Measure, Manage, and Win How A Multi-Billion Dollar Company Insourced Security in Less than Six Months Introductions  SAIC – Jonathan Jowers  CyberSheath – Mark Walsh #RSAsummit © Copyright 2014 EMC Corporation. All rights reserved. 2 The Situation Company split Outsourced to insourced Building a security organization #RSAsummit © Copyright 2014 EMC Corporation. All rights reserved. 3 Building a Security Organization  Focused projects based on NIST and the SANS 20 CSC  Phase 1  Archer Deployment and Development, SOX Compliance, Incident Response, Vulnerability Management, ISO Certification  Phase 2  Enhanced Monitoring, Application Security, Security Configuration and Hardening, Forensics & Malware, DIB enrollment /deployment #RSAsummit © Copyright 2014 EMC Corporation. All rights reserved. 4 Selecting Archer as the Solution  Not an IT Solution just for IT  Needed a solution that could serve as the “Single Source of Truth” for Security #RSAsummit © Copyright 2014 EMC Corporation. All rights reserved. 5 Metrics and Reporting  Meaningful and Actionable Reporting  Archer presents appropriate metrics based on role  Real-time and always up to date – Less time creating static reports  Key metrics: – Incident Response – SOX Compliance – Vulnerability Management © Copyright 2014 EMC Corporation. All rights reserved. #RSAsummit 6 Results Before After Lack of effective communication Positive Feedback from the business Security had minimal governance over security processes managed by IT Security integrated with all aspects of IT Over 35 security tools Significant security tool reduction to 23 tools Expensive Outsourced Security Significant Cost Savings: Outsourced vs Insourced #RSAsummit © Copyright 2014 EMC Corporation. All rights reserved. 7 THANK YOU