Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

Size: px
Start display at page:

Download "Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC."

Transcription

1 Experience the commitment WHITE PAPER Information Security Continuous Monitoring Charting the Right Course May 2014 cgi.com 2014 CGI GROUP INC.

2 During the last few months of 2013, six federal agencies were hacked, their networks exposed and their credentials stolen. There is no knowledge of the total amount of time these networks were compromised. Industry reports indicate that network attack remediation can take over 80 days, leaving agencies exposed. A January 2014 Worldwide Threat Assessment ranks cybersecurity as the number one threat to global stability. Hacking, malware, DDOS attacks, insider threats and other criminal activities are on the rise; agencies must be prepared. Federal agency data is especially attractive. It can be used to conduct fraud, surveillance on citizens & agency employees or steal information. It could simply be a feather in the cap of a hacker looking to make a statement that he infiltrated a U.S. federal agency s defenses. As these attacks increase, it is critical that agencies know where their most important data is, as well as the health status of their network. Today, nearly all of an agency s mission-critical functions depend on safe and secure information technology systems. With cyber threats constantly evolving and growing at an exponential rate and an increased reliance on technology to deliver core services in government, a robust cyber defense is vital. Government leaders have recognized the need for a modified approach in protecting the nation s cyber infrastructure. Last fall the Department of Homeland Security (DHS) announced the launch of a new contract the Continuous Diagnostics and Mitigation program (CDM). The tools and services delivered through this program will provide federal agencies and state, local & tribal governments with the ability to: Enhance and automate existing continuous network monitoring capabilities Correlate and analyze critical security-related information Bolster risk-based decision making at the agency and federal enterprise level. This capability will allow agencies to manage and secure their network and assure their security posture. This paper provides key steps for an agency to identify its best CDM strategy and best practices for program implementation. 1

3 Locking in the Right Strategy Definition of CDM Information security continuous monitoring is defined as maintaining ongoing awareness of information security, vulnerabilities, and threats to support organizational risk management decisions. The objective is to conduct ongoing monitoring of the security of an organization s networks, information, and systems, and respond by accepting, avoiding/ rejecting, transferring/ sharing, or mitigating risk as situations change. NIST Special Publication Draft December 2010 Managing, implementing and operationalizing CDM is about process and methodology not just technology. It provides the coordination of software and hardware to keep an agency s security posture strong, reducing the likelihood of a successful breach, while providing peace of mind to business customers that their most sensitive data is as secure as possible. CDM provides insight into how critical technology is performing and where it is not. This provides the opportunity to identify areas of high risk and a new-found ability to react to changing situations. With the constant presence of cyber intrusions, advanced persistent threats and insider threats, agencies must maintain a constant awareness of their enterprise security status to quickly and effectively respond to external and internal threats. Manual processes based on compliance do not respond quickly enough to mitigate an everchanging threat. Automated and integrated surveillance of the agency network and the analytics to identify the most critical areas of vulnerability are needed to counter this challenge. Before laying out a plan to deploy CDM, here are some things to consider: 1 What assets require protection? 2 Who is the business owner of this data? 3 What level of protection is needed? 4 How might an asset be compromised? 5 What is the impact if protection fails? 6 What is being done today (and what is not)? Continuous Monitoring Process 2

4 Step 1 FIND THE GAPS The ability to identify gaps and determine areas of vulnerability are key to a successful strategy. What is in place today that is effective? What could be improved? Do current processes allow for future growth and scaling to meet demand? In a recent report, CSIS found that CDM stops 85 percent of cyber attacks by searching for, finding, fixing and reporting the worst cyber problems first in near real time. James Lewis Raising the Bar for Cybersecurity CSIS 2013 Recommendations Identify systems already in use that can be applied to the CDM program. Many of the security and operational tools agencies use to manage networks will likely be part of the overall continuous monitoring solution. Identify gaps in coverage for these systems and plan to expand their use across the entire agency. Ensure key personnel understand roles and responsibilities. Teams must have clear guidance on which controls they need to monitor. Ensure crossteam communication so that vulnerabilities can be tracked. Develop (or enhance) an enterprise-wide risk management process. Continuous monitoring requires the creation of a new risk management process for the organization or enhancement of an existing one. Start by considering the highest risk systems and then create templates for defining system-level risks and mitigation actions for these systems. NIST Risk Management Framework

5 Step 2 Given the complexity of information systems and networks, some ways to organize and monitor a system might include: Local computing environment, specific components of the network Agency network boundary, the area where information enters or leaves the organization Network and infrastructure, both of which provide connectivity across the agency IT infrastructure, the tools and technologies used to provide security enabled services IDENTIFY THE MOST IMPORTANT DATA Assess the most critical data in the organization, where it sits and who has access to it. Concentrate the CDM program here and develop an iterative implementation approach across the organization. Do not make the mistake of trying to apply CDM to the entire organization all at once. Such a tendency is not effective, strains resources and runs the risk of vital data remaining open to attack. The plan can be implemented across the network after the top priorities are secure. In the end it is the data being protected, so the agency s data is a key component of the CDM program. Work with agency stakeholders to build understanding of the current risks associated with their data (who and what technology has access) and how CDM will help. This will create opportunities for greater buy-in among these important stakeholders. Defense in Depth A way to identify and protect the most important data is a method called Defense in Depth This model is designed to provide a layered defense in the network. By seeking to delay rather than prevent the advance of an attacker by yielding space in order to buy time. Multiple layers of defense prevent direct attacks against critical data and systems. This will not only prevent security breaches, but also buy an organization time to detect and respond to an attack. Source: Information Security Continuous Monitoring Working Group, October

6 1 CDM resources from around the web This report provides a quick overview of the CDM program, but there are a lot of great resources around the web describing the program as well. DHS Press Release: https://www.dhs. gov/blog/2013/08/13/ major-step-forwardbetter-protectingfederal-state-andlocal-cyber-networks GSA Contract Announcement: Four best practices for implementation UNDERSTAND THE BUSINESS AND TECHNICAL VALUE The technical value of CDM is clear. It improves monitoring abilities, provides a clear network security posture and the ability to track and respond to incidents. But what cannot be emphasized enough is the business value of CDM. It allows agency customers the flexibility and freedom to use approved technology to be more productive, to find new, innovate ways to provide services, while keeping systems secure and data safe. It will also allow for more accurate network management, thereby reducing any operating costs and reducing the resources needed to respond to any issues. To get to this point, agencies must define their program s complete potential and impact, across business and technical areas. An example would be the implementation of mobile devices into an agency. The value of accessing agency resources via phone or tablet would allow employees who are traveling or work in remote locations to continue to be productive. Instead of carrying around documents and updating information once they get back to a secure location, costing hours of unproductive time, CDM can make sure the mobile devices that are connecting to the network are safe and secure. Allowing that information can get uploaded, shared and analyzed as soon as it is needed. This increases productivity and saves time and resources. Your agency Dashboard is designed to give you a more complete and accurate view on the health status of your network. This information can support the business and technical value of current and new programs. 5

7 2 SECURE EXECUTIVE BUY-IN Implementing CDM requires employees at all levels to understand its value. However, the decision to implement CDM must be made across three key stakeholders: the CIO, the CISO, and senior agency leadership. Their support is critical. CDM will help manage the use of new technology for the foreseeable future. After the initial program is operational, the long-term cost and resource management will be needed to maintain CDM s value. As agency executives need to initiate new programs, CDM can help speed the process and adoption of new technology. 3 Implementation Maturity Model The maturity level of IT and cybersecurity varies by agency and each will require different levels of a CDM solution. Some agencies are just getting started. At other agencies, certain aspects are already in place. In order to adopt the right solution, agencies must assess their preparedness level. Several methods exist to determine an agency s maturity level. Two quality resources are NIST s Risk Management Framework and the 20 Critical Security Controls. Both provide great information for outlining overall security posture. When it comes specifically to CDM, DHS s recommendation is to start with the following functional areas: Devices: know if a new device has come into the environment, what that device is and where it is located. Software Inventory: maintain an inventory of the software operating in their environment. This ensures that software can be patched appropriately or defended when no patches are available. Configuration: define baseline configurations to see what the system should look like. This makes it easier to determine if anything in the baseline configuration has changed. Vulnerability: focus on vulnerability management by keeping up with emerging threats. 6

8 Response Plan 4 A critical, yet often overlooked, part of a successful CDM implementation is the installation of a breach response plan. Having a clear and complete plan will greatly limit the damage hackers are able to inflict on agency networks. A familiar tool used to coordinate a mature plan is the Computer Security Incident Response Team (CSIRT). This group includes a range of specialists who detect, respond to and fix problems, while recommending improvements for systems to curb repeat attacks. This team is comprised of: Response Team Leadership Maintains roles and responsibilities to keep the organization acting in concert. Management Provides the authority to make critical decisions. Information Security Identifies, tracks, remediates and manages incident issues. Information Technology Works to support assurance that the problem is mitigated and networks are secure. Legal Counsel Ensures the usability of any evidence collected during an investigation. Public Affairs Maintains an effective and credible message supporting an accurate representation of the situation to the public. HAVE AN IMPLEMENTATION PLAN Agencies have several options for implementation: 1 Self-implementation with commercial off-the-shelf/government off-the-shelf tools 2 Leverage the DHS Continuous Diagnostics and Mitigation Program 3 Hybrid approach that leverages components from options 1 and 2. Regardless of approach, the outcomes need to be the same: end-point integrity, least privilege, infrastructure integrity, boundary protection and event management. One recommended path comes from the Federal CIO Council s, Joint Continuous Monitoring Working Group. They recommend organizing the network as: 1 Local computing environment 2 Enclave boundary 3 Network and infrastructure 4 Supporting infrastructure 7

9 Once topography of the network is developed, the following steps are recommended: Assess Identify which parts of the network are being monitored, which parts are not and how cyber operations are currently managed. Plan Pinpoint key resources needed to implement CDM and maintain its long-term operations. This consists not only of people, but also tools, technologies and processes. A strong communications plan will enable an agency to set and manage expectations. Implement Connect the impact of the implementation to current or upcoming programs. CDM is different from other cyber or IT programs. Once completed, it will affect cyber operations, IT infrastructure, management and customers. operations Consider the costs of personnel, hardware and software. Then, tie these costs to the business value brought to the agency. CDM is an ongoing program. It requires annual expenditures to maintain effective system security and to manage new data and new technologies. Multiple agency network topography 8

10 CDM can be a simple and complete means to effectively manage agencies assets and information. Through coordination of the first steps of the planning process, identifying the most important data and developing a comprehensive implementation and operations plan, organizations can learn to scope their security efforts efficiently. Due diligence in providing for system security and Federal Information Security Management Act compliance is becoming easier as new mechanisms are developed in support of this mission. The long-term value of CDM can help an agency: improve Risk Management Risk monitoring in a repeatable and sustainable manner strengthens an agency s security posture. Optimize Costs and Improve Effectiveness CDM can enable organizations to (1) automate controls, processes and activities to streamline operations and drive efficiencies; and (2) deploy monitoring activities that keep the network safe and prevent them from lapsing back into inefficient patterns. Monitor for Potential Fraud, Theft and Misconduct Along with codes of conduct, due diligence hotlines, whistleblower mechanisms and investigation and remediation protocols, CDM can become a key component in detecting and preventing cyber threats. address Regulatory Pressures A lack of visibility and transparency can develop when geographically located networks and people are not necessarily connected. CDM can help organizations draw those systems together to comply with regulations and reduce the costs of such compliance. CDM will evolve into an ongoing operational program that will touch every part of the network. If implemented well, agencies will be able to strengthen and widen their security posture. The need to maintain ongoing awareness of information security, vulnerabilities and threats to support organizational risk management decisions is vital. Today, the U.S. government requires an agile approach that not only supports requirements across both National Security Systems and Non-National Security Systems, but also allows organizations the ability to adapt ISCM principles to meet federal and agency-specific requirements. This overview provides initial guidance towards implementing CDM. To achieve success, federal government organizations, supported by industry partners, must work collaboratively to develop a common language, prioritized requirements, detailed technical specifications and insightful metrics, to guide full implementation. Everyone s combined efforts must be leveraged to achieve efficiencies and remain flexible to adapt to new threats and methods of detection and mitigation. 9

11 cgi.com About CGI Founded in 1976, CGI is the fifth largest independent information technology and business process services firm in the world. With approximately 68,000 professionals located in operating in 400 offices in 40 countries, CGI fosters local accountability for client success while bringing global delivery capabilities to clients front doors. We apply a disciplined delivery approach that has achieved an industry-leading track record of on-time, on-budget projects. Our high-quality business consulting, systems integration and outsourcing services help clients leverage current investments while adopting new technology and business strategies that achieve top and bottom line results. As a demonstration of our commitment, our average client satisfaction score for the past 10 years has measured consistently higher than 9 out of 10. For more information, please call or CGI GROUP INC.

Experience the commitment. white paper. Information Security Continuous Monitoring. Charting the Right Course. cgi.com

Experience the commitment. white paper. Information Security Continuous Monitoring. Charting the Right Course. cgi.com Experience the commitment white paper Information Security Continuous Monitoring Charting the Right Course cgi.com Hacking, malware, distributed denial of service attacks, insider threats and other criminal

More information

Middle Class Economics: Cybersecurity Updated August 7, 2015

Middle Class Economics: Cybersecurity Updated August 7, 2015 Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

NGA Paper. Act and Adjust: A Call to Action for Governors. for cybersecurity;

NGA Paper. Act and Adjust: A Call to Action for Governors. for cybersecurity; NGA Paper Act and Adjust: A Call to Action for Governors for Cybersecurity challenges facing the nation. Although implementing policies and practices that will make state systems and data more secure will

More information

Enterprise Security Tactical Plan

Enterprise Security Tactical Plan Enterprise Security Tactical Plan Fiscal Years 2011 2012 (July 1, 2010 to June 30, 2012) Prepared By: State Chief Information Security Officer The Information Security Council State of Minnesota Enterprise

More information

MEMORANDUM. Date: October 28, 2013. Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance

MEMORANDUM. Date: October 28, 2013. Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance MEMORANDUM Date: October 28, 2013 To: Federally Regulated Financial Institutions Subject: Guidance The increasing frequency and sophistication of recent cyber-attacks has resulted in an elevated risk profile

More information

Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education

Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education Statement of Danny Harris, Ph.D. Chief Information Officer U.S. Department of Education Before the U.S. House Oversight and Government Reform Committee Hearing on Agency Compliance with the Federal Information

More information

UNCLASSIFIED/FOR OFFICIAL USE ONLY. Department of Homeland Security (DHS) Continuous Diagnostics & Mitigation (CDM) CDM Program Briefing

UNCLASSIFIED/FOR OFFICIAL USE ONLY. Department of Homeland Security (DHS) Continuous Diagnostics & Mitigation (CDM) CDM Program Briefing UNCLASSIFIED/FOR OFFICIAL USE ONLY Department of Homeland Security (DHS) Continuous Diagnostics & Mitigation (CDM) CDM Program Briefing What is CDM? UNCLASSIFIED/FOR OFFICIAL USE ONLY The CDM program is

More information

I D C A N A L Y S T C O N N E C T I O N

I D C A N A L Y S T C O N N E C T I O N I D C A N A L Y S T C O N N E C T I O N Robert Westervelt Research Manager, Security Products T h e R o l e a nd Value of Continuous Security M o nitoring August 2015 Continuous security monitoring (CSM)

More information

Management (CSM) Capability

Management (CSM) Capability CDM Configuration Settings Management (CSM) Capability Department of Homeland Security National Cyber Security Division Federal Network Security Network & Infrastructure Security Table of Contents 1 PURPOSE

More information

NASA OFFICE OF INSPECTOR GENERAL

NASA OFFICE OF INSPECTOR GENERAL NASA OFFICE OF INSPECTOR GENERAL OFFICE OF AUDITS SUITE 8U71, 300 E ST SW WASHINGTON, D.C. 20546-0001 April 14, 2016 TO: SUBJECT: Renee P. Wynn Chief Information Officer Final Memorandum, Review of NASA

More information

State of Minnesota. Enterprise Security Strategic Plan. Fiscal Years 2009 2013

State of Minnesota. Enterprise Security Strategic Plan. Fiscal Years 2009 2013 State of Minnesota Enterprise Security Strategic Plan Fiscal Years 2009 2013 Jointly Prepared By: Office of Enterprise Technology - Enterprise Security Office Members of the Information Security Council

More information

Cisco Security Optimization Service

Cisco Security Optimization Service Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless

More information

The Protection Mission a constant endeavor

The Protection Mission a constant endeavor a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring

More information

Certified Identity and Access Manager (CIAM) Overview & Curriculum

Certified Identity and Access Manager (CIAM) Overview & Curriculum Identity and access management (IAM) is the most important discipline of the information security field. It is the foundation of any information security program and one of the information security management

More information

Commonwealth IT Threat Management: Keeping Out the Cyber Villains Category: Cyber Security Initiatives. Initiation date: January 2012

Commonwealth IT Threat Management: Keeping Out the Cyber Villains Category: Cyber Security Initiatives. Initiation date: January 2012 Commonwealth IT Threat Management: Keeping Out the Cyber Villains Category: Cyber Security Initiatives Initiation date: January 2012 Completion date: June 2012 Nomination submitted by: Samuel A. Nixon

More information

Cybersecurity Enhancement Account. FY 2017 President s Budget

Cybersecurity Enhancement Account. FY 2017 President s Budget Cybersecurity Enhancement Account FY 2017 President s Budget February 9, 2016 Table of Contents Section 1 Purpose... 3 1A Mission Statement... 3 1.1 Appropriations Detail Table... 3 1B Vision, Priorities

More information

Infrastructure consulting. Global Infrastructure

Infrastructure consulting. Global Infrastructure Infrastructure consulting Global Infrastructure Services Operational costs systems availability compliance and security energy and power usage disaster recovery all contribute to today s increasingly complex

More information

HP Fortify Software Security Center

HP Fortify Software Security Center HP Fortify Software Security Center Proactively Eliminate Risk in Software Trust Your Software 92% of exploitable vulnerabilities are in software National Institute for Standards and Technology (NIST)

More information

Continuous Network Monitoring

Continuous Network Monitoring Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War Vulnerability Risk Management 2.0 Best Practices for Managing Risk in the New Digital War In 2015, 17 new security vulnerabilities are identified every day. One nearly every 90 minutes. This consistent

More information

FFIEC Cybersecurity Assessment Tool

FFIEC Cybersecurity Assessment Tool Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,

More information

CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT

CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT How advancements in automated security testing software empower organizations to continuously measure information

More information

Information Technology Risk Management

Information Technology Risk Management Find What Matters Information Technology Risk Management Control What Counts The Cyber-Security Discussion Series for Federal Government security experts... by Carson Associates your bridge to better IT

More information

The Path Ahead for Security Leaders

The Path Ahead for Security Leaders The Path Ahead for Security Leaders Executive Summary What You Will Learn If you asked security leaders five years ago what their primary focus was, you would likely get a resounding: securing our operations.

More information

Addressing FISMA Assessment Requirements

Addressing FISMA Assessment Requirements SOLUTION BRIEF Heeding FISMA s Call for Security Metrics and Continuous Network Monitoring Addressing FISMA Assessment Requirements Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965 Freedom

More information

IG ISCM MATURITY MODEL FOR FY 2015 FISMA FOR OFFICIAL USE ONLY

IG ISCM MATURITY MODEL FOR FY 2015 FISMA FOR OFFICIAL USE ONLY IG MATURITY MODEL FOR FY 2015 FISMA 1 Ad-hoc 1.1 program is not formalized and activities are performed in a reactive manner resulting in an adhoc program that does not meet 2 requirements for a defined

More information

Optimizing Network Vulnerability

Optimizing Network Vulnerability SOLUTION BRIEF Adding Real-World Exposure Awareness to Vulnerability and Risk Management Optimizing Network Vulnerability Management Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965

More information

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems U.S. Office of Personnel Management Actions to Strengthen Cybersecurity and Protect Critical IT Systems June 2015 1 I. Introduction The recent intrusions into U.S. Office of Personnel Management (OPM)

More information

Continuous Diagnostics & Mitigation:

Continuous Diagnostics & Mitigation: WHITE PAPER Continuous Diagnostics & Mitigation: CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL Table of Contents What is CDM Requirements, Mandates & Policy that drive for adoption of Continuous Monitoring....

More information

Chairman Johnson, Ranking Member Carper, and Members of the committee:

Chairman Johnson, Ranking Member Carper, and Members of the committee: UNITED STATES OFFICE OF PERSONNEL MANAGEMENT STATEMENT OF THE HONORABLE KATHERINE ARCHULETA DIRECTOR U.S. OFFICE OF PERSONNEL MANAGEMENT before the COMMITTEE ON HOMELAND SECURITY AND GOVERNMENTAL AFFAIRS

More information

January IIA / ISACA Joint Meeting Pre-meeting. Cybersecurity Update for Internal Auditors. Matt Wilson, PwC Risk Assurance Director

January IIA / ISACA Joint Meeting Pre-meeting. Cybersecurity Update for Internal Auditors. Matt Wilson, PwC Risk Assurance Director January IIA / ISACA Joint Meeting Pre-meeting Cybersecurity Update for Internal Auditors Matt Wilson, Risk Assurance Director Introduction and agenda Themes from The Global State of Information Security

More information

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches

October 24, 2014. Mitigating Legal and Business Risks of Cyber Breaches October 24, 2014 Mitigating Legal and Business Risks of Cyber Breaches AGENDA Introductions Cyber Threat Landscape Cyber Risk Mitigation Strategies 1 Introductions 2 Introductions To Be Confirmed Title

More information

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs IBM Global Technology Services Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs Achieving a secure government

More information

FREQUENTLY ASKED QUESTIONS

FREQUENTLY ASKED QUESTIONS FREQUENTLY ASKED QUESTIONS Continuous Monitoring 1. What is continuous monitoring? Continuous monitoring is one of six steps in the Risk Management Framework (RMF) described in NIST Special Publication

More information

Best Practices in ICS Security for System Operators. A Wurldtech White Paper

Best Practices in ICS Security for System Operators. A Wurldtech White Paper Best Practices in ICS Security for System Operators A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security

More information

OCIE CYBERSECURITY INITIATIVE

OCIE CYBERSECURITY INITIATIVE Topic: Cybersecurity Examinations Key Takeaways: OCIE will be conducting examinations of more than 50 registered brokerdealers and registered investment advisers, focusing on areas related to cybersecurity.

More information

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk Industrial Cyber Security Risk Manager Proactively Monitor, Measure and Manage Cyber Security Risk With Today s Cyber Threats, How Secure is Your Control System? Today, industrial organizations are faced

More information

Cyber Security Metrics Dashboards & Analytics

Cyber Security Metrics Dashboards & Analytics Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics

More information

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA White Paper Achieving GLBA Compliance through Security Information Management White Paper / GLBA Contents Executive Summary... 1 Introduction: Brief Overview of GLBA... 1 The GLBA Challenge: Securing Financial

More information

CGI Cyber Risk Advisory and Management Services for Insurers

CGI Cyber Risk Advisory and Management Services for Insurers CGI Cyber Risk Advisory and Management Services for Insurers Minimizing Cyber Risks cgi.com 3 As organizations seek to create value in today s highly interconnected world, they inherently increase their

More information

Cyber ROI. A practical approach to quantifying the financial benefits of cybersecurity

Cyber ROI. A practical approach to quantifying the financial benefits of cybersecurity Cyber ROI A practical approach to quantifying the financial benefits of cybersecurity Cyber Investment Challenges In 2015, global cybersecurity spending is expected to reach an all-time high of $76.9

More information

Actionable Security Intelligence: Preparing for the Next Threat with a Proactive Strategy

Actionable Security Intelligence: Preparing for the Next Threat with a Proactive Strategy www.netforensics.com NETFORENSICS WHITE PAPER Actionable Security Intelligence: Preparing for the Next Threat with a Proactive Strategy Contents Executive Summary The Information Security Landscape Security

More information

Cisco Security Services

Cisco Security Services Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your

More information

GEARS Cyber-Security Services

GEARS Cyber-Security Services Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments

More information

ICBA Summary of FFIEC Cybersecurity Assessment Tool

ICBA Summary of FFIEC Cybersecurity Assessment Tool ICBA Summary of FFIEC Cybersecurity Assessment Tool July 2015 Contact: Jeremy Dalpiaz Assistant Vice President Cyber Security and Data Security Policy Jeremy.Dalpiaz@icba.org www.icba.org ICBA Summary

More information

Business Process Services: A Value-Based Approach to Process Improvement and Delivery

Business Process Services: A Value-Based Approach to Process Improvement and Delivery WHITE PAPER Business Process Services: A Value-Based Approach to Process Improvement and Delivery In this white paper, we examine how your business can be improved through business process services. Business

More information

Five keys to a more secure data environment

Five keys to a more secure data environment Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational

More information

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking

More information

Banking Application Modernization and Portfolio Management

Banking Application Modernization and Portfolio Management Banking Application Modernization and Portfolio Management Key Challenges and Success Factors As part of their long-term strategic plans, banks are seeking to capitalize on their legacy applications. Acquired

More information

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement

More information

Attachment A. Identification of Risks/Cybersecurity Governance

Attachment A. Identification of Risks/Cybersecurity Governance Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year

More information

CGI Payments360. Moving money with greater agility and confidence. Experience the commitment

CGI Payments360. Moving money with greater agility and confidence. Experience the commitment CGI Payments360 Moving money with greater agility and confidence Experience the commitment Addressing today s payments realities Customers want the ability to buy anything, pay anyone and bank anywhere

More information

Cybersecurity and internal audit. August 15, 2014

Cybersecurity and internal audit. August 15, 2014 Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices

More information

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) CONTENT Introduction 2 Overview of Continuous Diagnostics & Mitigation (CDM) 2 CDM Requirements 2 1. Hardware Asset Management 3 2. Software

More information

White Paper on Financial Industry Regulatory Climate

White Paper on Financial Industry Regulatory Climate White Paper on Financial Industry Regulatory Climate According to a 2014 report on threats to the financial services sector, 45% of financial services organizations polled had suffered economic crime during

More information

Preemptive security solutions for healthcare

Preemptive security solutions for healthcare Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare

More information

Mission Assurance and Security Services

Mission Assurance and Security Services Mission Assurance and Security Services Dan Galik, Chief Federation of Tax Administrators Computer Security Officer Conference March 2007 Security, privacy and emergency preparedness issues are front page

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015 Cybersecurity: Considerations for Internal Audit IIA Atlanta Chapter Meeting January 9, 2015 Agenda Key Risks Incorporating Internal Audit Resources for Internal Auditors Questions 2 Key Risks 3 4 Key

More information

Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013

Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013 Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013 Sempra Energy s gas and electric utilities collaborate with industry leaders and a wide range of

More information

Defending Against Data Beaches: Internal Controls for Cybersecurity

Defending Against Data Beaches: Internal Controls for Cybersecurity Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity

More information

2012 Application Security Gap Study: A Survey of IT Security & Developers

2012 Application Security Gap Study: A Survey of IT Security & Developers 2012 Application Gap Study: A Survey of IT & s Research sponsored by Innovation Independently Conducted by Ponemon Institute LLC March 2012 1 2012 Application Gap Study: A Survey of IT & s March 2012 Part

More information

CORE Security and GLBA

CORE Security and GLBA CORE Security and GLBA Addressing the Graham-Leach-Bliley Act with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com

More information

Advanced Threat Protection with Dell SecureWorks Security Services

Advanced Threat Protection with Dell SecureWorks Security Services Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5

More information

Information Security for Managers

Information Security for Managers Fiscal Year 2015 Information Security for Managers Introduction Information Security Overview Enterprise Performance Life Cycle Enterprise Performance Life Cycle and the Risk Management Framework Categorize

More information

Cloud Security for Federal Agencies

Cloud Security for Federal Agencies Experience the commitment ISSUE BRIEF Rev. April 2014 Cloud Security for Federal Agencies This paper helps federal agency executives evaluate security and privacy features when choosing a cloud service

More information

Healthcare Cybersecurity Perspectives from the Michigan Healthcare Cybersecurity Council

Healthcare Cybersecurity Perspectives from the Michigan Healthcare Cybersecurity Council Healthcare Cybersecurity Perspectives from the Michigan Healthcare Cybersecurity Council Presented by Doug Copley, Chairman Michigan Healthcare Cybersecurity Council Mr. Chairman and Committee Members,

More information

The Business Case for Security Information Management

The Business Case for Security Information Management The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un

More information

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape WHITE PAPER: SYMANTEC GLOBAL INTELLIGENCE NETWORK 2.0.... ARCHITECTURE.................................... Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Who

More information

Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities

Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Sean Barnum sbarnum@mitre.org September 2011 Overview What is SCAP? Why SCAP?

More information

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council Rethinking Information Security for Advanced Threats CEB Information Risk Leadership Council Advanced threats differ from conventional security threats along many dimensions, making them much more difficult

More information

Into the cybersecurity breach

Into the cybersecurity breach Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing

More information

the evolving governance Model for CYBERSECURITY RISK By Gary owen, Director, Promontory Financial Group

the evolving governance Model for CYBERSECURITY RISK By Gary owen, Director, Promontory Financial Group the evolving governance Model for CYBERSECURITY RISK By Gary owen, Director, Promontory Financial Group 54 Banking PersPective Quarter 2, 2014 Responsibility for the oversight of information security and

More information

DeltaV Cyber Security Solutions

DeltaV Cyber Security Solutions TM DeltaV Cyber Security Solutions A Guide to Securing Your Process A long history of cyber security In pioneering the use of commercial off-the-shelf technology in process control, the DeltaV digital

More information

THE TOP 4 CONTROLS. www.tripwire.com/20criticalcontrols

THE TOP 4 CONTROLS. www.tripwire.com/20criticalcontrols THE TOP 4 CONTROLS www.tripwire.com/20criticalcontrols THE TOP 20 CRITICAL SECURITY CONTROLS ARE RATED IN SEVERITY BY THE NSA FROM VERY HIGH DOWN TO LOW. IN THIS MINI-GUIDE, WE RE GOING TO LOOK AT THE

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

CS 2 SAT: The Control Systems Cyber Security Self-Assessment Tool

CS 2 SAT: The Control Systems Cyber Security Self-Assessment Tool INL/CON-07-12810 PREPRINT CS 2 SAT: The Control Systems Cyber Security Self-Assessment Tool ISA Expo 2007 Kathleen A. Lee January 2008 This is a preprint of a paper intended for publication in a journal

More information

2014 Audit of the CFPB s Information Security Program

2014 Audit of the CFPB s Information Security Program O FFICE OF I NSPECTOR GENERAL Audit Report 2014-IT-C-020 2014 Audit of the CFPB s Information Security Program November 14, 2014 B OARD OF G OVERNORS OF THE F EDERAL R ESERVE S YSTEM C ONSUMER FINANCIAL

More information

FIVE PRACTICAL STEPS

FIVE PRACTICAL STEPS WHITEPAPER FIVE PRACTICAL STEPS To Protecting Your Organization Against Breach How Security Intelligence & Reducing Information Risk Play Strategic Roles in Driving Your Business CEOs, CIOs, CTOs, AND

More information

Deputy Chief Financial Officer Peggy Sherry. And. Chief Information Security Officer Robert West. U.S. Department of Homeland Security.

Deputy Chief Financial Officer Peggy Sherry. And. Chief Information Security Officer Robert West. U.S. Department of Homeland Security. Deputy Chief Financial Officer Peggy Sherry And Chief Information Security Officer Robert West U.S. Department of Homeland Security Testimony Before the Subcommittee on Government Organization, Efficiency

More information

SOLUTION BRIEF. Next Generation APT Defense for Healthcare

SOLUTION BRIEF. Next Generation APT Defense for Healthcare SOLUTION BRIEF Next Generation APT Defense for Healthcare Overview Next Generation APT Defense for Healthcare Healthcare records with patients personally identifiable information (PII) combined with their

More information

CyberSecurity Solutions. Delivering

CyberSecurity Solutions. Delivering CyberSecurity Solutions Delivering Confidence Staying One Step Ahead Cyber attacks pose a real and growing threat to nations, corporations and individuals globally. As a trusted leader in cyber solutions

More information

Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices

Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices Panel Title: Data Breaches: Industry and Law Enforcement Perspectives on Best Practices Over the course of this one hour presentation, panelists will cover the following subject areas, providing answers

More information

Managing cyber risks with insurance

Managing cyber risks with insurance www.pwc.com.tr/cybersecurity Managing cyber risks with insurance Key factors to consider when evaluating how cyber insurance can enhance your security program June 2014 Managing cyber risks to sensitive

More information

Cybersecurity: What CFO s Need to Know

Cybersecurity: What CFO s Need to Know Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction

More information

STATEMENT OF SYLVIA BURNS CHIEF INFORMATION OFFICER U.S. DEPARTMENT OF THE INTERIOR BEFORE THE

STATEMENT OF SYLVIA BURNS CHIEF INFORMATION OFFICER U.S. DEPARTMENT OF THE INTERIOR BEFORE THE STATEMENT OF SYLVIA BURNS CHIEF INFORMATION OFFICER U.S. DEPARTMENT OF THE INTERIOR BEFORE THE HOUSE COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM SUBCOMMITTEE ON INFORMATION TECHNOLOGY AND SUBCOMMITTE

More information

End of Support Should Not End Your Business. Challenge of Legacy Systems

End of Support Should Not End Your Business. Challenge of Legacy Systems End of Support Should Not End Your Business When software vendors announce a product end-of-life (EOL), customers typically have 24 to 30 months to plan and execute their migration strategies. This period

More information

Cybersecurity The role of Internal Audit

Cybersecurity The role of Internal Audit Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government

More information

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS CYBER ATTACKS INFILTRATE CRITICAL INFRASTRUCTURE SECTORS Government and enterprise critical infrastructure sectors such as energy, communications

More information

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015 Internal audit of cybersecurity Presentation to the Atlanta IIA Chapter January 2015 Agenda Executive summary Why is this topic important? Cyber attacks: increasing complexity arket insights: What are

More information

A Performance-Driven Approach to Application Services Management

A Performance-Driven Approach to Application Services Management A Performance-Driven Approach to Application Services Management Breaking the Mold to Accelerate Business Transformation Table of contents 1.0 The keep up versus step up challenge...1 2.0 Taking a different

More information

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI White Paper Achieving PCI Data Security Standard Compliance through Security Information Management White Paper / PCI Contents Executive Summary... 1 Introduction: Brief Overview of PCI...1 The PCI Challenge:

More information

BOARD OF GOVERNORS MEETING JUNE 25, 2014

BOARD OF GOVERNORS MEETING JUNE 25, 2014 CYBER RISK UPDATE BOARD OF GOVERNORS MEETING JUNE 25, 2014 EXECUTIVE SUMMARY Cyber risk has become a major threat to organizations around the world, as highlighted in several well-publicized data breaches

More information

Obtaining Enterprise Cybersituational

Obtaining Enterprise Cybersituational SESSION ID: SPO-R06A Obtaining Enterprise Cybersituational Awareness Eric J. Eifert Sr. Vice President Managed Security Services DarkMatter Agenda My Background Key components of the Cyber Situational

More information

CDM Vulnerability Management (VUL) Capability

CDM Vulnerability Management (VUL) Capability CDM Vulnerability Management (VUL) Capability Department of Homeland Security Office of Cybersecurity and Communications Federal Network Resilience Vulnerability Management Continuous Diagnostics and Mitigation

More information

Address C-level Cybersecurity issues to enable and secure Digital transformation

Address C-level Cybersecurity issues to enable and secure Digital transformation Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,

More information

Symantec Control Compliance Suite. Overview

Symantec Control Compliance Suite. Overview Symantec Control Compliance Suite Overview Addressing IT Risk and Compliance Challenges Only 1 in 8 best performing organizations feel their Information Security teams can effectively influence business

More information