This is a deck I presented at the RSA Conference in San Francisco in 2013.
The content is based on discussions with hundreds of enterprises, security experts, operations teams, vendors and regulators on 5 continents.
Presentation Credit: Salahuddin Khawaja
5. Top Business
Technology
Trends Video
Social Enterprise
Big Data
Enterprise
Clouds
High-IQ Networks
M2M2P
Compliance
Energy Efficiency
Consumerization
of IT
Personalization
of Service
@smallersecurity
7. Video
Big Data
Enterprise Clouds
High-IQ Networks
M2M2P
Compliance
Social Enterprise Energy Efficiency
Consumerization of IT
Personalization of
Service
DATA
@smallersecurity
12. 11
Programs and Technologies
Risk Assessment Security Policy Organization of Info Security
Asset Management Human Resources Management Physical & Environment Security
Communication & Ops Mgmt Access Control
Info Systems Acquisition, Dev, &
Maintenance
Info Security Incident
Management
Business Continuity
Management
Compliance
@smallersecurity
23. Data-Centric
Security:
A Recipe
Implement Control Requirements
Monitor Control Effectiveness
Entitlement Definition
Mobile Environment Definition
Inventory Users
Define Business Processes
Destroy Data
Inventory Data
Categorize Data
@smallersecurity
25. What about Apps?
Can’t impede app
proliferation, but
how do you know
which to trust?
30 billion app downloads
from Apple's App Store
Apps have overtaken
browsing
@smallersecurity
26. What about the Network?
(It’s not just for transport)
@smallersecurity
28. Doing things right
↓
Doing the right things
Business
Context
Follow the data
Network can
help
Simplify security
program
Apps matter
@smallersecurity
32. Security Leadership
Why Verizon?
Industry Recognition
Largest & highly rated MSSP (Frost & Sullivan, Gartner, Forrester)
Founding and Executive Member of Open Identity Exchange
Security Consulting practice recognized as a Strong Performer (Forrester)
ICSA Labs is the industry standard for certifying security products (started in 1991)
Credentials
More PCI auditors (140+ QSAs) than any other firm in the world
HITRUST Qualified CSF Assessor
Actively participate in 30+ standards / certification bodies, professional
organizations and vertical specific consortia
Personnel hold 40+ unique industry, technology and vendor certifications
Global Reach
550+ dedicated security consultants in 28 countries speak 28 languages
Investigated breaches in 36 countries in 2011
7 SOCs on 4 continents manage security devices in 45+ countries
Serve 77% of Forbes Global 2000
Experience
Verizon’s SMP is the oldest security certification program in the industry
Analyzed 2000+ breaches involving 1+ Billion records
Manage identities in 50+ countries and for 25+ national governments
Delivered 2000+ security consulting engagements in 2011
ISO 9001
ISO 17025