Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
Session ID:
Session Classification:
Vicente Aceituno @vaceituno
Inovement Spain
GRC-T08B
Intermediate
Case Study: Bankia
R...
Presenter Logo
#RSAC
Maturity
►A measure of the ability to
improve often over time
Presenter Logo
#RSAC
Bankia
►4th Biggest bank in Spain with 12 million customers
►Took the decision to implement O-ISM3 fo...
Presenter Logo
#RSAC
Return Of Investment and Maturity
ROI
Maturity
Penetration
Testing
White Box
P.T.
Lifecycle
Integrati...
Presenter Logo
#RSAC
Improvement
►Achieving higher value
with the same resources
►Achieving the same value
with fewer reso...
Presenter Logo
#RSAC
Improvement
►Producing
Results
►Contribute to
Business Needs
►Setting
Priorities
►Better Use of
Resou...
Presenter Logo
#RSAC
Continuous Improvement ToolBox
Metrics Security
Objectives
Analysis
Processes Knowledge
Management
Presenter Logo
#RSAC
Continuous Improvement Benefits
►Effortless definition of
SLA’s.
►Feedback.
►Application Classificati...
Presenter Logo
#RSAC
Higher Maturity Results
0
50
100
150
200
250
2008 2009 2010 2011 2012
Weaknesses
Fixed
Euros / Weakne...
Presenter Logo
#RSAC
Higher Maturity Results
0
50
100
150
200
250
300
350
400
2008 2009 2010 2011 2012
Application Securit...
Presenter Logo
#RSAC
Last Messages
►Maturity is a measure of the ability for continuous
improvement.
►Achieving high level...
Information Security that makes Business Sense
inovement.es/oism3
Web www.inovement.es
Video Blog youtube.com/user/vaceitu...
Nächste SlideShare
Wird geladen in …5
×

RSA CONFERENCE EUROPE 2013 - Bankia reaching high maturit levels with O-ISM3: A Success Case

6.001 Aufrufe

Veröffentlicht am

Veröffentlicht in: Technologie
  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

RSA CONFERENCE EUROPE 2013 - Bankia reaching high maturit levels with O-ISM3: A Success Case

  1. 1. Session ID: Session Classification: Vicente Aceituno @vaceituno Inovement Spain GRC-T08B Intermediate Case Study: Bankia Reaching the Highest Maturity Levels
  2. 2. Presenter Logo #RSAC Maturity ►A measure of the ability to improve often over time
  3. 3. Presenter Logo #RSAC Bankia ►4th Biggest bank in Spain with 12 million customers ►Took the decision to implement O-ISM3 for application security testing in late 2008 ►The Application Security team achieved an Optimized maturity level in 6 months
  4. 4. Presenter Logo #RSAC Return Of Investment and Maturity ROI Maturity Penetration Testing White Box P.T. Lifecycle Integration Secure Design Continuous Improvement
  5. 5. Presenter Logo #RSAC Improvement ►Achieving higher value with the same resources ►Achieving the same value with fewer resources
  6. 6. Presenter Logo #RSAC Improvement ►Producing Results ►Contribute to Business Needs ►Setting Priorities ►Better Use of Resources
  7. 7. Presenter Logo #RSAC Continuous Improvement ToolBox Metrics Security Objectives Analysis Processes Knowledge Management
  8. 8. Presenter Logo #RSAC Continuous Improvement Benefits ►Effortless definition of SLA’s. ►Feedback. ►Application Classification according to Business Criteria. ►Better Communication. ►Efficient allocation of resources. ►Better distribution of responsibilities. ►Uniform results regardless of who performs a task. ►No vendor lock-in.
  9. 9. Presenter Logo #RSAC Higher Maturity Results 0 50 100 150 200 250 2008 2009 2010 2011 2012 Weaknesses Fixed Euros / Weakness Fixed Weaknesses / Application Security Test
  10. 10. Presenter Logo #RSAC Higher Maturity Results 0 50 100 150 200 250 300 350 400 2008 2009 2010 2011 2012 Application Security Tests Euros / Application Security Test Application Security Test Workload
  11. 11. Presenter Logo #RSAC Last Messages ►Maturity is a measure of the ability for continuous improvement. ►Achieving high levels of maturity can be hard if you don’t know how. ►High maturity is about working smart, not hard. ►Bankia saved time and money, improved the security of their applications, the communication between teams, and avoided vendor lock-in.
  12. 12. Information Security that makes Business Sense inovement.es/oism3 Web www.inovement.es Video Blog youtube.com/user/vaceituno Blog ism3.com Twitter twitter.com/vaceituno Presentations slideshare.net/vaceituno/presentations Articles slideshare.net/vaceituno/documents
  13. 13. Thank you! #RSAC Vicente Aceituno Inovement Spain @vaceituno vaceituno@inovement.es www.inovement.es

×