The threat landscape has evolved dramatically in recent years. For one thing, the level of threat activity has skyrocketed. Also, the nature of risks has undergone a profound change. Consider the following data, drawn from the Symantec Global Intelligence Network and the Internet Security Threat Report:
- Symantec Managed Security Services logs upwards of 2 billion events daily, identifying approximately 100 as critical security events that require immediate action.
- The Symantec DeepSight Threat Management System generates more than 100,000 security alerts annually for subscribers to the service.
- Attackers are now targeting confidential end-user information that can be fraudulently used for financial gain.
- Attackers are also becoming more geographically mobile and adopt new tactics more rapidly and more often in response to security measures implemented by vendors, administrators, and end users.
Obviously, security management becomes increasingly challenging for businesses as a result of these threats. But there other challenges as well, such as managing multiple security technologies; difficulties in attracting, training, and retaining skilled staff; expanding regulatory scopes; and budget constraints.
Determining a business’s security posture involves analyzing vulnerabilities, weaknesses, and exposure to exploitation on the external and internal infrastructure in network devices, servers, desktops, Web applications, and databases.
Then there is the additional challenge of supporting enterprise executives by evaluating, prioritizing, and managing their portfolio of security controls.
All in all, that’s a tall order.
Symantec Consulting Services offers solutions to help organizations manage IT risk, control costs, and maximize IT performance. Symantec consultants have decades of experience assessing, designing, implementing, and managing custom solutions that meet the requirements of complex enterprise environments.
One of the first services Symantec consultants can provide is an evaluation of the maturity of an organization’s security program. The Symantec Security Program Assessment was developed to get this process under way. Specifically, the Symantec Security Program Assessment measures the maturity of a security program against the Symantec Security Management Framework.
The Symantec Security Management Framework was developed to facilitate wide-ranging discussions about an information security program. Although clearly aligned to established standards such as CoBIT and ISO 27002, the framework provides a simpler relationship model that assists in understanding and evaluating an existing information security management environment.
Symantec consultants identify, evaluate, and establish priorities for exposures within the security program. They examine specific areas of the design through questionnaires, interviews, documentation reviews, threat modeling, and best practice workshops conducted with both business and technical stakeholders.
The resulting assessment is designed to support enterprise executives with the evaluation, prioritization, alignment, and management of their security program portfolio and with a better understanding of their security posture.
The Symantec Security Program Assessment is not intended as a security standard. Rather, it is meant to be a model for discussion and evaluation of an existing environment. The framework contains seven focus areas:
- Security Strategy
- Security Organization
- Secure Operations
- Business Continuity
- Network and System Security
- Application Security
- Data Security
These are divided into 42 elements that apply to one or more of the focus areas. Each element in the framework is evaluated on multiple axes to provide a complete picture of information security for the customer.
Ultimately, the Symantec Security Program Assessment provides organizations with guidance on how to best apply their limited resources to raise the organization’s level of security maturity and meet their business needs.
Security operations management today is about protecting the business from evolving threats and vulnerabilities 24 hours a day, seven days a week. It’s about ensuring compliance with proliferating regulations and policies. And it’s about responding rapidly to all security incidents.
By evaluating the maturity of a security program against the Symantec Security Management Framework, the Symantec Security Program Assessment enables organizations to get a better understanding of their security posture. In particular, they will be in a position to identify strategic IT risk management priorities, develop a security program focused on enhancing their security posture, and align business and technology objectives.