RSA Risk Intelligence
Harness and Exploit Risk for
Competitive Advantage
RSA Security Summit
Amsterdam, Netherlands
May 8, 2014
Gennaro Scalo
Manager GRC, EMEA
© Copyright 2013 EMC Corporation. All rights reserved.
1
Are You a Fish Out of Water?
RISK LANDSCAPE…
OPPORTUNITY LANDSCAPE…
•
•
•
•
•
•
•
•
•
•
•
Global Economic Impact
Geopolitical Concerns
Expanding Regulations
Fraud/Ethics Violations
Cyber/Digital Threats
Disappearing Perimeter
Supply Chain Disruption
Emerging Markets
New Products/Services
Competitive Advantage
Customer Engagement &
Interaction
“We are moving to a world where risk management will become the primary source of competitive
advantage. Rather than avoiding risk, organizations need the ability to embrace risk.”
© Copyright 2013 EMC Corporation. All rights reserved.
2
We Need to Change our Approach…
Automate compliance, reallocate resources/budget to manage
risk, and proactively exploit opportunity
Governance
Proactive
Risk
Proactive
Compliance
Reactive
Reactive
Today’s GRC Focus
© Copyright 2013 EMC Corporation. All rights reserved.
Risk Intelligence
3
Risk Intelligence
Empowering organizations
to harness and exploit risk
 through better visibility,
 enhanced analysis, and
 improved metrics
to drive intelligent, stream-lined
actions; enabling the business to
move quickly and predictably
© Copyright 2013 EMC Corporation. All rights reserved.
4
Risk Intelligence Model
METRICS
© Copyright 2013 EMC Corporation. All rights reserved.
ANALYSIS
ACTIONS
5
Risk Intelligence Architecture
PROACTIVE
80%
REACTIVE
20%
RSA Archer Solutions
RSA Archer Platform
with “Big Data”
© Copyright 2013 EMC Corporation. All rights reserved.
Risk Intelligence
Opportunity
6
Benefits of a Risk Intelligence Approach
•
Better, more predictable
decision-making
Greater business
opportunity
•
•
•
•
•
Better business
performance
© Copyright 2013 EMC Corporation. All rights reserved.
•
•
Comprehensive Business
Context
Prioritized Decisions Based on
Impact
Predictable Outcomes
Embrace Known Risks to Exploit
Opportunity
Transition from Defense to
Offense
Improved Allocation of
Resources/Budget
Align Risk Objectives to
Business
Grow Opportunities
7
Planning Your Journey
Siloes
Managed
Advantaged
compliance focus,
disconnected risk, basic
reporting
automated compliance,
expanded risk focus,
improved analysis/metrics
fully risk aware, exploit
opportunity
Reduce
Manage
Gain
Identify
compliance cost
Known
resource
&&
unknown
risk visibility
risks
new business opportunities
Compliance
Risk
Opportunity
Maturity
© Copyright 2013 EMC Corporation. All rights reserved.
8
Solutions Across the Organization
LOB
Executives
Board
CIO &
CISO
Business
Operations
Managers
Business
IT
Risk Intelligence
IT Security Risk
Regulatory &
Corporate Compliance
Operational &
Enterprise Risk
Business Resiliency
Audit
Third Party & Vendor
Risk
Common Foundation
Silos
Managed
Advantaged
Maturity
© Copyright 2013 EMC Corporation. All rights reserved.
9