the it risk environment and data analytics
play

The IT Risk Environment and Data Analytics Parm Lalli Director, - PowerPoint PPT Presentation

Oct 29, 2023 •516 likes •853 views

The IT Risk Environment and Data Analytics Parm Lalli Director, Focal Point Data Risk, LLC Parm Lalli Director, Data Analytics Focal Point Data Risk, LLC Parm is a Director with Sunera and leads our national Data Analytics practice. Parm has

  1. The IT Risk Environment and Data Analytics Parm Lalli Director, Focal Point Data Risk, LLC

  2. Parm Lalli Director, Data Analytics Focal Point Data Risk, LLC Parm is a Director with Sunera and leads our national Data Analytics practice. Parm has over 14 years of data analytics, audit, and controls experience with Sunera and other IT consulting firms, and is widely considered a leading data analytics practitioner in North America. Parm’s data analytics expertise includes vast experience with various Computer-Aided Audit Tools (CAATs), leading and performing data analytics and developing continuous controls monitoring (CCM) applications for many business processes. His experience also includes installing, implementing and configuring ACL Analytics Exchange, and providing training on all aspects of data analytics, from basic functionality to complex scripting and controls monitoring. Parm’s 16 years’ experience with ACL Software includes six years working at ACL. During Parm’s time at ACL, he led the development of analytics for ACL’s CCM solution. These analytics covered risks associated with accounts payable, travel and entertainment, general ledger, order to cash, procurement, human resource and payroll. Once the analytics were developed, Parm led consulting projects for ACL clients where he implemented the analytics and assisted clients with the development and maturation of the data analytics and CCM programs. Parm has also worked at PricewaterhouseCoopers in the Advisory group where he performed Revenue Assurance consultancy with the Telco Industry. Parm also have extensive experience with other data analytics tools and applications such as TOAD for Oracle & SQL Server, Arbutus, and Alteryx. In addition to his data analytics focus, Parm’s background is IT audit focused, having provided services related to IT general controls, application controls, internal audit, IT risk assessment, process improvement advisory, operational audit and Sarbanes-Oxley Act (SOX). Parm has also been involved with conducting vulnerability assessments and penetration testing for clients. Parm is a Certified Information Systems Auditor (CISA) and ACL Certified Data Analyst (ACDA). 2

  3. OBJECTIVES ▶ Raise awareness of the contribution data analytics can make to mitigate risks in IT ▶ Identify key risk areas that can be tested with data analytics tools ▶ Describe data analytics tests for key high-risk areas 3

  4. AGENDA ▶ Why data analytics for IT? ▶ Risks to mitigate ▶ Specific risk areas ▶ Data Analytics for Cybersecurity ▶ Proactive security monitoring 4

  5. Why data analytics for information technology?

  6. 2014 Data Breach Statistics ▶ $3.8 million per organization* ▶ $154 per record* ▶ Increases in ▸ Cyberattack frequency ▸ Remediation costs ▸ Business impact ▸ Detection/escalation costs * IBM/Ponemon 2015 Cost of Data Breach Study 6

  7. The Environment ▶ High-risk area ▶ Abundance of data ▶ Multiple platforms/formats ▶ Complex ▶ Decentralized ▶ Proliferation of unencrypted devices 7

  8. DA enables… ▶ High-frequency automated testing ▶ Development of metrics ▸ Operational performance ▸ Call centers ▸ Cybersecurity ▶ Close to real-time monitoring/reporting of risks ▶ Comprehensive overview 8

  9. Output ▶ Dashboarding of trends/metrics ▶ Drill-down capabilities for supporting data ▶ User-friendly formats 9

  10. Risks

  11. Risks ▶ Unauthorized activity ▶ Loss of revenue ▶ Data corruption ▶ Data leakage (accidental) ▶ Data theft (intentional – internal or external) ▶ System downtime ▶ Loss of confidentiality ▶ Erosion of process integrity ▶ Decreased performance ▶ Malfunctioning hardware 11

  12. Risk Areas

  13. Key Risk Areas ▶ Access ▶ Change logs ▶ Segregation of duties ▶ Change management ▶ Physical access ▶ General Computer Controls/ITGC ▶ Application controls ▶ Improper user of company assets (Policies) 13

  14. Access ▶ Elevated access review ▶ Usage of Admin/Super user accounts ▶ Compare access to position description ▶ Compare to previous review results ▶ Flip flop access privileges ▶ Segregation of duties ▶ Access to contractors ▶ HR payroll records vs Active Directory user listing 14

  15. Change Logs ▶ Review major changes ▶ Identify change/reversion (“flip-flop”) ▶ Frequency distribution by individual or department ▶ Audit logs for application and database changes 15

  16. Change Management ▶ Compare to ITAF standards ▶ Proper categorization ▶ UAT results ▶ Test all environments to ensure proper change management (Dev, Test, Prod) ▶ Use DA tools for Code Review ▶ SOX controls for Vendor Master / Customer Master changes 16

  17. Physical Access ▶ Review entries/exits to data centers (who) ▶ Review entry times vs exit times (duration) ▶ Cross-reference with HR data for departing employees ▶ Compare against logs for suspect events ▶ Review temporary access passes for approvals ▶ Review failed attempted access logs 17

  18. General Computer Controls/ITGC ▶ Configuration vs Policies ▸ Default accounts ▸ Passwords ▸ Inactivity ▸ Failed logins ▸ Time out settings ▶ Security ▸ Firewall configuration settings/changes 18

  19. Application Controls ▶ Password settings ▶ Account settings ▶ Time out settings ▶ User access reports (compare time periods) Compare all of the above with policies and procedures 19

  20. Applications ▶ Active Directory ▶ UNIX ▶ Mainframe ▶ Oracle ▶ Other Databases ▶ HRMS 20

  21. Security Incident & Event Monitoring ▶ SIEM tools in IT ▶ Great at collecting information & analyzing information ▶ Misconfigured SIEM tools. ▸ Tools are only as good as how they’re configured ▶ SIEM tools normally configured for: ▸ Excessive login attempts ▶ Privileged escalation missed ▸ cross reference with authorization data 21

  22. Data Analytics for Cybersecurity

  23. Analytics and Cybersecurity ▶ Measure IT Risk across the organization ▶ Data is very disparate and complex ▸ Big data – variable, volume, velocity ▶ Data can be very big – Log files events ▶ Use data analytics to normalize, harmonize, structure data 23

  24. Data to collect ▶ Installed application – what applications are users installing? ▶ Virus / Trojan data should be captured ▶ What systems / applications do users have access to? (IAM) ▶ IT Infrastructure ▸ servers, workstations, applications, etc. 24

  25. Data to Monitor ▶ Monitor what is being browsed on the internet ▸ Help identify sites being visited that can cause virus infections ▶ Gather information on virus infections that occur – when, where, how ▸ Is training required in certain departments or sites ▶ Is your Intellectual Property being leaked? ▸ What sites, by who, how much data? ▸ Shut down code sites like (Github) 25

  26. Data analytics monitoring ▶ Identify, quantify, rank, and prioritize your risk ▶ Develop Risk scores ▸ Uses risk scores to identify the norm so the abnormal jumps out ▶ Employees in similar departments / roles are normally the same ▸ Figuring out their patterns or behaviors is important ▸ Collecting this data can help identify the internal hackers, negligent users and opportunities to mitigate RISK ▶ Internal hackers will eventually give themselves away. Just need to make sure we are watching / monitoring the correct data 26

  27. Proactive Security monitoring

  28. DA Tools for IT ▶ Standard data analytic tools ▸ Alteryx, ACL, Arbutus, IDEA ▶ PowerShell ▸ Scripts to access Active Directory ▸ Run through EXECUTE & RUN commands ▸ Creates CSV (or other formats) files to import into above tools ▶ Forensic Software for data examination (emails) ▶ Cyber Security tools 28

  29. Proactive Security Monitoring ▶ Login Velocity – logging into multiple assets from a single source ▶ Previously Unseen Origin – Remote logging in from a location not previously seen ▶ Previously Unseen Process – Identify a previously unseen process running on critical machines ▶ Impossible Traveler – logging in from different locations that can not be achieved through normal travel means ▶ Cross User Login – same user account being logged on to multiple assets at the same time 29

  30. Proactive Security Monitoring con’t • Non-Badged User Login – identifying when an on-site login does not have a corresponding badge entry into the building • Proxy Beaconing – looking for machines reaching out to uncommon domains and IP’s • Timewheel – identifying machines performing beaconing during hours of the day when the user or system isn’t typically active. • Snowflake – analysis to find process/software that has not been seen in the environment before, across the fleet • Concerning Connections – assess network data to automatically generate network maps from which undesired, or unexpected, connections can be identified. 30

  31. The End ▶ Questions / Comments? 31

  32. Parm Lalli Director 949-204-4550 plalli@focal-point.com www.focal-point.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Innovation, data science & risk in healthcare Bern Shen MD HISA Health Data Analytics

Innovation, data science & risk in healthcare Bern Shen MD HISA Health Data Analytics

Innovation, data science & risk in healthcare Bern Shen MD HISA Health Data Analytics Brisbane 11 Oct 2017 Policies & interventions Biology Physical Social Individual environment environment Behavior Technology Access to

736 views • 30 slides
Maximizing the Value of Data Analytics for Operational Risk Intelligence Don't just do data

Maximizing the Value of Data Analytics for Operational Risk Intelligence Don't just do data

Maximizing the Value of Data Analytics for Operational Risk Intelligence Don't just do data analytics. Transform data analysis activities into ORM programs. Presented by: Sergiu Cernautan, CPA, CISA; Director of GRC Strategy, ACL Services, Ltd.

740 views • 36 slides
APPLYING BIG DATA ANALYTICS (BDA) TO DIAGNOSE HYDRO- METEOROLOGICAL RELATED RISK DUE TO CLIMATE

APPLYING BIG DATA ANALYTICS (BDA) TO DIAGNOSE HYDRO- METEOROLOGICAL RELATED RISK DUE TO CLIMATE

APPLYING BIG DATA ANALYTICS (BDA) TO DIAGNOSE HYDRO- METEOROLOGICAL RELATED RISK DUE TO CLIMATE CHANGE MOHD ZAKI M AMIN National Hydraulic Research Institute of Malaysia Ministry of Natural Resources & Environment OCT . 19, 2016 OVERVIEW

739 views • 32 slides
Unifying Front Office and Risk Analytics qCon London 2011 Friday, 11 March, 2011 Kirk Wylie -

Unifying Front Office and Risk Analytics qCon London 2011 Friday, 11 March, 2011 Kirk Wylie -

Unifying Front Office and Risk Analytics qCon London 2011 Friday, 11 March, 2011 Kirk Wylie - CEO, CTO Jim Moores - Head of Platform Development Financial Analytics Computational Data Analytics Analysis of large-scale Analytics data sets

986 views • 21 slides
Machine Learning Track Data Analytics, Machine Learning and HPC in todays changing

Machine Learning Track Data Analytics, Machine Learning and HPC in todays changing

Intel HPC Developer Convention Salt Lake City 2016 Machine Learning Track Data Analytics, Machine Learning and HPC in todays changing application environment Franz J. Kirly (practical) An overview of data analytics DATA Scientific

550 views • 27 slides
Metrics That Matter Security Risk Analytics Katy Loughney , Director of Risk Analytics, West -

Metrics That Matter Security Risk Analytics Katy Loughney , Director of Risk Analytics, West -

| Smart Metrics, Intelligent Decisions Metrics That Matter Security Risk Analytics Katy Loughney , Director of Risk Analytics, West - Brinqa March 14 th , 2014 What Matters to CIOs?

376 views • 23 slides
Advancing Analytics: Putting Risk Analytics to Work For Your Business Sponsored By: Advancing

Advancing Analytics: Putting Risk Analytics to Work For Your Business Sponsored By: Advancing

Advancing Analytics: Putting Risk Analytics to Work For Your Business Sponsored By: Advancing Analytics: Putting Risk Analytics to Work For Your Business Visit www.advisenltd.com at the end of this webinar to download: Copy of these slides

269 views • 22 slides
Seeing the Future: Using Predictive Analytics to Gain an Advantage in the Changing Environment

Seeing the Future: Using Predictive Analytics to Gain an Advantage in the Changing Environment

Seeing the Future: Using Predictive Analytics to Gain an Advantage in the Changing Environment Why is this important? Proper and proportionate allocation of resources is more important than ever! Data Data used for the analysis:

479 views • 27 slides
Predictive Simulation & Big Data Analytics ISD Analytics Predict a better future

Predictive Simulation & Big Data Analytics ISD Analytics Predict a better future

Predictive Simulation & Big Data Analytics ISD Analytics Predict a better future Overview Simulation can play a vital role in the emerging $billion field of Big Data analytics to support Government policy and business strategy

607 views • 31 slides
ARABLE Arable is a data analytics company that reduces risk throughout the agricultural supply

ARABLE Arable is a data analytics company that reduces risk throughout the agricultural supply

ARABLE Arable is a data analytics company that reduces risk throughout the agricultural supply chain . 2 Journey in measuring climate and plants 3 Acoustic Disdrometer: Real-Time Precipitation 4 Real-Time Monitoring of Changing Vegetation 5

1.08k views • 20 slides
Louise Francis, FCAS, MAAA CAS 2012 RPM Seminar Francis Analytics and Actuarial Data Mining, Inc.

Louise Francis, FCAS, MAAA CAS 2012 RPM Seminar Francis Analytics and Actuarial Data Mining, Inc.

Louise Francis, FCAS, MAAA CAS 2012 RPM Seminar Francis Analytics and Actuarial Data Mining, Inc. www.data-mines.com Define systemic risk Discuss potential impact of systemic risk on Professional Liability Present a new tool that can

435 views • 27 slides
Voter Analytics IRIS Fall Meeting Toronto September 22, 2017 Content Market Environment }

Voter Analytics IRIS Fall Meeting Toronto September 22, 2017 Content Market Environment }

Voter Analytics IRIS Fall Meeting Toronto September 22, 2017 Content Market Environment } Analytics at EMC } Voter Analytics } Florida Case Study } Role of Research in Analytics } IRIS Presentation | 2 Market Environment Traditional

446 views • 30 slides
Visual Analytics in Risk-Based Monitoring (RBM) of Clinical Trials www.i-review.com Jreview Intro

Visual Analytics in Risk-Based Monitoring (RBM) of Clinical Trials www.i-review.com Jreview Intro

Visual Analytics in Risk-Based Monitoring (RBM) of Clinical Trials www.i-review.com Jreview Intro Visual Analytics tool developed specifically for reviewing clinical data Intuitive user interface to perform safety and efficacy review

509 views • 19 slides
Best Practices in Credit Portfolio Risk Management for Buy-side Managers Moody's Analytics Risk

Best Practices in Credit Portfolio Risk Management for Buy-side Managers Moody's Analytics Risk

Best Practices in Credit Portfolio Risk Management for Buy-side Managers Moody's Analytics Risk Practitioner Conference October 17 th , 2012 David Latour Caisse de dpt et placement du Qubec Senior Adviser, Quantitative Risk Analysis

716 views • 30 slides
Analytics (9:55-10:15am) Break Research Opportunities in Location, Analytics, Big Data and GIS

Analytics (9:55-10:15am) Break Research Opportunities in Location, Analytics, Big Data and GIS

LOCATIONAL ANALYTICS AND BIG DATA: FOUNDATIONS, EMERGING APPLICATIONS AND RESEARCH Overview of Spatial Big Data and Analytics (9:10-9:55am) Applications and Examples of Spatial Big Data and Analytics (9:55-10:15am) Break Research

739 views • 24 slides
Data Mining & Analytics Data Mining Reference Model Data Warehouse Legal and Ethical Issues

Data Mining & Analytics Data Mining Reference Model Data Warehouse Legal and Ethical Issues

Data Mining & Analytics Data Mining Reference Model Data Warehouse Legal and Ethical Issues Slides by Michael Hahsler Data Mining & Analytics Analytics is the discovery and communication of meaningful patterns in data. Analytics

687 views • 19 slides
NaviSite Best Prac.ces for Business Con.nuity and Disaster

NaviSite Best Prac.ces for Business Con.nuity and Disaster

SEPTEMBER 4, 2014 NaviSite Best Prac.ces for Business Con.nuity and Disaster Recovery DANIEL SCOTT CLAYTON SENIOR SOLUTIONS ARCHITECT NAVISITE, WESTERN REGION A Time Warner Cable Company Agenda

140 views • 12 slides
Geotechnical Monitoring of the Excavation for the Transbay Transit Center Citizens Advisory

Geotechnical Monitoring of the Excavation for the Transbay Transit Center Citizens Advisory

Geotechnical Monitoring of the Excavation for the Transbay Transit Center Citizens Advisory Committee - March 13, 2012 Stephen McLandrich Instrumentation Plan Instrument Types Data Distribution Data Interpretation and Actions

251 views • 12 slides
Scalable, Integrated Software Simplifying I4.0 Adoption Simon Osborne sosborne@control2k.co.uk

Scalable, Integrated Software Simplifying I4.0 Adoption Simon Osborne sosborne@control2k.co.uk

Scalable, Integrated Software Simplifying I4.0 Adoption Simon Osborne sosborne@control2k.co.uk Digital Manufacturing Challenges Valuable sources of data on the shopfloor but no unified approach to access, store and analyse Describing

270 views • 13 slides
ASSURANCE: LESSONS LEARNED Salt Lake City, 5 February 2015

ASSURANCE: LESSONS LEARNED Salt Lake City, 5 February 2015

Patrick Lynch presents ASSURANCE: LESSONS LEARNED Salt Lake City, 5 February 2015 PerpetualStorage.com WHAT ARE WE AFRAID OF? WHAT ARE WE GUARDING AGAINST? Natural Disasters Man Made

367 views • 8 slides
A Data Warehouse-based A Data Warehouse-based Gene Expression Analysis Gene Expression Analysis

A Data Warehouse-based A Data Warehouse-based Gene Expression Analysis Gene Expression Analysis

A Data Warehouse-based A Data Warehouse-based Gene Expression Analysis Gene Expression Analysis Platform Platform T. Kirsten, H.-H. Do, E. Rahm University of Leipzig, Germany www.izbi.de, dbs.uni-leipzig.de Current Activities and Selected

365 views • 22 slides
An Overview of Data Warehousing and OLAP T echnology What is a data warehouse? A

An Overview of Data Warehousing and OLAP T echnology What is a data warehouse? A

An Overview of Data Warehousing and OLAP T echnology What is a data warehouse? A multi-dimensional data model Data warehouse architecture Data warehouse implementation lecture 2 1 What is Data Warehouse? A decision support

488 views • 35 slides
PRESENTATION TITLE Data Warehouse Quality Testing Afshin Karimi Sunny Moon Institutional

PRESENTATION TITLE Data Warehouse Quality Testing Afshin Karimi Sunny Moon Institutional

PRESENTATION TITLE Data Warehouse Quality Testing Afshin Karimi Sunny Moon Institutional Research & Analytical Studies CSU Fullerton 2016 CAIR Conference - Los Angeles, CA 11/17/2016 Why Do We Need Data Warehouses? Definition : Large

340 views • 19 slides
Financial Data Financial Data Warehouse Warehouse Some day, on the corporate balance sheet,

Financial Data Financial Data Warehouse Warehouse Some day, on the corporate balance sheet,

3/17/2016 Financial Data Financial Data Warehouse Warehouse Some day, on the corporate balance sheet, there will be an entry which reads "Information"; for in most cases, the information is more valuable than the hardware

252 views • 12 slides

More recommend