With the adoption of services in the Cloud, organisations inevitably lose control on their IT and might lack the critical information required to assess a variety of (business, performance and security) risks.
Traditional approaches based on SLAs and contractual agreements only partially address the above issues, as they provide only a “predefined” and static “view” of the situation which does not cope well against fully dynamic, ever changing IT operations and threat landscapes.
In this context, enabling more dynamic, controlled information sharing in the Cloud is key to improve situational awareness and address the above issues. This involves dealing with tension points between information sharers and sharees (about what to share, why to share, how to control information flows, etc.) along with trust and assurance issues ...
When dealing with big data (inclusive of hybrid and unstructured one), it is very hard to understand the implications and impact of defining (security, business, sharing, privacy, etc.) policies on this data.
Which data is actually affected by the policies? Are these policies comprehensive? Are there corner cases that are not covered? Further complexity is introduced by the fact that analytics can be performed on big data, whose outcomes and implications are unknown at priori, as well ...
In a previous blog post of mine I introduced our HPL/HP work on the Security Intelligence-as-a-Service (SILAS) solution and the fact we achieved an important milestone, in collaboration with HP business groups: a full working implementation is available.
Thanks for your questions. I am providing some additional details. The SILAS solution can now be showcases to HP customers and (potential) business partners.
As previously mentioned, SILAS consists, at the very base, of an Analytics Technology that provides: statistical analysis of data; predictions based on simulations.
There is currently a major gap in organizations’ security lifecycle management processes. On the one hand, organizations carry out strategic, long-term risk assessment activities - at the business level - to identify threats and mitigate them with suitable policies and controls. This involves periodic re-assessment of their security investments. On the other hand, they heavily invest in monitoring and Security Information and Event Management solutions (SIEM - e.g. HP ArcSight) to collect information from their IT infrastructure, for compliance and governance purposes. However information gathered at this level is seldom leveraged for higher-level strategic security risk assessment, except by means of expensive and manual processes. It is primarily used at the IT Operational levels. There is increasing demand for better integration and simplification of these processes in order to maximize investments and improve the overall risk assessment.
This gap is even more evident in the context of managed services and/or disaggregated IT in the Cloud, where the organisation further loses control on their IT along with related information flows. SILAS aims at addressing this gap ...
In the context of the HPL Safe Cloud project, I have been working on an HP Labs R&D demonstrator, jointly with HP businesses, to illustrate:
- Next generation Business Operation Centers in Disaggregated IT scenarios, i.e. where an organisation relies on service providers (SaaS) and infrastructure providers (IaaS) in the Cloud to run their IT operation
- Information Sharing as a key requirement for the organisation to improve its (security, business, etc.) situational awareness, now that it has not anymore control over their IT operations- issues and trade-offs involving information sharing, involving the company and the other stakeholders, including SaaS and IaaS providers
- Next generation war rooms
- Our vision in the areas of Safe Cloud and controlled information sharing
We have achieved an important milestone: a full working implementation is available. Additional details and a few screenshots of the public, R&D version of the demonstrator are available online.
This demonstrator is now available and can be shown to HP customers and business partners. Below I attach, as example, a screenshot ...
As discussed in previous posts, our HPL Security Intelligence-as-a-Service (SILAS) solution consists, at the very base, of R&D Analytics Technology that provides: statistical analysis of data; predictions based on simulations.
We now have achieved an important milestone in collaboration with HP business groups: a full working implementation is available.
Additional details and a few screenshots of the public, R&D version of SILAS are available online. Below I attach a screenshot of the SILAS main dashboard ...