Public Sector sessions at Protect 2017
Public Sector sessions at Protect 2017 - Hewlett Packard Software Community
Government agencies face unique security challenges. Although all Protect 2017 sessions can help you address your end-to-end security needs, the content offerings in this track are focused on agency-specific experiences and best practices, presented by notable government speakers and highly qualified HPE experts.
Join us for the following Public Sector-specific sessions:
Protecting high-value government data, neutralizing breaches and insider threats
Terence Spies, HPE
Government agencies are increasingly challenged to protect their most valuable data. However, endpoint or network security can’t stop attackers alone, and malevolent insiders create additional risk. An effective solution lies in protecting the data itself across systems. Recent NIST security recommendations with FIPS validation make ground-breaking Format-Preserving Encryption (FPE) technology in SecureData available to “de-identify” sensitive data, rendering it useless to attackers, while maintaining usability and referential integrity for business processes and applications. FPE protects decades-old legacy systems and modern, advanced IT infrastructures alike with an innovative, data-centric approach to security that performs and scales for today’s demanding environments.
Application security testing – moving from compliance to security
Ray Letteer, U.S. Marine Corps
Scott Snowden, HPE
Historically, entities have focused on well-known security compliance requirements such as PCI, FISMA, NIST 800-53 v4 and the Application Security and Development STIG. Now, organizations are moving beyond strictly meeting compliance requirements and starting to make risk-based business decisions about what to remediate and where to allocate resources. We'll answer questions like: What processes, tools and metrics complement these decisions? What can be done to ensure that all programs regardless of project lifecycle state or development methodology are taking advantage of best practices to bake security into the development process? Also, hear a brief discussion of automating the Plan of Actions and Milestones (POA&M) process, continuous assessments and remediation.
Leveraging ArcSight cases for content development and change control
Charles Clawson, HPE
Jeff Bowmar, Department of Commerce
Has content management got you down? Too many cooks in the SOC kitchen? Broken rules never getting fixed? Correlation rules stale and stagnant? Leverage ArcSight cases to implement a content development life-cycle and change the interaction between analysts, system engineers and content developers from looking like a "Three Stooges" episode into an effective feedback hyperloop. In order to evolve into an intelligent security operations center, a development methodology needs to be adopted and followed across your security groups. Having a formalized development life-cycle is essential in driving products across the finish line. We will show you how to take these development best practices and incorporate them into your SOC dev workflow, all within ESM cases and 6 development phases implemented in the form of case folders. Within this cycle, analysts and system owners can create content requests, attach actual ESM base events and pass requests to engineering all without leaving ArcSight.
Managing intelligence: It's not just a feed
Justin Monti, MKACyber
Every day seems to bring more threat intelligence feeds, each claiming to help find a particular attacker or piece of malware. While information-sharing is an important step in empowering network defenders, it must be done sensibly. Having a larger pile of indicators does not automatically make the network more secure or the security team more effective. Threat intelligence must be managed to be effective. To understand the context of a hit, indicators must be linked to reporting and tied to the analytic use case. Mapping external threat intelligence to your internal threat model is key. Analysis is needed to ensure that intelligence is relevant to the organization and aligned to the security tooling available. In this session, we will show the importance of this management and discuss methodologies for effective management and organization of threat intel.
Click here to learn more about Protect 2017! It begins on September 11th--register now!
Follow the hashtag, #Protect17, to keep up with all things Protect!