real Time GRC Operations Service Benefits  Multi-faceted Governance, Risk and Compliance Activities  Proteus GRC Engine  Proteus iGRC Engine  Real Time Demonstrator 3
Proteus® Real Time Risk Operations SYNDICUS INFORMATION SECURITY LLP
Proteus® Real Time Risk MAKING PROTECTION MORE COMPLETE Physical Security Sensors Information Management, Security Specialists, and Users Environmental Sensors facilitating processes Sensors together using best practices, harnessed in Asset Based technologies integrated Health & Risk for best protective Safety Assessment effect in real time Controls Real Time Risk Management Demonstration Impact on Click Here see Process and “Geoff Ibbett and Continuity Team” 2nd down on right
Proteus® Real Time Risk Operations MULTI-FACETED GRC A ‘dashboard’ bridges the gap between the complexity of the subject and senior management Flexible reporting to enable the audit committee to quickly evaluate the company’s risk Gather information from subject matter experts and add value through integration of data Compliance (Gap Analysis) for any Standard, Regulation, or Legislation 6
Proteus® Real Time Risk INTEGRATED GRC FACETS
Proteus® Time Risk Operations SERVICE BENEFITS Benefits of the Service  Dedicated physical, information, environmental security, H&S controls etc with integrated risk management professionals working to best practice, e.g. ISO 27001, ISO 9001 etc etc to meet the GRC needs of the enterprise  In-depth range of validation measures are included in the service  Reports on compliance and risk status and progress are available to the customer within minutes of data input and analysis  Your dedicated information security and risk management professions all work from a leading GRC engine that interrelates compliance, risk and business continuity status into the process oriented business impact assessment  Departmental specific GRC performance is available  GRC engine integrates with fraud and cyber/network sensors/agents for real time risk management 8
Proteus® Real Time Risk Operations TRANSFORMING ENTERPRISE CONTROL Controlling the Enterprise  Centralized Asset Register  Single Repository for Policies and Documents, plus dissemination and e-examination  Gap analysis – status of alignment to standards and non-conformities  Identification of impact of risk on assets and business processes  Integrates incident management and mitigation / improvements  Consistent and easy visibility of global reporting  Rapid installation, via the web as necessary  Designed for configurability  Extensions available, e.g. active directory, single sign on  Intuitive interface and multi-site access worldwide, via the web  Transforms governance dynamics  Provides new opportunities and significant improvements in governance, risk and compliance  BIA, BCP, assigning tasks and accountability, action planner and work-flow sign-off  Offers tangible productivity enhancements (capacity building)  Extends to operations domain via Proteus iGRC  Offers a real return on investment 9
Proteus® Real Time Risk Operations SPREAD OF BEST PRACTICES Referencing Best Practice Supports a set of rules and has a capacity for rapid transition / integration rules customizable (2 months)  ISO 27001, Information Security Management, ISMS / ISMS  BS 25999 (ISO 22301) - Business Continuity Management  PCI DSS - Payment Card Industry Data Security  BS 10012 - Data Protection, Specification for a Personal Information Management System  ISO 9001 - Quality management of businesses  ISO 14001 - Environmental Management  ISO 20000 - Service Management, Information, products and services to support  Cobit 4.1 - Control Objectives for Information and related Technology  Physical Controls 10
Proteus® Real Time Risk Operations SENSORS/AGENTS IN THE MIX Multi-Disciplinary Teams  Preparing the organization for the future  Achieve compliance, perform risk management, assess impacts, demonstrate proper governance  Conduct real time risk management operations via sensors and agents, e.g.: Governance,  Physical security controls Policies,  Information security controls Processes,  Health and safety controls Procedures Management  Environmental controls  Risk measures  Service Continuity Proteus Enterprise Risk, International Standards BIA, BCM, ISO Threats and Mitigations 11
Proteus® Real Time Risk Operations REPORTS STATUS NOW No Delays Reporting Status  Assets control  Central Panel, Dashboard  Overview cover losses  Chart threats  Risk Analysis and Evaluation  Operational impact  Financial Impact  State regulatory  Extensions  Real time interface 12
Proteus® Real Time Risk Operations FIRST TO MARKET WITH PATENT 13
Proteus® Real Time Risk Operations WIDEST POSSIBLE INTEGRATION SCOPE Detection systems deployed in Proteus® iGRC (Banking Example) anomaly detection, anti-virus, data security, enterprise security, federated identity, intrusion detection and prevention, malware and malware removal, messaging security, multifactor authentication, patch management, PC security, secure remote administration, Normal Operations security policy management, threat management, transaction monitoring, user authentication, web security, log management and analysis (SIEM), configuration assessment / vulnerability detection anomaly detection, federated identity, messaging security, multifactor authentication, Cards (present and security policy management, threat management, transaction monitoring, user not present) authentication, web security, log management and analysis (SIEM), configuration assessment / vulnerability detection anti-virus, collaboration security, data security, enterprise security, federated identity, Internet, Mobile malware and malware removal, messaging security, multifactor authentication, patch channels, and POS management, PC security, secure remote administration, security policy management, Channels threat management, transaction monitoring, user authentication, web security, log management and analysis (SIEM), configuration assessment / vulnerability detection 14
Proteus® Real Time Risk Operations VIEW THE DEMONSTRATOR  Increased complexity due to cyber and terrorist threats Real Time Risk Management Demonstration  Physical Controls Management  Environmental Controls Management  Information Security Controls Management Click Here  Health and Safety Controls Management see  Action Plans and On-Line Audits “Geoff Ibbett and Team”  Business Impact Assessments 2nd down on right  Business Continuity Assessments 15
Proteus® Real Time Risk Operations CONTACT THE TEAM Workshops • Cyber protection technologies • Governance, risk and compliance • Real Time Risk management • Review of latest cyber sensors and agents: • Their benefits and effects • Current gaps in protective capability • Cyber risk management techniques: • Cyber protection best practice • Extension of best practice into managed reality Mr. Mike Popham MBA FRSA • Business impact analysis Partner Syndicus IS LLP • Governance in era of advanced GRC technology mike.popham@syndicusis.com • Transformational for cyber protection +44 797 650 4897 Syndicus Information Security LLP, Suite 36, 88-90 Hatton Garden, Holborn, London, EC1N 8PG, UK +44 (0)845 260 2465 info@syndicusis.com www.syndicusis.com 16

Recommandé

Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
MetricStream Inc
 
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear LLC
 
PCSG Corporate Overview
PCSG Corporate OverviewPCSG Corporate Overview
PCSG Corporate Overview
jayallen77
 
Petronas Project Oversight and Corporate Governance System Requirements
Petronas Project Oversight and Corporate Governance System RequirementsPetronas Project Oversight and Corporate Governance System Requirements
Petronas Project Oversight and Corporate Governance System Requirements
Darren Surin, BSc, MBA, PMP, ITIL
 
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...
Oracle
 
Agiliance Risk Vision
Agiliance Risk VisionAgiliance Risk Vision
Agiliance Risk Vision
agiliancecommunity
 
Review the five signs that you need a new Segregation of Duties compliance st...
Review the five signs that you need a new Segregation of Duties compliance st...Review the five signs that you need a new Segregation of Duties compliance st...
Review the five signs that you need a new Segregation of Duties compliance st...
Symmetry™
 
Cloud Computing - Emerging Opportunities in the CA Profession
Cloud Computing - Emerging Opportunities in the CA ProfessionCloud Computing - Emerging Opportunities in the CA Profession
Cloud Computing - Emerging Opportunities in the CA Profession
Bharath Rao
 

Recommandé

Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
MetricStream Inc
 
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear LLC
 
PCSG Corporate Overview
PCSG Corporate OverviewPCSG Corporate Overview
PCSG Corporate Overview
jayallen77
 
Petronas Project Oversight and Corporate Governance System Requirements
Petronas Project Oversight and Corporate Governance System RequirementsPetronas Project Oversight and Corporate Governance System Requirements
Petronas Project Oversight and Corporate Governance System Requirements
Darren Surin, BSc, MBA, PMP, ITIL
 
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...
Stop the fraudster! Pennsylvania Treasury, Industry Expert Chris Doxey and Fu...
Oracle
 
Agiliance Risk Vision
Agiliance Risk VisionAgiliance Risk Vision
Agiliance Risk Vision
agiliancecommunity
 
Review the five signs that you need a new Segregation of Duties compliance st...
Review the five signs that you need a new Segregation of Duties compliance st...Review the five signs that you need a new Segregation of Duties compliance st...
Review the five signs that you need a new Segregation of Duties compliance st...
Symmetry™
 
Cloud Computing - Emerging Opportunities in the CA Profession
Cloud Computing - Emerging Opportunities in the CA ProfessionCloud Computing - Emerging Opportunities in the CA Profession
Cloud Computing - Emerging Opportunities in the CA Profession
Bharath Rao
 
Mapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information SecurityMapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information Security
Redspin, Inc.
 
Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011
Redspin, Inc.
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT Security
Seccuris Inc.
 
Comodo SOC service provider
Comodo SOC service providerComodo SOC service provider
Comodo SOC service provider
paulharry03
 
Sunera Business & Technology Risk Consulting
Sunera Business & Technology Risk ConsultingSunera Business & Technology Risk Consulting
Sunera Business & Technology Risk Consulting
Sunera
 
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
Raleigh ISSA
 
Principles of Holistic Information Governance
Principles of Holistic Information GovernancePrinciples of Holistic Information Governance
Principles of Holistic Information Governance
PHIGs Information Management Consulting Inc.
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0
Maganathin Veeraragaloo
 
InDefend-Integrated Data Privacy Offerings
InDefend-Integrated Data Privacy Offerings InDefend-Integrated Data Privacy Offerings
InDefend-Integrated Data Privacy Offerings
Data Resolve Technologies Pvt. Ltd.
 
Advantages of an integrated governance, risk and compliance environment
Advantages of an integrated governance, risk and compliance environmentAdvantages of an integrated governance, risk and compliance environment
Advantages of an integrated governance, risk and compliance environment
IBM Analytics
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
DFLABS SRL
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?
rbrockway
 
Designing Enhanced Supervision for the Evolving Wealth Management Ecosystem
Designing Enhanced Supervision for the Evolving Wealth Management EcosystemDesigning Enhanced Supervision for the Evolving Wealth Management Ecosystem
Designing Enhanced Supervision for the Evolving Wealth Management Ecosystem
accenture
 
BMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 YearsBMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 Years
Chris Farwell
 
Business Intelligence: Realizing the Benefits of a Data-Driven Journey
Business Intelligence: Realizing the Benefits of a Data-Driven JourneyBusiness Intelligence: Realizing the Benefits of a Data-Driven Journey
Business Intelligence: Realizing the Benefits of a Data-Driven Journey
Rob Williams
 
Insurance rating software market
Insurance rating software marketInsurance rating software market
Insurance rating software market
HarshalBamble
 
Disaster Recovery and Business Continuity for Your Clinical and Safety Systems
Disaster Recovery and Business Continuity for Your Clinical and Safety SystemsDisaster Recovery and Business Continuity for Your Clinical and Safety Systems
Disaster Recovery and Business Continuity for Your Clinical and Safety Systems
Perficient, Inc.
 
Business Intelligence and Data Security for Long-Term Care Financial Professi...
Business Intelligence and Data Security for Long-Term Care Financial Professi...Business Intelligence and Data Security for Long-Term Care Financial Professi...
Business Intelligence and Data Security for Long-Term Care Financial Professi...
Gross, Mendelsohn & Associates
 
Information Security By Design
Information Security By DesignInformation Security By Design
Information Security By Design
Nalneesh Gaur
 
Ta Security
Ta SecurityTa Security
Ta Security
jothsna
 
TA security
TA securityTA security
TA security
kesavars
 

Contenu connexe

Tendances

Sunera Business & Technology Risk Consulting
Sunera Business & Technology Risk ConsultingSunera Business & Technology Risk Consulting
Sunera Business & Technology Risk Consulting
Sunera
 
BMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 YearsBMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 Years
Chris Farwell
 
Disaster Recovery and Business Continuity for Your Clinical and Safety Systems
Disaster Recovery and Business Continuity for Your Clinical and Safety SystemsDisaster Recovery and Business Continuity for Your Clinical and Safety Systems
Disaster Recovery and Business Continuity for Your Clinical and Safety Systems
Perficient, Inc.
 

Tendances (19)

Mapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information SecurityMapping Application Security to Business Value - Redspin Information Security
Mapping Application Security to Business Value - Redspin Information Security
 
Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011
 
Making Executives Accountable for IT Security
Making Executives Accountable for IT SecurityMaking Executives Accountable for IT Security
Making Executives Accountable for IT Security
 
Comodo SOC service provider
Comodo SOC service providerComodo SOC service provider
Comodo SOC service provider
 
Sunera Business & Technology Risk Consulting
Sunera Business & Technology Risk ConsultingSunera Business & Technology Risk Consulting
Sunera Business & Technology Risk Consulting
 
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
 
Principles of Holistic Information Governance
Principles of Holistic Information GovernancePrinciples of Holistic Information Governance
Principles of Holistic Information Governance
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0
 
InDefend-Integrated Data Privacy Offerings
InDefend-Integrated Data Privacy Offerings InDefend-Integrated Data Privacy Offerings
InDefend-Integrated Data Privacy Offerings
 
Advantages of an integrated governance, risk and compliance environment
Advantages of an integrated governance, risk and compliance environmentAdvantages of an integrated governance, risk and compliance environment
Advantages of an integrated governance, risk and compliance environment
 
COBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORKCOBIT 2019 - DIGITAL TRUST FRAMEWORK
COBIT 2019 - DIGITAL TRUST FRAMEWORK
 
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
Using the IncMan Suite to Manage the Reporting of Cyber Security Risks and In...
 
Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?Does Anyone Remember Enterprise Security Architecture?
Does Anyone Remember Enterprise Security Architecture?
 
Designing Enhanced Supervision for the Evolving Wealth Management Ecosystem
Designing Enhanced Supervision for the Evolving Wealth Management EcosystemDesigning Enhanced Supervision for the Evolving Wealth Management Ecosystem
Designing Enhanced Supervision for the Evolving Wealth Management Ecosystem
 
BMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 YearsBMC Discovery IDC Research Study 470 ROI in 5 Years
BMC Discovery IDC Research Study 470 ROI in 5 Years
 
Business Intelligence: Realizing the Benefits of a Data-Driven Journey
Business Intelligence: Realizing the Benefits of a Data-Driven JourneyBusiness Intelligence: Realizing the Benefits of a Data-Driven Journey
Business Intelligence: Realizing the Benefits of a Data-Driven Journey
 
Insurance rating software market
Insurance rating software marketInsurance rating software market
Insurance rating software market
 
Disaster Recovery and Business Continuity for Your Clinical and Safety Systems
Disaster Recovery and Business Continuity for Your Clinical and Safety SystemsDisaster Recovery and Business Continuity for Your Clinical and Safety Systems
Disaster Recovery and Business Continuity for Your Clinical and Safety Systems
 
Business Intelligence and Data Security for Long-Term Care Financial Professi...
Business Intelligence and Data Security for Long-Term Care Financial Professi...Business Intelligence and Data Security for Long-Term Care Financial Professi...
Business Intelligence and Data Security for Long-Term Care Financial Professi...
 

Similaire à Real Time Risk Management

Information Security By Design
Information Security By DesignInformation Security By Design
Information Security By Design
Nalneesh Gaur
 
Ta Security
Ta SecurityTa Security
Ta Security
jothsna
 
Pioneering Process Safety Management: The Future Outlook
Pioneering Process Safety Management: The Future OutlookPioneering Process Safety Management: The Future Outlook
Pioneering Process Safety Management: The Future Outlook
soginsider
 
Information Security Cost Effective Managed Services
Information Security Cost Effective Managed ServicesInformation Security Cost Effective Managed Services
Information Security Cost Effective Managed Services
Jorge Sebastiao
 
Financial Risk Management: Integrated Solutions to Help Financial Institution...
Financial Risk Management: Integrated Solutions to Help Financial Institution...Financial Risk Management: Integrated Solutions to Help Financial Institution...
Financial Risk Management: Integrated Solutions to Help Financial Institution...
IBM Banking
 

Similaire à Real Time Risk Management (20)

Information Security By Design
Information Security By DesignInformation Security By Design
Information Security By Design
 
Ta Security
Ta SecurityTa Security
Ta Security
 
TA security
TA securityTA security
TA security
 
Data Integrity Protection
Data Integrity ProtectionData Integrity Protection
Data Integrity Protection
 
Agiliance Risk Vision
Agiliance Risk VisionAgiliance Risk Vision
Agiliance Risk Vision
 
Pioneering Process Safety Management: The Future Outlook
Pioneering Process Safety Management: The Future OutlookPioneering Process Safety Management: The Future Outlook
Pioneering Process Safety Management: The Future Outlook
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
 
Security Patterns How To Make Security Arch Easy To Consume
Security Patterns How To Make Security Arch Easy To ConsumeSecurity Patterns How To Make Security Arch Easy To Consume
Security Patterns How To Make Security Arch Easy To Consume
 
Information Security Cost Effective Managed Services
Information Security Cost Effective Managed ServicesInformation Security Cost Effective Managed Services
Information Security Cost Effective Managed Services
 
Gainful Information Security 2012 services
Gainful Information Security 2012 servicesGainful Information Security 2012 services
Gainful Information Security 2012 services
 
Handling risk
Handling riskHandling risk
Handling risk
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
 
Database development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwgDatabase development and security certification and accreditation plan pitwg
Database development and security certification and accreditation plan pitwg
 
SYMCAnnual
SYMCAnnualSYMCAnnual
SYMCAnnual
 
Outlook emerging security_technology_trends
Outlook emerging security_technology_trendsOutlook emerging security_technology_trends
Outlook emerging security_technology_trends
 
ISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTINGISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTING
 
FIS Profile Summary V7.3
FIS Profile Summary V7.3FIS Profile Summary V7.3
FIS Profile Summary V7.3
 
Financial Risk Management: Integrated Solutions to Help Financial Institution...
Financial Risk Management: Integrated Solutions to Help Financial Institution...Financial Risk Management: Integrated Solutions to Help Financial Institution...
Financial Risk Management: Integrated Solutions to Help Financial Institution...
 
Riskpro Information Risk Management
Riskpro Information Risk ManagementRiskpro Information Risk Management
Riskpro Information Risk Management
 
Riskpro Information Risk Management
Riskpro Information Risk ManagementRiskpro Information Risk Management
Riskpro Information Risk Management
 

Dernier

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Dernier (20)

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

Real Time Risk Management

  • 1. 13 e 14 de Março de 2013 Mr. Mike Popham MBA FRSA Brasília - Brasil Partner Syndicus IS LLP mike.popham@syndicusis.com +44 797 650 4897
  • 2. Proteus ® Real Time Risk Operations Integrated Physical, Environmental, Information, Risk Measures and Controls in Real Time for Measured Protection Mr. Mike Popham MBA FRSA Partner Syndicus IS LLP mike.popham@syndicusis.com +44 797 650 4897 2
  • 3. Proteus® Real Time Risk Operations AGENDA  Presentation of Syndicus IS LLP  Real Time GRC Operations Service Benefits  Multi-faceted Governance, Risk and Compliance Activities  Proteus GRC Engine  Proteus iGRC Engine  Real Time Demonstrator 3
  • 4. Proteus® Real Time Risk Operations SYNDICUS INFORMATION SECURITY LLP
  • 5. Proteus® Real Time Risk MAKING PROTECTION MORE COMPLETE Physical Security Sensors Information Management, Security Specialists, and Users Environmental Sensors facilitating processes Sensors together using best practices, harnessed in Asset Based technologies integrated Health & Risk for best protective Safety Assessment effect in real time Controls Real Time Risk Management Demonstration Impact on Click Here see Process and “Geoff Ibbett and Continuity Team” 2nd down on right
  • 6. Proteus® Real Time Risk Operations MULTI-FACETED GRC A ‘dashboard’ bridges the gap between the complexity of the subject and senior management Flexible reporting to enable the audit committee to quickly evaluate the company’s risk Gather information from subject matter experts and add value through integration of data Compliance (Gap Analysis) for any Standard, Regulation, or Legislation 6
  • 7. Proteus® Real Time Risk INTEGRATED GRC FACETS
  • 8. Proteus® Time Risk Operations SERVICE BENEFITS Benefits of the Service  Dedicated physical, information, environmental security, H&S controls etc with integrated risk management professionals working to best practice, e.g. ISO 27001, ISO 9001 etc etc to meet the GRC needs of the enterprise  In-depth range of validation measures are included in the service  Reports on compliance and risk status and progress are available to the customer within minutes of data input and analysis  Your dedicated information security and risk management professions all work from a leading GRC engine that interrelates compliance, risk and business continuity status into the process oriented business impact assessment  Departmental specific GRC performance is available  GRC engine integrates with fraud and cyber/network sensors/agents for real time risk management 8
  • 9. Proteus® Real Time Risk Operations TRANSFORMING ENTERPRISE CONTROL Controlling the Enterprise  Centralized Asset Register  Single Repository for Policies and Documents, plus dissemination and e-examination  Gap analysis – status of alignment to standards and non-conformities  Identification of impact of risk on assets and business processes  Integrates incident management and mitigation / improvements  Consistent and easy visibility of global reporting  Rapid installation, via the web as necessary  Designed for configurability  Extensions available, e.g. active directory, single sign on  Intuitive interface and multi-site access worldwide, via the web  Transforms governance dynamics  Provides new opportunities and significant improvements in governance, risk and compliance  BIA, BCP, assigning tasks and accountability, action planner and work-flow sign-off  Offers tangible productivity enhancements (capacity building)  Extends to operations domain via Proteus iGRC  Offers a real return on investment 9
  • 10. Proteus® Real Time Risk Operations SPREAD OF BEST PRACTICES Referencing Best Practice Supports a set of rules and has a capacity for rapid transition / integration rules customizable (2 months)  ISO 27001, Information Security Management, ISMS / ISMS  BS 25999 (ISO 22301) - Business Continuity Management  PCI DSS - Payment Card Industry Data Security  BS 10012 - Data Protection, Specification for a Personal Information Management System  ISO 9001 - Quality management of businesses  ISO 14001 - Environmental Management  ISO 20000 - Service Management, Information, products and services to support  Cobit 4.1 - Control Objectives for Information and related Technology  Physical Controls 10
  • 11. Proteus® Real Time Risk Operations SENSORS/AGENTS IN THE MIX Multi-Disciplinary Teams  Preparing the organization for the future  Achieve compliance, perform risk management, assess impacts, demonstrate proper governance  Conduct real time risk management operations via sensors and agents, e.g.: Governance,  Physical security controls Policies,  Information security controls Processes,  Health and safety controls Procedures Management  Environmental controls  Risk measures  Service Continuity Proteus Enterprise Risk, International Standards BIA, BCM, ISO Threats and Mitigations 11
  • 12. Proteus® Real Time Risk Operations REPORTS STATUS NOW No Delays Reporting Status  Assets control  Central Panel, Dashboard  Overview cover losses  Chart threats  Risk Analysis and Evaluation  Operational impact  Financial Impact  State regulatory  Extensions  Real time interface 12
  • 13. Proteus® Real Time Risk Operations FIRST TO MARKET WITH PATENT 13
  • 14. Proteus® Real Time Risk Operations WIDEST POSSIBLE INTEGRATION SCOPE Detection systems deployed in Proteus® iGRC (Banking Example) anomaly detection, anti-virus, data security, enterprise security, federated identity, intrusion detection and prevention, malware and malware removal, messaging security, multifactor authentication, patch management, PC security, secure remote administration, Normal Operations security policy management, threat management, transaction monitoring, user authentication, web security, log management and analysis (SIEM), configuration assessment / vulnerability detection anomaly detection, federated identity, messaging security, multifactor authentication, Cards (present and security policy management, threat management, transaction monitoring, user not present) authentication, web security, log management and analysis (SIEM), configuration assessment / vulnerability detection anti-virus, collaboration security, data security, enterprise security, federated identity, Internet, Mobile malware and malware removal, messaging security, multifactor authentication, patch channels, and POS management, PC security, secure remote administration, security policy management, Channels threat management, transaction monitoring, user authentication, web security, log management and analysis (SIEM), configuration assessment / vulnerability detection 14
  • 15. Proteus® Real Time Risk Operations VIEW THE DEMONSTRATOR  Increased complexity due to cyber and terrorist threats Real Time Risk Management Demonstration  Physical Controls Management  Environmental Controls Management  Information Security Controls Management Click Here  Health and Safety Controls Management see  Action Plans and On-Line Audits “Geoff Ibbett and Team”  Business Impact Assessments 2nd down on right  Business Continuity Assessments 15
  • 16. Proteus® Real Time Risk Operations CONTACT THE TEAM Workshops • Cyber protection technologies • Governance, risk and compliance • Real Time Risk management • Review of latest cyber sensors and agents: • Their benefits and effects • Current gaps in protective capability • Cyber risk management techniques: • Cyber protection best practice • Extension of best practice into managed reality Mr. Mike Popham MBA FRSA • Business impact analysis Partner Syndicus IS LLP • Governance in era of advanced GRC technology mike.popham@syndicusis.com • Transformational for cyber protection +44 797 650 4897 Syndicus Information Security LLP, Suite 36, 88-90 Hatton Garden, Holborn, London, EC1N 8PG, UK +44 (0)845 260 2465 info@syndicusis.com www.syndicusis.com 16