Embed Size (px)
DESCRIPTION
An overview of security frameworks and methods
Citation preview
Security Architecture
Agenda
Frameworks and Standards
Different ways of looking at Risk
Impact
Assurance
O Desafio está aumentando...
0%
20%
40%
60%
80%
100%
120%
1990 Today 2040
PERCENTAGE OF IT BUDGET DEVOTED TO SECURITY
Percentage of IT budget devoted to security
Security and Architecture
IT Architecture is about using IT to meet business needs
Security is about reducing business risk
Security Architecture is about reducing business risk from IT
Security Architecture Frameworks and Standards
TOGAF Next
Everything
TOGAF 9Process, Content
TOGAF 8Process Only
IAFContent Only
SABSASecurity Specific
ZachmanContent Only
FAIRRisk Analysis
Security Measures vs. Risks
Threat
Asset
Impact
Access Path
Deterrence
Detection
Containment
Prevention
Attack
Uses
To perform
Against
Which results in
Recovery
Ris
k
Security
Measure
s
Deters
Controls
Detects
Recovers
Limits
Security Concepts in an Architecture Framework
Context:Why do I need to be Secure?
Concept:What security do I need?
Logical/Physical:How will I be secure?
Threats Stakeholders Drivers
Assets Domains
Access Routes
Risks
Requirements Policies
Services Measures
Different Types of Risk
Domains
Assets
Threats• Risks are unexpected or uncertain
events
• Risks trigger impacts if they occur
• Real-world systems have many
risks
• Security measures mitigate the
risks
• The cost of a security measure
must be less than the value of the
risks it mitigates
Asset Risk
Assets are things the business values
Stakeholders are people and organisations that have an interest in assets
Stakeholders have objectives - things they want to enforce - laws, contracts, ethical rules, principles, policies
Confidentiality, Integrity, Availability, Non-repudiation
Stakeholders can be negative
For every asset/objective combination, there is a risk this will not be enforced
Looking at risk in this way helps you to concentrate on what is of value
Domains
Assets
Threats
Threat Risk
Threat Agents are people, organisations or events with access to your assets
Threat agents can be legitimate
Employees, Customers
or illegitimate
Hackers, criminals
Or unexpected events
Component failure, flood, earthquake
Threat agents can make mistakes, or can deliberately attack you, or can happen unexpectedly
This leads to an objective not being met
Looking at risk in this way helps you to concentrate on possible loss scenarios
Domains
Assets
Threats
Domain Risk
Domains are the places where assets are stored:
Networks, servers, processes, databases, files, sites, boxes
Domains are accessed by threat agents via access routes
Access routes need to be secured
Guided by common sense and good practice
Non-secured access routes are a source of risk
Looking at risk in this way helps you to concentrate on how an attacker would get in
Domains
Assets
Threats
Anatomy of an Attack
Actions By Threat Agent
Legitimate Access - Event Illegitimate Access
- Impact
Threat Agent Stakeholders
Security Breach Occurs
Asset
Breach Detected
and Stopped
Actions by
Stakeholders
Timeline
Impact
Security measures are justified by risks but…
Risks are difficult to enumerate systematically
The impact of a risk is difficult to estimate
Real systems generate enormous numbers of risks
It’s not practical to design security countermeasures as responses to risks
Most security practitioners don’t start with a list of risks
Instead, they start with good practice and common sense
And only list risks when a business case is needed
Assurance
How do I know I’m secure?
TestingPenetration Testing
Risk Analysis
Maturity Modelling
Certification (Vs ISO 27001)
Evaluation (Vs ISO 15408)
Security Architecture Service Delivery Framework
ROLES
Security Engagement Manager
Security Auditor
Security Advisor
Security Architect
CAPGEMINI PROCESSES ARTEFACTS
Work Initiation
Sizing Tools
Request Templates
Industrialised Design
Quality Assurance
Governance
Resource Management
Added Value
Reporting
Advisory
Report Templates
Architecture Design Templates
Risk Assessment Tools
Waiver & Exemption Templates
Detailed Design
Virtualised Platform Pattern
Mobile Devices Pattern
Cloud Architecture Pattern
Example Security Policies, Standards
IAM Architecture Pattern
Etc.
New Starter Pack
Value IT Tools
Controls Review
Etc.
New Project
Project:
Security
Initiation
Architecture
Design
Security
Review
Detailed
Design & Build
DELIVERABLES
• Project Initiation
• Information Classification• Risk Assessment• Business Impact Assessment
• Security Architecture Resource Request
• Requirements Definition• Outline Solution Design• Full Solution Design• Waivers & Exemptions
• Controls Review
• Detailed Design
Security Designer
Conclusion: What makes up a security architecture
Security Architecture
Threat Agents
Access Routes
Domains
Assets
Stakeholders
Objectives
Risks
Impacts
Measures
The information contained in this presentation is proprietary.
© 2013 Capgemini. All rights reserved.
www.capgemini.com
About Capgemini
With more than 130,000 people in 44 countries, Capgemini is one
of the world's foremost providers of consulting, technology and
outsourcing services. The Group reported 2013 global revenues
of EUR 10.1 billion. Together with its clients, Capgemini creates
and delivers business and technology solutions that fit their needs
and drive the results they want. A deeply multicultural
organization, Capgemini has developed its own way of working,
the Collaborative Business ExperienceTM, and draws on
Rightshore®, its worldwide delivery model.
Learn more about us at www.capgemini.com.
Rightshore® is a trademark belonging to Capgemini
