1 / 10

GE Global Infrastructure Services

Explore guiding principles and data structures for effective security metrics automation and reporting. Enhance surveillance, threat detection, and vulnerability management for optimal cybersecurity. Measure business specifics, manage alerts, and drive strategic decision-making.

stevenstone
Download Presentation

GE Global Infrastructure Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. GE Global Infrastructure Services Security Metrics Automation Brad Freeman GIS Security Services August 7, 2007

  2. Some guiding principles… • Simple • Simple, intuitive user interface – standard APIs for data collection • Clear, actionable reports – scorecards, charts, trend reporting • Flexible • Able to handle diverse sources of input • Adapts easily to organizational and policy changes • Hierarchical • Data roll-up to corporate level, sub-business “drill down” • Role-based delegation of administration – scalable architecture

  3. GE Security Metrics Process XML Metrics Submission Cisco Netflow DEFECTS AV, HIDS, NIDS Suspect Management Suspects Summary Reports Manual Inputs Defect Summary WSUS/EBR DB/SIM Opportunity Summary Detail Reports Vulnerabilities Vuln Scan Defect Detail Manual Inputs Executive Dashboard Assets Opportunity Detail Asset Mgmt E-mail Reports Discovery Scan OPPORTUNITIES Subnet Discovery Subnet Inventory Manual Inputs

  4. JDBCs Datasets GE Security Metrics Reporting Future Security Information and Event Management SIM Security Dashboard Security Metric Summary Reporting Suspect List Threat/Vulnerability Detail Reporting Manual Data Entry Subnet Inventory • GE Policy Metrics • Controllership Metrics • - Business-specific Metrics • - Cisco Net Flow Alerts • AV/HIDS/NIDS Alerts • Scan Vulnerabilities • Manual Data Entry Process automation opportunity!

  5. GE Security Dashboard Business Drill Down Export to PDF Comparative Views Trend Charts Executive Summaries Compliance Metrics

  6. Clearpoint Metrics Overview • Metrics Accelerator has three installable software components: • Metrics Studio – to create, customize, test, deploy, and manage metrics • Metrics Publishing Server – for communication of metric results via existing enterprise facilities such as portals, email and intranets. • Metrics Production Server – for automating the collection, calculation, and communication of metrics on an enterprise scale Create Calculate Communicate Courtesy of Clearpoint Metrics, Inc.

  7. Metrics Data Structures * Nested MDP or other data source MDP = Metrics Description Package. An XML document that is the “building block” of our scorecards. Describes data source, data manipulation and update frequency. SDP = Scorecard Description Package. An XML document that describes the presentation layer of the metrics views. Access policy is mapped to business-level scorecards.

  8. Metrics Data Collection Model MDP MDP MDP Centralized Data Collection (e.g. ITAM, centralized scans) Distributed Data Collection (e.g. Manual Data Entry) MDP = Metrics Description Package Courtesy of Clearpoint Metrics, Inc.

  9. Things to consider… What are we measuring? Beware of poorly defined metrics and poor measurement systems Garbage in, gospel out! Why are we measuring it? Address the “so what” factor – tie metrics to business benefits Know your audience – what behavior are we trying to change? How are we measuring and reporting it? Manual data collection vs. automation Clear, actionable reports – comparative views, communication plan

  10. Questions? Brad Freeman, GE Security Services Leader brad.freeman@ge.com

More Related