logging in or signing up Security Posture Assessment mdavidson58 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 929 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: January 29, 2009 This Presentation is Public Favorites: 0 Presentation Description Tool used to Measure and Plan for Corporate Security Environments Comments Posting comment... Premium member Presentation Transcript Security Posture Assessment : Copyright (c) DMS Consulting LLC 2008 Security Posture Assessment Agenda : Copyright (c) DMS Consulting LLC 2008 Agenda What is a SPA? Why SPA? Example How to succeed with SPA Customer Successes How can your company make money? What is a Security Posture Assessment? : Copyright (c) DMS Consulting LLC 2008 What is a Security Posture Assessment? A tool used to objectively measure the current state of a corporations security risks. Contains over 850 independent data points Built around security methodology Easy scorecard format Resulting report built around risks along with the cost to mitigate in a 1, 2 or 3 year remediation effort Areas Measured : Copyright (c) DMS Consulting LLC 2008 Areas Measured Access Controls System Integrity Controls Cryptography Controls Audit and Monitoring Controls Configuration Management and Assurance Security Processes and Policies Application Security Standards and Policies Privacy Policy and Controls Emerging Risks Security Assessment Methodology : Copyright (c) DMS Consulting LLC 2008 Security Assessment Methodology Security Policies Monitor Secure Audit Improve Effective security requires defense in-depth, multiple capabilities - a combination of framework, process, and technology, and expertise/ongoing operational procedures … Slide 6: Copyright (c) DMS Consulting LLC 2008 Security Policies Monitor SMO Secure Audit Improve Firewalls VPN AntiVirus AntiSpam Encryption ID/Authentication Cameras Doors/Locks Data Backup Disaster Recovery Assessment Methodology: Secure Slide 7: Copyright (c) DMS Consulting LLC 2008 Secure IT Security Policies Monitor Audit Improve Centralized Logging Intrusion Detection and Prevention Enterprise Security Monitoring Tools 7x24 Monitoring Assessment Methodology:Monitor Slide 8: Copyright (c) DMS Consulting LLC 2008 Secure Security Policies Monitor SMO Audit Improve Vulnerability Assessment Sox External Pen Test Privacy Assessment Outside Auditors Security Audit Vendor Security Risk Assessment Disaster Testing Assessment Methodology:Audit Slide 9: Copyright (c) DMS Consulting LLC 2008 Security Policies Monitor Secure IT Audit Improve Software Development Life Cycle (SDLC) Configuration Management Project Management Security Policy Management Incident Response Security Training and Awareness Assessment Methodology:Improve Why SPA? : Copyright (c) DMS Consulting LLC 2008 Why SPA? Provides a objective score for management to measure the success of security investment Tool can be used for planning purposes making sure resources and budget is available for highest risks Used as the basis to create a 1 to 3 year security plan and process Example – Year by Year scoring : Copyright (c) DMS Consulting LLC 2008 Example – Year by Year scoring Example – Scorecard Summary : Copyright (c) DMS Consulting LLC 2008 Example – Scorecard Summary Example – Detail Analysis and Remediation : Copyright (c) DMS Consulting LLC 2008 Example – Detail Analysis and Remediation SPA Scoring Methodology : Copyright (c) DMS Consulting LLC 2008 SPA Scoring Methodology How to succeed… : Copyright (c) DMS Consulting LLC 2008 How to succeed… Follows industry standards for documentation and security process: GLBA SOX COBIT ISO HIPAA Can be referred to by external auditors Security Plan based upon Risks : Copyright (c) DMS Consulting LLC 2008 Security Plan based upon Risks Customer Success : Copyright (c) DMS Consulting LLC 2008 Customer Success SPA can be used to plan resources and budget and projects Provides executive management clear path and deliverables for investment Measure and provides an ongoing yearly tool for corporate clients to measure their state in security. What is in it for your company?Making Money : Copyright (c) DMS Consulting LLC 2008 What is in it for your company?Making Money By selling this service, your company can earn a finders fee upwards to $25,000 per customer based upon the size and scope. The SPA will be delivered as your service and all documentation will show your company as the prime. Each SPA documents several projects needed to remediate issues. Your company can provide staffing and project management to complete those projects for the customer. DMS can sub to you for those service deliverables. You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Security Posture Assessment mdavidson58 Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 929 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: January 29, 2009 This Presentation is Public Favorites: 0 Presentation Description Tool used to Measure and Plan for Corporate Security Environments Comments Posting comment... Premium member Presentation Transcript Security Posture Assessment : Copyright (c) DMS Consulting LLC 2008 Security Posture Assessment Agenda : Copyright (c) DMS Consulting LLC 2008 Agenda What is a SPA? Why SPA? Example How to succeed with SPA Customer Successes How can your company make money? What is a Security Posture Assessment? : Copyright (c) DMS Consulting LLC 2008 What is a Security Posture Assessment? A tool used to objectively measure the current state of a corporations security risks. Contains over 850 independent data points Built around security methodology Easy scorecard format Resulting report built around risks along with the cost to mitigate in a 1, 2 or 3 year remediation effort Areas Measured : Copyright (c) DMS Consulting LLC 2008 Areas Measured Access Controls System Integrity Controls Cryptography Controls Audit and Monitoring Controls Configuration Management and Assurance Security Processes and Policies Application Security Standards and Policies Privacy Policy and Controls Emerging Risks Security Assessment Methodology : Copyright (c) DMS Consulting LLC 2008 Security Assessment Methodology Security Policies Monitor Secure Audit Improve Effective security requires defense in-depth, multiple capabilities - a combination of framework, process, and technology, and expertise/ongoing operational procedures … Slide 6: Copyright (c) DMS Consulting LLC 2008 Security Policies Monitor SMO Secure Audit Improve Firewalls VPN AntiVirus AntiSpam Encryption ID/Authentication Cameras Doors/Locks Data Backup Disaster Recovery Assessment Methodology: Secure Slide 7: Copyright (c) DMS Consulting LLC 2008 Secure IT Security Policies Monitor Audit Improve Centralized Logging Intrusion Detection and Prevention Enterprise Security Monitoring Tools 7x24 Monitoring Assessment Methodology:Monitor Slide 8: Copyright (c) DMS Consulting LLC 2008 Secure Security Policies Monitor SMO Audit Improve Vulnerability Assessment Sox External Pen Test Privacy Assessment Outside Auditors Security Audit Vendor Security Risk Assessment Disaster Testing Assessment Methodology:Audit Slide 9: Copyright (c) DMS Consulting LLC 2008 Security Policies Monitor Secure IT Audit Improve Software Development Life Cycle (SDLC) Configuration Management Project Management Security Policy Management Incident Response Security Training and Awareness Assessment Methodology:Improve Why SPA? : Copyright (c) DMS Consulting LLC 2008 Why SPA? Provides a objective score for management to measure the success of security investment Tool can be used for planning purposes making sure resources and budget is available for highest risks Used as the basis to create a 1 to 3 year security plan and process Example – Year by Year scoring : Copyright (c) DMS Consulting LLC 2008 Example – Year by Year scoring Example – Scorecard Summary : Copyright (c) DMS Consulting LLC 2008 Example – Scorecard Summary Example – Detail Analysis and Remediation : Copyright (c) DMS Consulting LLC 2008 Example – Detail Analysis and Remediation SPA Scoring Methodology : Copyright (c) DMS Consulting LLC 2008 SPA Scoring Methodology How to succeed… : Copyright (c) DMS Consulting LLC 2008 How to succeed… Follows industry standards for documentation and security process: GLBA SOX COBIT ISO HIPAA Can be referred to by external auditors Security Plan based upon Risks : Copyright (c) DMS Consulting LLC 2008 Security Plan based upon Risks Customer Success : Copyright (c) DMS Consulting LLC 2008 Customer Success SPA can be used to plan resources and budget and projects Provides executive management clear path and deliverables for investment Measure and provides an ongoing yearly tool for corporate clients to measure their state in security. What is in it for your company?Making Money : Copyright (c) DMS Consulting LLC 2008 What is in it for your company?Making Money By selling this service, your company can earn a finders fee upwards to $25,000 per customer based upon the size and scope. The SPA will be delivered as your service and all documentation will show your company as the prime. Each SPA documents several projects needed to remediate issues. Your company can provide staffing and project management to complete those projects for the customer. DMS can sub to you for those service deliverables.