SlideShare una empresa de Scribd logo

Symantec control compliance suite

Symantec
Symantec
Tecnología
1 de 13
Descargar para leer sin conexión
Symantec Control Compliance Suite 10.5 February 3, 2011
80% of Organizations Lack Visibility into IT Risks Question: What Color is Your Information Risk Today? For 1-in-10, it takes For 2-in-10, it takes more than one day -to- one week to nine months to find find the answer the answer For 1-in-10, it takes between one For 6-in-10, it takes between week and three months three and nine months to to find the answer find the answer Source: IT Policy Compliance Group, 2011 N: 1,202 Symantec Control Compliance Suite 10.5 2
Why are so Many Organizations Flying Blind? Inadequate Controls Lack a Holistic View of Inability to Prioritize Assessments Risk and Report on Risk • Fail to standardize on • Diverse IT environments • Unable to identify controls frameworks • Decentralized data highest priority IT risks • Manual controls collection • Reports lack actionable mapping • Rationalizing data from data to drive resolution • Keeping up with multiple sources • Unable to report on key regulatory changes risks per stakeholder Symantec Control Compliance Suite 10.5 3
Symantec Control Compliance Suite TECHNICAL CONTROLS • Symantec™ Control Compliance Suite Standards Manager • Symantec™ Control Compliance Suite Vulnerability Manager REPORT REMEDIATE POLICY PROCEDURAL CONTROLS • Symantec™ Control • Symantec™ • Symantec™ Control • Symantec™ Control Compliance Suite ServiceDesk 7.0 Compliance Suite Compliance Suite EVIDENCE (Infrastructure) Policy Manager Response Assessment Manager ASSETS CONTROLS DATA CONTROLS • Symantec™ Data Loss Prevention Discover 3RD PARTY EVIDENCE • Symantec™ Control Compliance Suite (Infrastructure) Symantec Control Compliance Suite 10.5 4
Control Compliance Suite 10.5 – What’s New? Improved Risk Management Capabilities • SCAP support provides shared view of IT risks • New workflow integration helps manage people risks More Holistic View of IT Risk • Out-of-box dashboard connectors expand risk views More Comprehensive Controls Assessments • Support for PCI 2.0 and SCAP benchmarks • FDCC support for better desktop controls • OWASP support for better Web application controls Symantec Control Compliance Suite 10.5 5
SCAP Support Provides Shared View of IT Risks • Security Content Automation Protocol • Developed by National Institute of Standards and Technology (NIST) • Better visibility into IT infrastructure • Standard way to write security checks • Eliminates need to rationalize data from multiple sources • Easily downloadable file updates – scan based on latest standards • Common framework provides a shared view of IT risks for better prioritization and faster remediation Symantec Control Compliance Suite 10.5 6
Manage People Risk With Workflow Integration • New workflow integration with Symantec Data Loss Prevention • Target security awareness training at individuals in violation of data protection policy • New questionnaire summary pages – Overview of key security awareness risks – Drill down into more detail for remediation efforts Symantec Control Compliance Suite 10.5 7
Control Compliance Suite 10.5 – What’s New Improved Risk Management Capabilities • SCAP support provides shared view of IT risks • New workflow integration helps manage people risk More Holistic View of Risk • Out-of-box dashboard connectors expand risk views More Comprehensive Controls Assessments • Support for PCI 2.0 and SCAP benchmarks • FDCC support for better desktop controls • OWASP support for better Web application controls Symantec Control Compliance Suite 10.5 8
Out-of-Box Dashboard Connectors Expand Risk Views • Automatically collect data from CCS Response Assessment Manager • Populate pre-defined dashboard panels • Side by side view of risks for greater insights – e.g. – Data policy violations – Results of employee security awareness – Compliance posture of critical servers • Future releases to bring in data on – Critical vulnerabilities – Latest security threats – Real-time file integrity monitoring Symantec Control Compliance Suite 10.5 9
Control Compliance Suite 10.5 – What’s New Improved Risk Management Capabilities • SCAP support provides shared view of IT risks • New workflow integration helps manage people risk More Holistic View of Risk • Out-of-the-box dashboard connectors expand risk views More Comprehensive Controls Assessments • Support for PCI 2.0 and SCAP benchmarks • FDCC support for better desktop controls • OWASP support for better Web application controls Symantec Control Compliance Suite 10.5 10
CCS 10.5 FDCC Support for Better Desktop Controls • 85% of total reported security breaches can be traced to end user actions* • Built-in support for Federal Desktop Core Configuration (FDCC) • Common industry standard for US Federal government • Protects desktops against harmful configuration changes and vulnerabilities • Simplifies desktop security • Easily import monthly updates • Report on results in FDCC format *Michael Bednarczyk, Information Week Analytics Symantec Control Compliance Suite 10.5 11
OWASP Support for Better Web Application Controls • In 2009 there were 5,500+ unique vulnerabilities in Web applications alone* • Built-in support for Open Web Application Security Protocol • Technical standards for securing Web applications • Focuses on top 10 vulnerabilities • Automatically identify and remediate risks before they are exploited • Adopted by PCI Security Standards Council *Symantec Global Internet Security Threat Report Symantec Control Compliance Suite 10.5 12
Thank you! Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Symantec Control Compliance Suite 10.5 13

Recomendados

IT GRC with Symantec
IT GRC with SymantecIT GRC with Symantec
IT GRC with Symantec
Arrow ECS UK
 
Control Compliance Suite 10
Control Compliance Suite 10Control Compliance Suite 10
Control Compliance Suite 10
Symantec
 
Symantec Brightmail Gateway 9
Symantec Brightmail Gateway 9Symantec Brightmail Gateway 9
Symantec Brightmail Gateway 9
Symantec
 
SPS Enterprise Family
SPS Enterprise FamilySPS Enterprise Family
SPS Enterprise Family
Symantec
 
Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012
Symantec
 
Symantec AntiSpam Complete Overview (PowerPoint)
Symantec AntiSpam Complete Overview (PowerPoint)Symantec AntiSpam Complete Overview (PowerPoint)
Symantec AntiSpam Complete Overview (PowerPoint)
webhostingguy
 
Altiris IT Management Suite 7
Altiris IT Management Suite 7Altiris IT Management Suite 7
Altiris IT Management Suite 7
Symantec
 
Secure Email Communications from Symantec
Secure Email Communications from SymantecSecure Email Communications from Symantec
Secure Email Communications from Symantec
Arrow ECS UK
 

Recomendados

IT GRC with Symantec
IT GRC with SymantecIT GRC with Symantec
IT GRC with Symantec
Arrow ECS UK
 
Control Compliance Suite 10
Control Compliance Suite 10Control Compliance Suite 10
Control Compliance Suite 10
Symantec
 
Symantec Brightmail Gateway 9
Symantec Brightmail Gateway 9Symantec Brightmail Gateway 9
Symantec Brightmail Gateway 9
Symantec
 
SPS Enterprise Family
SPS Enterprise FamilySPS Enterprise Family
SPS Enterprise Family
Symantec
 
Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012Symantec Control Compliance Suite 11, February 2012
Symantec Control Compliance Suite 11, February 2012
Symantec
 
Symantec AntiSpam Complete Overview (PowerPoint)
Symantec AntiSpam Complete Overview (PowerPoint)Symantec AntiSpam Complete Overview (PowerPoint)
Symantec AntiSpam Complete Overview (PowerPoint)
webhostingguy
 
Altiris IT Management Suite 7
Altiris IT Management Suite 7Altiris IT Management Suite 7
Altiris IT Management Suite 7
Symantec
 
Secure Email Communications from Symantec
Secure Email Communications from SymantecSecure Email Communications from Symantec
Secure Email Communications from Symantec
Arrow ECS UK
 
Software Vulnerabilities Risk Remediation
Software Vulnerabilities Risk RemediationSoftware Vulnerabilities Risk Remediation
Software Vulnerabilities Risk Remediation
Bruce Hafner
 
Windows Host Access Management with CA Access Control
Windows Host Access Management with CA Access ControlWindows Host Access Management with CA Access Control
Windows Host Access Management with CA Access Control
webhostingguy
 
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec
 
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSymantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Sree Harsha Boyapati
 
Ambesh
AmbeshAmbesh
Ambesh
Ambesh Sharma
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
Symantec
 
KASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATIONKASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATION
GS CHO
 
IBM InfoSphere Guardium overview
IBM InfoSphere Guardium overviewIBM InfoSphere Guardium overview
IBM InfoSphere Guardium overview
nazeer325
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012
Nicolai Henriksen
 
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareBMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
Mike Rizzo
 
C90 Security Service
C90 Security ServiceC90 Security Service
C90 Security Service
christoboshoff
 
Norman Patch and Remediation
Norman Patch and RemediationNorman Patch and Remediation
Norman Patch and Remediation
KavlieBorge
 
Defence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsDefence in Depth Architectural Decisions
Defence in Depth Architectural Decisions
Peter Rawsthorne
 
Guardium Presentation
Guardium PresentationGuardium Presentation
Guardium Presentation
tsteh
 
Evaluating Risks of Cloud Based Services
Evaluating Risks of Cloud Based ServicesEvaluating Risks of Cloud Based Services
Evaluating Risks of Cloud Based Services
Symantec
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
ebuc
 
DojoSec FISMA Presentation
DojoSec FISMA PresentationDojoSec FISMA Presentation
DojoSec FISMA Presentation
danphilpott
 
The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?
The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?
The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?
IBM Security
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
Samuel Kamuli
 
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
Peter Tutty
 
Introduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptxIntroduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptx
Arrow ECS UK
 
Lunch and Learn: June 29, 2010
Lunch and Learn: June 29, 2010Lunch and Learn: June 29, 2010
Lunch and Learn: June 29, 2010
prevalentnetworks
 

Más contenido relacionado

La actualidad más candente

Software Vulnerabilities Risk Remediation
Software Vulnerabilities Risk RemediationSoftware Vulnerabilities Risk Remediation
Software Vulnerabilities Risk Remediation
Bruce Hafner
 
Windows Host Access Management with CA Access Control
Windows Host Access Management with CA Access ControlWindows Host Access Management with CA Access Control
Windows Host Access Management with CA Access Control
webhostingguy
 
KASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATIONKASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATION
GS CHO
 
Evaluating Risks of Cloud Based Services
Evaluating Risks of Cloud Based ServicesEvaluating Risks of Cloud Based Services
Evaluating Risks of Cloud Based Services
Symantec
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
ebuc
 
The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?
The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?
The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?
IBM Security
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
Samuel Kamuli
 

La actualidad más candente (20)

Software Vulnerabilities Risk Remediation
Software Vulnerabilities Risk RemediationSoftware Vulnerabilities Risk Remediation
Software Vulnerabilities Risk Remediation
 
Windows Host Access Management with CA Access Control
Windows Host Access Management with CA Access ControlWindows Host Access Management with CA Access Control
Windows Host Access Management with CA Access Control
 
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
 
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices GuidelinesSymantec Endpoint Protection Enterprise Edition Best Practices Guidelines
Symantec Endpoint Protection Enterprise Edition Best Practices Guidelines
 
Ambesh
AmbeshAmbesh
Ambesh
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
 
KASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATIONKASPERSKY SECURITY CENTER IMPLEMENTATION
KASPERSKY SECURITY CENTER IMPLEMENTATION
 
IBM InfoSphere Guardium overview
IBM InfoSphere Guardium overviewIBM InfoSphere Guardium overview
IBM InfoSphere Guardium overview
 
NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012NIC2012 - System Center Endpoint Protection 2012
NIC2012 - System Center Endpoint Protection 2012
 
BMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/MalwareBMC - Response to the SolarWinds Breach/Malware
BMC - Response to the SolarWinds Breach/Malware
 
C90 Security Service
C90 Security ServiceC90 Security Service
C90 Security Service
 
Norman Patch and Remediation
Norman Patch and RemediationNorman Patch and Remediation
Norman Patch and Remediation
 
Defence in Depth Architectural Decisions
Defence in Depth Architectural DecisionsDefence in Depth Architectural Decisions
Defence in Depth Architectural Decisions
 
Guardium Presentation
Guardium PresentationGuardium Presentation
Guardium Presentation
 
Evaluating Risks of Cloud Based Services
Evaluating Risks of Cloud Based ServicesEvaluating Risks of Cloud Based Services
Evaluating Risks of Cloud Based Services
 
IBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database SecurityIBM Infosphere Guardium - Database Security
IBM Infosphere Guardium - Database Security
 
DojoSec FISMA Presentation
DojoSec FISMA PresentationDojoSec FISMA Presentation
DojoSec FISMA Presentation
 
The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?
The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?
The Business Case for Enterprise Endpoint Protection: Can You Afford Not To?
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
 
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
IBM Security Guardium Data Activity Monitor (Data Sheet-USEN)
 

Similar a Symantec control compliance suite

Better security through IT operations
Better security through IT operationsBetter security through IT operations
Better security through IT operations
slighltyanon
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
EnergySec
 
Dell Endpoint Systems Management Solutions
Dell Endpoint Systems Management SolutionsDell Endpoint Systems Management Solutions
Dell Endpoint Systems Management Solutions
CTI Group
 
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Ulf Mattsson
 
Session 1: Windows 8 with Gerry Tessier
Session 1: Windows 8 with Gerry TessierSession 1: Windows 8 with Gerry Tessier
Session 1: Windows 8 with Gerry Tessier
CTE Solutions Inc.
 

Similar a Symantec control compliance suite (20)

Introduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptxIntroduction to Symantec Endpoint Management75.pptx
Introduction to Symantec Endpoint Management75.pptx
 
Lunch and Learn: June 29, 2010
Lunch and Learn: June 29, 2010Lunch and Learn: June 29, 2010
Lunch and Learn: June 29, 2010
 
Shedding Light on Smart Grid & Cyber Security
Shedding Light on Smart Grid & Cyber SecurityShedding Light on Smart Grid & Cyber Security
Shedding Light on Smart Grid & Cyber Security
 
2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management2012-12-12 Seminar McAfee Risk Management
2012-12-12 Seminar McAfee Risk Management
 
Better security through IT operations
Better security through IT operationsBetter security through IT operations
Better security through IT operations
 
TalaTek Enterprise Compliance Management Solution
TalaTek Enterprise Compliance Management SolutionTalaTek Enterprise Compliance Management Solution
TalaTek Enterprise Compliance Management Solution
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
 
Dell Endpoint Systems Management Solutions
Dell Endpoint Systems Management SolutionsDell Endpoint Systems Management Solutions
Dell Endpoint Systems Management Solutions
 
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
Securing fintech - threats, challenges, best practices, ffiec, nist, and beyo...
 
Cyber security series administrative control breaches
Cyber security series administrative control breaches Cyber security series administrative control breaches
Cyber security series administrative control breaches
 
TrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability Management
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11
 
Top 20 Security Controls for a More Secure Infrastructure
Top 20 Security Controls for a More Secure InfrastructureTop 20 Security Controls for a More Secure Infrastructure
Top 20 Security Controls for a More Secure Infrastructure
 
Session 1: Windows 8 with Gerry Tessier
Session 1: Windows 8 with Gerry TessierSession 1: Windows 8 with Gerry Tessier
Session 1: Windows 8 with Gerry Tessier
 
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVaultHow to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to Security
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
Managing Software Risk with CAST
Managing Software Risk with CASTManaging Software Risk with CAST
Managing Software Risk with CAST
 
Institute of Internal Auditors Presentation 2014
Institute of Internal Auditors Presentation 2014Institute of Internal Auditors Presentation 2014
Institute of Internal Auditors Presentation 2014
 
TrustedAgent GRC for Vulnerability Management and Continuous Monitoring
TrustedAgent GRC for Vulnerability Management and Continuous MonitoringTrustedAgent GRC for Vulnerability Management and Continuous Monitoring
TrustedAgent GRC for Vulnerability Management and Continuous Monitoring
 

Más de Symantec

Más de Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 

Último

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 

Último (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Symantec control compliance suite

  • 1. Symantec Control Compliance Suite 10.5 February 3, 2011
  • 2. 80% of Organizations Lack Visibility into IT Risks Question: What Color is Your Information Risk Today? For 1-in-10, it takes For 2-in-10, it takes more than one day -to- one week to nine months to find find the answer the answer For 1-in-10, it takes between one For 6-in-10, it takes between week and three months three and nine months to to find the answer find the answer Source: IT Policy Compliance Group, 2011 N: 1,202 Symantec Control Compliance Suite 10.5 2
  • 3. Why are so Many Organizations Flying Blind? Inadequate Controls Lack a Holistic View of Inability to Prioritize Assessments Risk and Report on Risk • Fail to standardize on • Diverse IT environments • Unable to identify controls frameworks • Decentralized data highest priority IT risks • Manual controls collection • Reports lack actionable mapping • Rationalizing data from data to drive resolution • Keeping up with multiple sources • Unable to report on key regulatory changes risks per stakeholder Symantec Control Compliance Suite 10.5 3
  • 4. Symantec Control Compliance Suite TECHNICAL CONTROLS • Symantec™ Control Compliance Suite Standards Manager • Symantec™ Control Compliance Suite Vulnerability Manager REPORT REMEDIATE POLICY PROCEDURAL CONTROLS • Symantec™ Control • Symantec™ • Symantec™ Control • Symantec™ Control Compliance Suite ServiceDesk 7.0 Compliance Suite Compliance Suite EVIDENCE (Infrastructure) Policy Manager Response Assessment Manager ASSETS CONTROLS DATA CONTROLS • Symantec™ Data Loss Prevention Discover 3RD PARTY EVIDENCE • Symantec™ Control Compliance Suite (Infrastructure) Symantec Control Compliance Suite 10.5 4
  • 5. Control Compliance Suite 10.5 – What’s New? Improved Risk Management Capabilities • SCAP support provides shared view of IT risks • New workflow integration helps manage people risks More Holistic View of IT Risk • Out-of-box dashboard connectors expand risk views More Comprehensive Controls Assessments • Support for PCI 2.0 and SCAP benchmarks • FDCC support for better desktop controls • OWASP support for better Web application controls Symantec Control Compliance Suite 10.5 5
  • 6. SCAP Support Provides Shared View of IT Risks • Security Content Automation Protocol • Developed by National Institute of Standards and Technology (NIST) • Better visibility into IT infrastructure • Standard way to write security checks • Eliminates need to rationalize data from multiple sources • Easily downloadable file updates – scan based on latest standards • Common framework provides a shared view of IT risks for better prioritization and faster remediation Symantec Control Compliance Suite 10.5 6
  • 7. Manage People Risk With Workflow Integration • New workflow integration with Symantec Data Loss Prevention • Target security awareness training at individuals in violation of data protection policy • New questionnaire summary pages – Overview of key security awareness risks – Drill down into more detail for remediation efforts Symantec Control Compliance Suite 10.5 7
  • 8. Control Compliance Suite 10.5 – What’s New Improved Risk Management Capabilities • SCAP support provides shared view of IT risks • New workflow integration helps manage people risk More Holistic View of Risk • Out-of-box dashboard connectors expand risk views More Comprehensive Controls Assessments • Support for PCI 2.0 and SCAP benchmarks • FDCC support for better desktop controls • OWASP support for better Web application controls Symantec Control Compliance Suite 10.5 8
  • 9. Out-of-Box Dashboard Connectors Expand Risk Views • Automatically collect data from CCS Response Assessment Manager • Populate pre-defined dashboard panels • Side by side view of risks for greater insights – e.g. – Data policy violations – Results of employee security awareness – Compliance posture of critical servers • Future releases to bring in data on – Critical vulnerabilities – Latest security threats – Real-time file integrity monitoring Symantec Control Compliance Suite 10.5 9
  • 10. Control Compliance Suite 10.5 – What’s New Improved Risk Management Capabilities • SCAP support provides shared view of IT risks • New workflow integration helps manage people risk More Holistic View of Risk • Out-of-the-box dashboard connectors expand risk views More Comprehensive Controls Assessments • Support for PCI 2.0 and SCAP benchmarks • FDCC support for better desktop controls • OWASP support for better Web application controls Symantec Control Compliance Suite 10.5 10
  • 11. CCS 10.5 FDCC Support for Better Desktop Controls • 85% of total reported security breaches can be traced to end user actions* • Built-in support for Federal Desktop Core Configuration (FDCC) • Common industry standard for US Federal government • Protects desktops against harmful configuration changes and vulnerabilities • Simplifies desktop security • Easily import monthly updates • Report on results in FDCC format *Michael Bednarczyk, Information Week Analytics Symantec Control Compliance Suite 10.5 11
  • 12. OWASP Support for Better Web Application Controls • In 2009 there were 5,500+ unique vulnerabilities in Web applications alone* • Built-in support for Open Web Application Security Protocol • Technical standards for securing Web applications • Focuses on top 10 vulnerabilities • Automatically identify and remediate risks before they are exploited • Adopted by PCI Security Standards Council *Symantec Global Internet Security Threat Report Symantec Control Compliance Suite 10.5 12
  • 13. Thank you! Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Symantec Control Compliance Suite 10.5 13