5. Security Strategy Corporate Security Mission and Vision Security Operating Principles Risk-Based Decision Model Tactical Prioritization
6. Mission Assess Risk Define Policy Monitor Audit Mission and Vision Operating Principles Risk Based Decision Model Tactical Prioritization Prevent malicious or unauthorized use that results in the loss of Microsoft intellectual property or productivity by systematically assessing, communicating, and mitigating risks to digital assets
7.
8.
9. Enterprise Risk Model High Low High Impact to Business (Defined by Business Owner) Low Acceptable Risk Unacceptable Risk Probability of Exploit (Defined by Corporate Security) Risk assessment drives to acceptable risk Mission and Vision Operating Principles Risk Based Decision Model Tactical Prioritization
10. Risk Analysis by Asset Class Exploit of misconfiguration, buffer overflows, open shares, NetBIOS attacks Host Unauthenticated access to applications, unchecked memory allocations Application Compromise of integrity or privacy of accounts Account Unmanaged trusts enable movement among environments Trust Data sniffing on the wire, network fingerprinting Network Assets Mission and Vision Operating Principles Risk Based Decision Model Tactical Prioritization
11. Components of Risk Assessment Asset Threat Impact Vulnerability Mitigation Probability + = What are you trying to assess? What are you afraid of happening? What is the impact to the business? How could the threat occur? What is currently reducing the risk? How likely is the threat given the controls? Current Level of Risk What is the probability that the threat will overcome controls to successfully exploit the vulnerability and affect the asset? Mission and Vision Operating Principles Risk Based Decision Model Tactical Prioritization
12. Risk Management Process and Roles Cross-IT Teams Corporate Security Tactical Prioritization Security Solutions & Initiatives Sustained Operations Prioritize Risks Security Policy Compliance 1 Mission and Vision Operating Principles Risk Based Decision Model Tactical Prioritization 2 5 3 4
13. Tactical Prioritization by Environment Mission and Vision Operating Principles Risk Based Decision Model Tactical Prioritization Prioritized Risks Data Center Client Unmanaged Client Remote Access Mobile Policies and mitigation tactics appropriate for each environment
14. Representative Risks and Tactics Enterprise Risks Unpatched Devices Unmanaged Devices Remote and Mobile Users Single-Factor Authentication Focus Controls Across Key Assets Tactical Solutions Secure Environmental Remediation Network Segmentation Through IPSec Secure Remote User Two-Factor for Remote Access and Administrators Managed Source Initiatives Embody Trustworthy Computing
15. Corporate Security Group Organization Corporate Security Group Threat, Risk Analysis, and Policy Assessment and Compliance Monitoring, Intrusion Detection, and Incident Response Shared Services Operations Threat and Risk Analysis Policy Development Product Evaluation Design Review Structure Standards Security Management Security Assessment Compliance and Remediation Monitoring and Intrusion Detection Rapid Response and Resolution Forensics Physical and Remote Access Certificate Administration Security Tools Initiative Management IT Investigations