19. 53%
of company merged parts of their
physical and logical security *
* Gartner
20. 9.1.1 Use video cameras or other access control
mechanisms to monitor individual physical access to sensitive
areas. Review collected data and correlate with other
entries…
23. You can't
“
efend. You can't
d
revent. The
p
ly thing you
on
o is detect
can d
-oucedh”
Br n Sc. neier
and resp
24. 40%
of organization are
thinking about ITIL *
From disorganization to process ...
25. Incident management
Problem management
Change management
Release management
Capacity management
Availability management
Service level management
Configuration management
Security management
Etc.
From disorganization to process ...
37. B P # 5 A u t o m a t e t r e a t h d e t e c t i o n
Authentication
Login success
Authentication
38. Potential Identity
Hijacking on user
account Wilcox
EventManager
Correlation
Same time window and same user account and differente
Aggregation and
network
x Success authentication user Wilcox
2
Normalization
User logging sucess
User authenticated
42. B P # 7 A u t o m a t c h a n g e m a n a g e m e n t
Adjust security policies
EventManager
New VM deployed
Virutal Machine New Virtual
hyperviseur
Machine
43. EventManager
New Virtual Add the new Virtual Machine
Machine
…
… to the log management … to compliance reports
process
44. ChangeManager
New Virtual Add the new Virtual Machine
Machine
…
… to the VPN
… to the network … to the NAT
configuration
filtering policy
configuration
45. Process and best practice
Change Regulatory Security
management
compliance
monitoring
EventManager
ChangeManager
LogManager