|
Physical & Logical Security Convergence: Powered by Enterprise Security Management
While physical and logical security disciplines are disparate, today's threats are such that they need to be addressed in tandem. Gone are the days when there was little to no communication between the IT and physical security staff. Fraud investigation, complex incident analysis, remediation and incident tracking are just a few of the areas where
synergies between these groups can be leveraged. Just as security has evolved from just the perimeter to now include strategies for insider threats, convergence is the next phase of evolution in enterprise-level security incident prevention, detection and management. The most extensible, scalable and robust solution for addressing this convergence is enterprise security management (ESM). The same capabilities ESM utilizes for correlation, anomaly detection, pattern discovery, reporting, investigation and remediation within the IT security realm can also be applied to and converged with, physical security solutions. Organizations are learning that operational efficiencies are amplified by convergence, yielding a positive impact on return on investment (ROI). Additionally, they are finding that their overall security posture is improved by reducing risk and leading to a more solid return on security investment (ROSI). The global security climate has changed with terrorists, organized crime groups, nation-state threats and so forth. Organizations must continue to adapt to these trends with solutions and countermeasures that are capable of merging these disciplines. Enterprise security management (ESM) solutions can be the core for such convergence, thus allowing organizations to mitigate the risks in a holistic and efficient manner. Before the advent of ESM, convergence was brute force at best. Today, the technology is up to the challenge, and many organizations have already achieved success.
* With more and more computer exploits being announcement of a malicious insider, or issues related to terrorists, organized crime, and nation-state threats can you afford to not be in the know?
* Brian Contos has over a decade of real-world security and management expertise developed in some of the most sensitive and mission-critical environments in the world
Section I: Security Primer 1. Information Security Explored 2. Physical Security Explored 3. Convergence Explored Section II: ESM Primer 4. Architecture a. Event Collection b. Asset and Vulnerability Management c. Event Processing d. Event Storage 5. Incident Detection and Analysis a. Correlation b. Anomaly Detection c. Pattern Discovery d. Dashboards & Maps e. Investigation f. Visualization g. Reporting 6. Incident Management and Response a. Alerting b. Escalation c. Case Management/Annotation d. Remediation 7. The Next Generation of ESM Section III: Use Cases: Convergence of Information and Physical Security 8. Physical Access Control Systems General - That black box at the front door 9. Common Access Cards (CAC) - Department of Defense says no to passwords 10. Video Surveillance - Japanese Data Center Snapshots 11. Video Surveillance 2 - Retail POS Reconciliation 12. Environmental Controls - Thermal Shutdown & Other Hazards 13. Time Sheet Integration - Israeli Calling Card Company 14. VPN and Physical Access Controls - Government Contractor in Two Places at Once 15. Asset Management a. Software Inventory b. Hardware Inventory c. RFID 16. Alarm Systems Section IV: Summary 17. Policy, Politics and Technology
|
