Page 1

information management and security

Key Challenges   

Managing Information A structured approach towards addressing information management challenges is immediately needed


Old Criteria

Paradigm Shift


Paradigm Shift in Security & Risk Management


Events Logs

Millions ƒRaw event data ƒDistributed ƒHeterogeneous

Event Management Event Management 9 Explicit event  collection &  Log Analysis

Events Events Threats Threat Analysis

Incidents Threats

I id t Incidents

Thousands ƒRelevant Events

egov / / September 2011

aspects appropriately so that the security of our information assets is not compromised.

Key Challenges There are four sets of challenges that we need to address in order to put in place an effective information management system. Managing datasets is the first challenge. We need to manage different datasets that need to be integrated. The present egovernance model talks of more and more public facing systems that can increase transparency and reduce costs besides creating trust among the people. In order to ensure reliable service delivery, there is a critical need to manage data, guard against unauthorised intrusions and create audit trails that can help in forensic analysis of any untoward event. The next challenge is a macro-level view of risk management in governance. While the RBI has mandated corporates to adopt risk management and corporate governance norms under Clause 49, the risk management


• Com chan • Defi Secu rem


• Pres evall • Ther acce • Own

Multi Enviro

Hundreds ƒPrioritized lists ƒActionable items

Key Challenges

New Criteria Mandatory  • Mandatory • Competitive Advantage • Proactive • Risk Driven  • On‐Demand 

ss Based

Log Archival

Security Data

Reporting & Forensics Incident Response


• Optional • Health of Business • Reactive  • Meet Regulation • On‐Premises 

9 Intelligent Down  S Stream  Suppression

Structured Process

he principle of PDCA (Plan, Do, Check and Act) is an important paradigm In information management and security. Although a lot of work has gone in planning and evolving policy structures for egovernance, implementation can only be as successful as the strength of the monitoring mechanism. We thus need to strengthen our monitoring abilities to manage information and ensure security of data in a more robust and effective manner. Challenge for Indian security environment is largely coming from the threat of loss of reputation that arises from attack on websites that are your public face. About 270 Indian official sites have been hacked in recent times. So far, we have not really tried to undertake forensic analysis of the incidents and close the loopholes. With the changing forms of attacks, we need to be &Risk Management    proactive and deal with policy and administrative


Data Management

Noise Reduction

Correlation &  Visualization

By Arvind Mehrotra, President APAC,

s Critical ies ‐‐ Apps ies 

Intrusion Protection

framework in governments is still weak. I am yet to come across any govt in India that has adopted an ISMS (Integrated Security Management Policy) policy. This needs to be addressed on a priority basis. The third challenge is that as we adopt ICT in governance, we are increasingly deploying multiple sets of technology without knowing exact roles of each set. Consequently, there might be multiple systems performing the same function. In the absence of a data analysis engine that can collate and analyse data across systems, and manage the dataset, this might go undetected. In addition, in the absence of a centralised analytics system, the information being generated from diverse deployments often goes unutilised. This too needs to be addressed. Lastly, we also need to address the absence of proper controls and an assessment and risk mitigation strategy. At present, there is no process that can judge the performance of a technology deployment against pre-defined performance criteria and against its adherence to policy guidelines. There is similarly no proper framework to analyse whether or not the technology is able to adequately protect the data assets. All this needs to change. The earlier model of governance working in unconnected silos is being replaced by a new paradigm of interconnected applications and integrated datasets. We now need a process view that addresses all issues in an integrated manner. A Security Operating Centre dealing with security incident management services and adoption of the CTO/CIO model in governments for better management of our information assets need to be adopted with urgency.

• A on wide • Diffe envi

Insuff Risk M

• Insu I susc • Ther cont

eGov-Sept-2011-[32]-Managing Information-Arvind Mehrotra  

Hundreds Thousands New Criteria •Mandatory Mandatory •Competitive Advantage •Proactive •Risk Driven •On‐Demand I id tIidt Mana Millions Mill...

Read more
Read more
Similar to
Popular now
Just for you