Managed Security Services Overview

www.slva.co.za | info@slva.co.zawww.slva.co.za | info@slva.co.zaKris Budnik

Managed Security Services

www.slva.co.za | info@slva.co.zawww.slva.co.za | info@slva.co.za

threats are on the rise

www.slva.co.za | info@slva.co.zawww.slva.co.za | info@slva.co.za

“What's amazed me is how easy fraud has become with technology than when I did it 50 years ago. Make it difficult for people to steal from you. You have to be a smarter consumer today and a smarter businessman”

Frank Abagnale Jnr.

www.slva.co.za | info@slva.co.zawww.slva.co.za | info@slva.co.za

why is it so easy?

• Are fundamental questions being addressed?• What is it that you are protecting?• What are you protecting yourself from?• How do you prioritise? And how often do you re-prioritise?• How do you check that your efforts are effective?

www.slva.co.za | info@slva.co.zawww.slva.co.za | info@slva.co.za

exciting times ahead…

• emergence of cloud-based services encouraging• Tap into collective strengths• Outsource the “heavy lifting”• Focus on analysis not on data gathering and correlation• Spend your effort on securing the environment, instead of on

security project administration, and infrastructure and software management

• Do more, more quickly, and with less

www.slva.co.za | info@slva.co.zawww.slva.co.za | info@slva.co.za

whom am I talking about?

• analyze security event data in real time for internal and external threat management,

• collect, store, analyze and report on log data for incident response, forensics and regulatory compliance.

• services for monitored/managed firewall and intrusion detection and prevention functions, as well as log analysis and reporting services

• services to detect advanced targeted attacks

www.slva.co.za | info@slva.co.zawww.slva.co.za | info@slva.co.za

the good…

• tap into meaningful, concise and relevant security intelligence data…

• good insight into what is happening in our environment, right now…

• able to continuously adjust our responses based on actual threat data…

• able to simulate attacks based on threat data to assess whether it is something we should worry about…

www.slva.co.za | info@slva.co.zawww.slva.co.za | info@slva.co.za

the bad…

• don’t believe the brochure-ware• not a security solution

• bad data in…bad data out• you can still be overwhelmed

• Need to sharpen your patch, vulnerability and config management processes

• Need ownership from rest of IT• requires a well instrumented security environment to work really well• correlated events still lack context and required second level of analysis

www.slva.co.za | info@slva.co.zawww.slva.co.za | info@slva.co.za

the ugly…

• everyone has a solution - not all are equal• can be expensive – not just license but also in resources needed to extract

value• analysis paralysis• techno-babble or FUD as primary output• incomplete

www.slva.co.za | info@slva.co.zawww.slva.co.za | info@slva.co.za

what to do?

• Plan well – consider carefully what you will feed up for analysis and from where

• Ensure you have the resources and support you need to use the service• Get references and talk to existing users• Ask for sample outputs• Select based on your needs now, don’t buy “futures”• Don’t oversell the value

www.slva.co.za | info@slva.co.zawww.slva.co.za | info@slva.co.za

WE MAKE SECURITY OUR BUSINESS SO THAT YOU CAN FOCUS ON YOURS