Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
Session ID:
Session Classification:
Vicente Aceituno @vaceituno
Inovement Spain
GRC-T08B
Intermediate
Case Study: Bankia
R...
Presenter Logo
#RSAC
Maturity
►A measure of the ability to
improve often over time
Presenter Logo
#RSAC
Bankia
►4th Biggest bank in Spain with 12 million customers
►Took the decision to implement O-ISM3 fo...
Presenter Logo
#RSAC
Return Of Investment and Maturity
ROI
Maturity
Penetration
Testing
White Box
P.T.
Lifecycle
Integrati...
Presenter Logo
#RSAC
Improvement
►Achieving higher value
with the same resources
►Achieving the same value
with fewer reso...
Presenter Logo
#RSAC
Improvement
►Producing
Results
►Contribute to
Business Needs
►Setting
Priorities
►Better Use of
Resou...
Presenter Logo
#RSAC
Continuous Improvement ToolBox
Metrics Security
Objectives
Analysis
Processes Knowledge
Management
Presenter Logo
#RSAC
Continuous Improvement Benefits
►Effortless definition of
SLA’s.
►Feedback.
►Application Classificati...
Presenter Logo
#RSAC
Higher Maturity Results
0
50
100
150
200
250
2008 2009 2010 2011 2012
Weaknesses
Fixed
Euros / Weakne...
Presenter Logo
#RSAC
Higher Maturity Results
0
50
100
150
200
250
300
350
400
2008 2009 2010 2011 2012
Application Securit...
Presenter Logo
#RSAC
Last Messages
►Maturity is a measure of the ability for continuous
improvement.
►Achieving high level...
Information Security that makes Business Sense
inovement.es/oism3
Web www.inovement.es
Video Blog youtube.com/user/vaceitu...
Prochain SlideShare
Chargement dans…5
×

RSA CONFERENCE EUROPE 2013 - Bankia reaching high maturit levels with O-ISM3: A Success Case

6 000 vues

Publié le

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

RSA CONFERENCE EUROPE 2013 - Bankia reaching high maturit levels with O-ISM3: A Success Case

  1. 1. Session ID: Session Classification: Vicente Aceituno @vaceituno Inovement Spain GRC-T08B Intermediate Case Study: Bankia Reaching the Highest Maturity Levels
  2. 2. Presenter Logo #RSAC Maturity ►A measure of the ability to improve often over time
  3. 3. Presenter Logo #RSAC Bankia ►4th Biggest bank in Spain with 12 million customers ►Took the decision to implement O-ISM3 for application security testing in late 2008 ►The Application Security team achieved an Optimized maturity level in 6 months
  4. 4. Presenter Logo #RSAC Return Of Investment and Maturity ROI Maturity Penetration Testing White Box P.T. Lifecycle Integration Secure Design Continuous Improvement
  5. 5. Presenter Logo #RSAC Improvement ►Achieving higher value with the same resources ►Achieving the same value with fewer resources
  6. 6. Presenter Logo #RSAC Improvement ►Producing Results ►Contribute to Business Needs ►Setting Priorities ►Better Use of Resources
  7. 7. Presenter Logo #RSAC Continuous Improvement ToolBox Metrics Security Objectives Analysis Processes Knowledge Management
  8. 8. Presenter Logo #RSAC Continuous Improvement Benefits ►Effortless definition of SLA’s. ►Feedback. ►Application Classification according to Business Criteria. ►Better Communication. ►Efficient allocation of resources. ►Better distribution of responsibilities. ►Uniform results regardless of who performs a task. ►No vendor lock-in.
  9. 9. Presenter Logo #RSAC Higher Maturity Results 0 50 100 150 200 250 2008 2009 2010 2011 2012 Weaknesses Fixed Euros / Weakness Fixed Weaknesses / Application Security Test
  10. 10. Presenter Logo #RSAC Higher Maturity Results 0 50 100 150 200 250 300 350 400 2008 2009 2010 2011 2012 Application Security Tests Euros / Application Security Test Application Security Test Workload
  11. 11. Presenter Logo #RSAC Last Messages ►Maturity is a measure of the ability for continuous improvement. ►Achieving high levels of maturity can be hard if you don’t know how. ►High maturity is about working smart, not hard. ►Bankia saved time and money, improved the security of their applications, the communication between teams, and avoided vendor lock-in.
  12. 12. Information Security that makes Business Sense inovement.es/oism3 Web www.inovement.es Video Blog youtube.com/user/vaceituno Blog ism3.com Twitter twitter.com/vaceituno Presentations slideshare.net/vaceituno/presentations Articles slideshare.net/vaceituno/documents
  13. 13. Thank you! #RSAC Vicente Aceituno Inovement Spain @vaceituno vaceituno@inovement.es www.inovement.es

×