Department of Management Services. Request for Information
|
|
- Simon French
- 8 years ago
- Views:
Transcription
1 Department of Management Services Request for Information Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 Submitted By: Carlos Henley DynTek Services, Inc Wednesday St., Suite 600 Tallahassee, FL Phone: (850) Fax: (850)
2 Contents INTRODUCTION... 3 BACKGROUND... 3 CONTACT INFORMATION... 4 RESPONSE TO SECTION IV... 4 Pre-Incident Services... 5 A) Incident Response Agreements... 5 B) Assessments... 5 Standards Based Information Risk Assessments... 5 Cyber Security Testing... 7 C) Preparation... 8 Consulting on Information Assurance Issues... 8 D) Developing Cyber-Security Incident Response Plans... 9 E) Training Information Security Training Post-Incident Services A) Breach Services Toll-free Hotline B) Investigate/Clean-up C) Incident Response Cyber Incident Response D) Mitigation Plans E) Identity Monitoring, Protection, and Restoration DynTek Services, Inc. 2
3 INTRODUCTION With over 20 years of experience, DynTek Services, Inc. (DynTek) is a premier provider of technology and management solutions to commercial firms, state government and local government sectors. Our comprehensive security solutions incorporate our full range of services. DynTek plans and implements strategic projects and creates and maintains systems for a wide range of platforms and architectures. DynTek has a history of providing the vertical markets of Financial, Healthcare, Manufacturing and government agencies with technology-based tools and solutions to secure their systems from internal and external security threats. BACKGROUND DynTek s assessment process is based upon industry standard methodologies and best practices, as well as years of actual application assessment experience. The result is a highly structured methodology and assessment process that can be uniformly deployed across all organizations. An effective information security program is based on people, processes, and technology. It is our belief that simply throwing money at technology does not guarantee a sound security program. For that reason, successful information security programs require the thoughtful integration of people and processes into a sound technical architecture. The trilogy of people, process, and technology is ingrained in our people and in the solutions or work-products that we deliver. DynTek has been a vendor for State and Local customers in Florida and maintained a local office since Our office is located at: DynTek Services, Inc Wednesday Street, Suite 600 Tallahassee, FL Phone: Fax: Tax ID: DynTek maintains Federal GSA Schedule #GS-35F-0025N. DynTek also maintains state contracts in Florida, California, Nevada, New Jersey, and New York. Please visit our website at to view all government contracts. DynTek Services, Inc. 3
4 CONTACT INFORMATION Carlos Henley DynTek Services, Inc. Senior Account Manager Phone: (850) RESPONSE TO SECTION IV DynTek is able to provide: EXPERTISE Understanding Cyberspace and Cybersecurity Identifying and investigating contemporary threats involving cyberspace Anticipating the convergence of cybersecurity and the physical world Articulating risk issues related to cyberspace and cybersecurity Crafting custom solutions to the challenges of cyberspace and cybersecurity DynTek delivers: Preventative Solutions Standards Based Information Risk Assessments Cyber Security Testing Information Security Training Detective Solutions Cybersecurity Analytics & Alerting Technical Surveillance Countermeasures Business Forensics Corrective Solutions Consulting on Information Assurance Issues Cyber Incident Response IT Audit Advocacy Cybersecurity Consulting Services Consulting On Cyber & Physical Risk Management Issues Assessing People and Business Security Risk Communications Security, Systems Security Testing Operations Security, Wireless Network Assessments Risk Assessments, Third Party, Vendor DynTek Services, Inc. 4
5 Physical and Environmental Security Supply Chain Security Consulting Strategic Security Planning & Facilitation Pre-Incident Services A) Incident Response Agreements Terms and conditions in place ahead of time to allow for quicker response in the event of a cyber-security incident. DynTek can provide for a number of terms and conditions to be in place prior to any cybersecurity event including an initial retainer Incident Response Activities On-Demand and for organizing activities necessary to prepare in advance for management and handling of incident response requires the consideration of a lifecycle approach composed of serial phases (Preparation, Identification, Containment, Eradication, Recovery, and Follow-Up) and of ongoing parallel activities (Analysis, Communication, and Documentation). Establishing a bank of hours or a retainer relative to pre-planning services in the event of a significant incident that required information/cyber security resources and expertise to augment the State of Florida from an incident response plan should incorporate an initial determination of the target organizations Information Security Incident Response Capability, Dependencies within the Organization and an Incident Response Team Structure to include the designation of an Incident Response Point of Contact and Emergency Communications Protocol. B) Assessments Evaluate a State Agency s current state of information security and cyber-security incident response capability. Evaluation of the agencies current state and capability to respond to cyber-security incident is one of the core tenants of DynTek s offerings and capabilities. Below are some samples of what we examine and the depth of what can be examined. This evaluation is one of the more important elements of the development of a security program. The Information Risk Assessment is directly related to the client s needs and information security program. Information Risk Assessments set the stage for establishing the Information Technology Big Picture. Our Information Risk Assessment process is built around an ISO 17799/27001 based framework, and controls are customized according to business needs (Health Insurance Portability and Accountability Act of 1996 (HIPAA), Federal Information Security Management Act of 2002 (FISMA), Financial Services - FEDERAL FINANCIAL INSTITUTIONS EXAMINATION COUNCIL (FFIEC) & Gramm-Leach-Bliley Act (GLBA), North American Electric Reliability Corporation s (NERC) CRITICAL INFRASTRUCTURE PROTECTION (CIP), or the Payment DynTek Services, Inc. 5
6 Card Industry Data Security Standard (PCI DSS). Our inquiry will include every aspect of your organization: People, Process, and Technology.. TYPES OF ASSESSMENTS PURPOSE/TYPE PROCESS DESCRIPTION INFORMATION RISK ASSESSMENT for PROGRAM DEVELOPMENT Information Risk Assessment consisting of 11 Information Security Management Controls and 132 subcomponents INFORMATION RISK GAP ANALYSIS (Existing Cybersecurity Program) Information Risk Gap Analysis consisting of 11 Information Security Management Controls and 42 sub-components INFORMATION RISK DOCUMENT REVIEW Analysis of client completed DynTek Information Risk Questionnaire and requested supplemental documents provided by client DynTek Services, Inc. 6
7 Cyber Security Testing DynTek Cyber Security Testing is a hands on effort in which Test Operators attempt to circumvent security features of a system or network based on their understanding of the technical design and implementation. The purpose of a penetration test is to identify methods for gaining access to a system or network by using common attacker tools and techniques. Accordingly, in order to conduct a penetration test, the operator must first conduct a vulnerability assessment in order to determine exploitable targets. *Pricing will vary dependent on size of target environment and the persistence requested for penetration testing (time to break). Consequently, we often scope and price testing engagements on a flat rate per day once we are able to gauge the size of the target environment. EXTERNAL NETWORK ASSESSMENT Targets: Internet facing systems and devices Attack Parameters: May include both automated and manual attacks; Will usually NOT include exploitation of any identified vulnerabilities; Password cracking usually in the scope Restrictions: Attack(s) usually limited to non-business hours Time to Complete: Dependent on target size according to Internet Protocol (IP) addresses INTERNAL NETWORK ASSESSMENT Targets: Internal network devices, not limited to domain controllers, infrastructure services (WINS/DHCP/DNS), servers, workstations, printers and network devices Optional: Configuration review of the firewall and internal Attack Parameters: Unobtrusive system vulnerability scans may occur during business hours; Caution: potential for interruption of critical business systems Restrictions: Internal network assessment will be conducted on-site Will not include mainframe systems May include both automated and manual attacks; but will not usually include exploitation of any identified vulnerabilities; password cracking is usually in the scope Time to Complete: Dependent on target size according to internal Internet Protocol (IP) addresses WIRELESS ASSESSMENT Targets: Organization -Campus -Specific Building -or Facility Attack Parameters: May occur during business hours for unobtrusive scans DynTek Services, Inc. 7
8 Rogue wireless device detection; penetration testing, password cracking usually in the scope Restrictions: Wireless security risk assessment usually limited to technologies Time to Complete: Dependent on target size according to internal Internet Protocol (IP) addresses SOCIAL ENGINEERING Attempt to bypass security controls in order to gain access to sensitive areas or information Targets: Individual - Organization Campus - Specific Building - or Facility Attack Parameters: May include physical access, telephone, and /phishing Restrictions: Attack may be performed any time Time to Complete: Dependent on target size and client needs APPLICATION PEN TEST Targets: Web-based production application, Internet facing IP address Attack Parameters: May include both automated and manual attacks May include attempts to gain access through social engineering Restrictions: Will usually not include exploitation of any identified vulnerabilities Password cracking is usually in the scope Will not include a code review SOURCE CODE SECURITY REVIEW The goal of an application source code security review is to recognize software vulnerabilities that might be exploited if access were gained. C) Preparation Provide guidance on requirements and best practices. In addition to the content described in the response above, DynTek can provide Consulting on Information Assurance Issues that would include requirements and best practices for the following Security Policy Organization of Security Asset Management DynTek Services, Inc. 8
9 Human Resources Security Physical and Environmental Security Communications and Operations Management Access Control Info Systems Acquisition, Development and Maintenance Information Security Incident Management Business Continuity Management Compliance D) Developing Cyber-Security Incident Response Plans Develop or assist in development of written State Agency plans for incident response in the event of a cyber-security incident. The incident response process has several phases. The initial phase involves establishing and training an incident response team and acquiring the necessary tools and resources. During preparation, the organization also attempts to limit the number of incidents that will occur in selecting and implementing a set of controls based on the results of risk assessments. However, residual risk will inevitably persist after implementation of controls. Detection of security breaches is thus necessary to alert the organization whenever incidents occur. In keeping with the severity of the incident, the organization can mitigate the impact of the incident by containing it and ultimately recovering from it and producing a post incident mitigation plan. During this phase, activity often cycles back to detection and analysis for example, to see if additional hosts are infected by malware while eradicating a malware incident. After adequately handling the incident, the organization issues a report that details the cause and cost of the incident and the steps the organization should take to mitigate, or prevent, future incidents. Organizing an effective information security incident response capability involves several major decisions and actions. The organization must decide what services the incident response team should provide, consider which team structures and models can provide those services, and select and implement one or more incident response teams. This section provides not only guidelines that should be helpful in establishing incident response capabilities, but also advice on maintaining and enhancing existing capabilities. DynTek Services, Inc. 9
10 It is critical early in this effort to identify and solicit cooperation from other groups within the organization that will be essential in incident handling. Every incident response team relies on the expertise, judgment, and abilities of others, including: Senior Management Legal Department Public Affairs and Media Relations Human Resources Physical Security and Facilities Management An incident response team should be available whenever an incident involving the organization is suspected to have occurred. One or more team members, depending on the magnitude of the incident and availability of personnel, should then be available exclusively to handle the incident. These incident handlers must analyze the incident data, determine the impact of the incident, and react appropriately to limit the damage and restore services to normal. Accordingly, the incident response team s success depends on the participation and cooperation of individuals throughout the organization. This section discusses incident response team models and provides advice on selecting an effective model for your organization. Team Models Possible structures for an incident response team include: Central Incident Response Team Distributed Incident Response Teams A single incident response team handles incidents throughout the organization. This model is effective for small organizations and organizations with minimal geographic diversity in terms of computing resources. The organization has multiple incident response teams, each responsible for a particular logical or physical segment of the organization. This model is effective for large organizations (e.g., one team per division) and for organizations with major computing resources at distant locations (e.g., one team per geographic region, one team per major facility). However, the teams should be part of a single coordinated entity so that the incident response process is consistent across the organization and information is shared among DynTek Services, Inc. 10
11 teams. This is particularly important because multiple teams may see components of the same incident or may handle similar incidents. Coordinating Team An incident response team provides advice to other teams without having authority over those teams for example, a department-wide team may assist individual agencies teams. This model can be thought of as a CSIRT for CSIRTs. Because the focus of this document is central and distributed CSIRTs, the coordinating team model is not addressed in detail in this document. DynTek facilitates and where appropriate provides on-going assistance in the creation and management of client incident response programs. Upon developing the information, policies, procedures and teaming structures as identified below, the incident response program plan serves to facilitate information about the coordinating team model, as well as extensive information on other team models, is available in a CERT /CC document titled Organizational Models for Computer Security Incident Response Teams (CSIRTs) ( E) Training Provide training for State Agency staff from basic user awareness to technical education. Virtually all Information Security Standards and Regulations require both information security awareness and information security training targeted at all users (including managers, senior executives, and contractors) on an on-going basis. Learning is a continuum it starts with awareness, builds to training, and evolves into education. (NIST Special Publication Revision 1) DynTek has developed a Web based Information Security tutoring solution. Our approach delivers two options for our clients: 1) Generic (ISO1799/27001) Information Security Awareness and Training modules or 2) Customized (branded if desired) Information Security Awareness and Training modules based on specific corporate or regulatory requirements DynTek Services, Inc. 11
12 unique to the client or line of business, such as HIPAA, FISMA, NERC CIP, CJIS, IRS Pub 1075, Red Flags, etc. In either case, our training is designed to provide a convenient and cost-effective approach to Information Security Awareness and Training. Most organizations have either adopted or are moving toward a remote or off-site business model. Consequently, the opportunity to conduct collective information security awareness or training sessions has become a challenge. Our solution provides a web based series of awareness and training modules that can be accessed via the Internet anywhere, anytime. The student simply logs in using a credit card, selects a module and follows on-screen prompts through the module. When the module has been completed with a passing score an is generated by our system informing your Human Resources organization that successful Information Security Awareness or Training has been accomplished by the student. Post-Incident Services A) Breach Services Toll-free Hotline Provide a scalable, resilient call center for incident response information to State Agencies. DynTek does not provide this service. B) Investigate/Clean-up Conduct rapid evaluation of incidents, lead investigations and provide remediation services to restore State Agency operations to pre-incident levels. DynTek can help manage all aspects of incident response including subsequent activities. Our experts are experienced in cybercrime investigations and can be available to provide legal liaison as needed. In response to risks identified by a breach, we work with clients to: Limit immediate incident impact to customers and partners Recover from the incident and return to operations Determine how the incident occurred Avoid escalation and further incidents Help assess impact and damage Determine who initiated the incident and your options going forward Review existing policies and protocols for adequacy Review adequacy of other systems security Develop long-term mitigation plans DynTek Services, Inc. 12
13 Provide necessary training C) Incident Response Provide guidance or technical staff to assist State Agencies in response to an incident. DynTek is available to help you manage all aspects of a breach including subsequent activities. Our experts are experienced in cybercrime investigations and can be available to provide legal liaison as needed. In response to risks identified by a breach, we work with you to: Limit immediate incident impact to customers and partners Recover from the incident and return to operations Determine how the incident occurred Avoid escalation and further incidents Help assess impact and damage Determine who initiated the incident and your options going forward Review existing policies and protocols for adequacy Review adequacy of other systems security Develop long-term mitigation plans Provide necessary training D) Mitigation Plans Assist State Agency staff in development of mitigation plans based on investigation and incident response. Assist State Agency staff with incident mitigation activities. The DynTek Team can provide support in all phases of cyber security mitigation efforts planning, testing, and implementation. Advise DMS employees regarding information security best practices and security architecture mitigation efforts. Review and recommend technical solutions to DMS based on an understanding of recognized risk results. Conduct systems security analysis and implementation, system engineering, electrical design, design assurance, testing, software engineering, program design, configuration management, integration and testing of products and techniques, as well as providing information risk advice. The Team s solutions will be based on a firm understanding of DMS policy, practices, procedures, customer requirements, and emerging technologies, as well as anticipated future trends associated with information management, information systems, and data networks. Especially affecting: Security Policy DynTek Services, Inc. 13
14 Organization of Security Asset Management Human Resources Security Physical and Environmental Security Communications and Operations Management Access Control Info Systems Acquisition, Development and Maintenance Information Security Incident Management Business Continuity Management Compliance E) Identity Monitoring, Protection, and Restoration Provide identity monitoring, protection, and restoration services to any individuals potentially affected by a cyber-security incident. DynTek does not provide this service. DynTek Services, Inc. 14
I n f o r m a t i o n S e c u r i t y
We help organizations protect INFORMATION The BorderHawk Team has significant experience assessing, analyzing, and designing information protection programs especially in Critical Infrastructure environments.
More informationGEARS Cyber-Security Services
Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments
More informationAn Overview of Information Security Frameworks. Presented to TIF September 25, 2013
An Overview of Information Security Frameworks Presented to TIF September 25, 2013 What is a framework? A framework helps define an approach to implementing, maintaining, monitoring, and improving information
More informationREQUEST FOR INFORMATION
Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services 3 September 2015 6506 Loisdale Rd, Ste 325
More information7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008
U.S. D EPARTMENT OF H OMELAND S ECURITY 7 Homeland Fiscal Year 2008 HOMELAND SECURITY GRANT PROGRAM ty Grant Program SUPPLEMENTAL RESOURCE: CYBER SECURITY GUIDANCE uidelines and Application Kit (October
More informationSecurity Management. Keeping the IT Security Administrator Busy
Security Management Keeping the IT Security Administrator Busy Dr. Jane LeClair Chief Operating Officer National Cybersecurity Institute, Excelsior College James L. Antonakos SUNY Distinguished Teaching
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.5)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.5) Directions and Instructions for completing this assessment The answers provided
More informationcarahsoft Florida Department of Management Services CARAHSOFT S RESPONSE TO THE REQUEST FOR INFORMATION
carahsoft CARAHSOFT S RESPONSE TO THE Florida Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services
More informationSCAC Annual Conference. Cybersecurity Demystified
SCAC Annual Conference Cybersecurity Demystified Me Thomas Scott SC Deputy Chief Information Security Officer PMP, CISSP, CISA, GSLC, FEMA COOP Practitioner Tscott@admin.sc.gov 803-896-6395 What is Cyber
More informationITL BULLETIN FOR SEPTEMBER 2012 REVISED GUIDE HELPS ORGANIZATIONS HANDLE SECURITY-RELATED INCIDENTS
ITL BULLETIN FOR SEPTEMBER 2012 REVISED GUIDE HELPS ORGANIZATIONS HANDLE SECURITY-RELATED INCIDENTS Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute
More informationNIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT
NIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT OVERVIEW The National Institute of Standards of Technology Framework for Improving Critical Infrastructure Cybersecurity (The NIST Framework) is a
More informationTASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices
Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security
More informationLooking at the SANS 20 Critical Security Controls
Looking at the SANS 20 Critical Security Controls Mapping the SANS 20 to NIST 800-53 to ISO 27002 by Brad C. Johnson The SANS 20 Overview SANS has created the 20 Critical Security Controls as a way of
More informationForeScout CounterACT and Compliance June 2012 Overview Major Mandates PCI-DSS ISO 27002
ForeScout CounterACT and Compliance An independent assessment on how network access control maps to leading compliance mandates and helps automate GRC operations June 2012 Overview Information security
More informationNERC CIP Compliance with Security Professional Services
NERC CIP Compliance with Professional Services The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to ensure that the bulk electric system in North America is
More informationAttachment A. Identification of Risks/Cybersecurity Governance
Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationClient Security Risk Assessment Questionnaire
Select the appropriate answer from the drop down in the column, and provide a brief description in the section. 1 Do you have a member of your organization with dedicated information security duties? 2
More informationHow to Lead the People in a Program Based Environment
SESSION ID: GRC-W01 Balancing Compliance and Operational Security Demands Steve Winterfeld Bank Information Security Officer CISSP, PCIP What is more important? Compliance with laws / regulations Following
More information---Information Technology (IT) Specialist (GS-2210) IT Security Competency Model---
---Information Technology (IT) Specialist (GS-2210) IT Security Model--- TECHNICAL COMPETENCIES Computer Forensics Knowledge of tools and techniques pertaining to legal evidence used in the analysis of
More informationSecurity Controls What Works. Southside Virginia Community College: Security Awareness
Security Controls What Works Southside Virginia Community College: Security Awareness Session Overview Identification of Information Security Drivers Identification of Regulations and Acts Introduction
More informationPHILADELPHIA GAS WORKS Information Security Assessment and Testing Services RFP#30198 Questions & Answers December 4, 2015
QUESTIONS ANSWERS Q1 What is the goal of testing? A1 We engage in this type of testing to promote our own best practices and ensure our security posture is as it should be. Q2 No of active IP s (internal):
More informationLogging In: Auditing Cybersecurity in an Unsecure World
About This Course Logging In: Auditing Cybersecurity in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that
More informationBy: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015
Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity
More informationCurrent IBAT Endorsed Services
Current IBAT Endorsed Services Managed Network Intrusion Prevention and Detection Service SecureWorks provides proactive management and real-time security event monitoring and analysis across your network
More informationCompliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
More informationPCI DSS Overview and Solutions. Anwar McEntee Anwar_McEntee@rapid7.com
PCI DSS Overview and Solutions Anwar McEntee Anwar_McEntee@rapid7.com Agenda Threat environment and risk PCI DSS overview Who we are Solutions and where we can help Market presence High Profile Hacks in
More informationHow To Evaluate A Cooperative For Safety
NARUC 2013 Cyber Security Risk Assessment & Risk Mitigation Plan Review for the Kentucky Public Service Commission NARUC Grants & Research December 2013 The National Association of Regulatory Utility Commissioners
More informationSECURITY. Risk & Compliance Services
SECURITY Risk & Compliance s V1 8/2010 Risk & Compliances s Risk & compliance services Summary Summary Trace3 offers a full and complete line of security assessment services designed to help you minimize
More informationCybersecurity: What CFO s Need to Know
Cybersecurity: What CFO s Need to Know William J. Nowik, CISA, CISSP, QSA PCIP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2014 Wolf & Company, P.C. Today s Agenda Introduction
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationBig Data, Big Risk, Big Rewards. Hussein Syed
Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationQRadar SIEM 6.3 Datasheet
QRadar SIEM 6.3 Datasheet Overview Q1 Labs flagship solution QRadar SIEM is unrivaled in its ability to provide an organization centralized IT security command and control. The unique capabilities of QRadar
More informationAddressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense
A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical
More informationCritical Controls for Cyber Security. www.infogistic.com
Critical Controls for Cyber Security www.infogistic.com Understanding Risk Asset Threat Vulnerability Managing Risks Systematic Approach for Managing Risks Identify, characterize threats Assess the vulnerability
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More informationThird-Party Access and Management Policy
Third-Party Access and Management Policy Version Date Change/s Author/s Approver/s Dean of Information Services 1.0 01/01/2013 Initial written policy. Kyle Johnson Executive Director for Compliance and
More informationMaintaining PCI-DSS compliance. Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com
Maintaining PCI-DSS compliance Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com Sessione di Studio Milano, 21 Febbraio 2013 Agenda 1 Maintaining PCI-DSS compliance
More informationClick to edit Master title style
EVOLUTION OF CYBERSECURITY Click to edit Master title style IDENTIFYING BEST PRACTICES PHILIP DIEKHOFF, IT RISK SERVICES TECHNOLOGY THE DARK SIDE AGENDA Defining cybersecurity Assessing your cybersecurity
More informationInformation Technology Policy
ITP Number ITP-SEC024 Category Security Contact RA-ITCentral@pa.gov Information Technology Policy IT Security Incident Policy Effective Date August 2, 2012 Supersedes Scheduled Review Annual 1. Purpose
More informationRedhawk Network Security, LLC 62958 Layton Ave., Suite One, Bend, OR 97701 sales@redhawksecurity.com 866-605- 6328 www.redhawksecurity.
Planning Guide for Penetration Testing John Pelley, CISSP, ISSAP, MBCI Long seen as a Payment Card Industry (PCI) best practice, penetration testing has become a requirement for PCI 3.1 effective July
More informationHow To Achieve Pca Compliance With Redhat Enterprise Linux
Achieving PCI Compliance with Red Hat Enterprise Linux June 2009 CONTENTS EXECUTIVE SUMMARY...2 OVERVIEW OF PCI...3 1.1. What is PCI DSS?... 3 1.2. Who is impacted by PCI?... 3 1.3. Requirements for achieving
More informationSCADA Security Training
SCADA Security Training 1-Day Course Outline Wellington, NZ 6 th November 2015 > Version 3.1 web: www.axenic.co.nz phone: +64 21 689998 page 1 of 6 Introduction Corporate Background Axenic Ltd Since 2009,
More informationNine Steps to Smart Security for Small Businesses
Nine Steps to Smart Security for Small Businesses by David Lacey Co-Founder, Jericho Forum Courtesy of TABLE OF CONTENTS INTRODUCTION... 1 WHY SHOULD I BOTHER?... 1 AREN T FIREWALLS AND ANTI-VIRUS ENOUGH?...
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationNEC Managed Security Services
NEC Managed Security Services www.necam.com/managedsecurity How do you know your company is protected? Are you keeping up with emerging threats? Are security incident investigations holding you back? Is
More informationINFORMATION SECURITY FOR YOUR AGENCY
INFORMATION SECURITY FOR YOUR AGENCY Presenter: Chad Knutson Secure Banking Solutions, LLC CONTACT INFORMATION Dr. Kevin Streff Professor at Dakota State University Director - National Center for the Protection
More informationNERC CIP VERSION 5 COMPLIANCE
BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining
More informationVendor Questions and Answers
OHIO DEFERRED COMPENSATION REQUEST FOR PROPOSALS (RFP) FOR COMPREHENSIVE SECURITY ASSESSMENT CONSULTANT Issue Date: December 7, 2016 Written Question Deadline: January 11, 2016 Proposal Deadline: RFP Contact:
More information3rd Party Assurance & Information Governance 2014-2016 outlook IIA Ireland Annual Conference 2014. Straightforward Security and Compliance
3rd Party Assurance & Information Governance 2014-2016 outlook IIA Ireland Annual Conference 2014 Continuous Education Services (elearning/workshops) Compliance Management Portals Information Security
More informationWhat IT Auditors Need to Know About Secure Shell. SSH Communications Security
What IT Auditors Need to Know About Secure Shell SSH Communications Security Agenda Secure Shell Basics Security Risks Compliance Requirements Methods, Tools, Resources What is Secure Shell? A cryptographic
More informationIndustrial Cyber Security 101. Mike Spear
Industrial Cyber Security 101 Mike Spear Introduction Mike Spear Duluth, GA USA Global Operations Manager, Industrial Cyber Security Mike.spear@honeywell.com Responsible for the Global Delivery of Honeywell
More informationState of South Carolina Policy Guidance and Training
State of South Carolina Policy Guidance and Training Policy Workshop Small Agency Threat and Vulnerability Management Policy May 2014 Agenda Questions & Follow-Up Policy Workshop Overview & Timeline Policy
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationTHE TOP 4 CONTROLS. www.tripwire.com/20criticalcontrols
THE TOP 4 CONTROLS www.tripwire.com/20criticalcontrols THE TOP 20 CRITICAL SECURITY CONTROLS ARE RATED IN SEVERITY BY THE NSA FROM VERY HIGH DOWN TO LOW. IN THIS MINI-GUIDE, WE RE GOING TO LOOK AT THE
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationCORE Security and GLBA
CORE Security and GLBA Addressing the Graham-Leach-Bliley Act with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com
More informationNEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015
NEXPOSE ENTERPRISE METASPLOIT PRO Effective Vulnerability Management and validation March 2015 KEY SECURITY CHALLENGES Common Challenges Organizations Experience Key Security Challenges Visibility gaps
More informationSecurity solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.
Security solutions White paper Acquire a global view of your organization s security state: the importance of security assessments. April 2007 2 Contents 2 Overview 3 Why conduct security assessments?
More informationData Breach Response Planning: Laying the Right Foundation
Data Breach Response Planning: Laying the Right Foundation September 16, 2015 Presented by Paige M. Boshell and Amy S. Leopard babc.com ALABAMA I DISTRICT OF COLUMBIA I FLORIDA I MISSISSIPPI I NORTH CAROLINA
More informationCHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS 1 FIVE KEY RECOMMENDATIONS During 2014, NTT Group supported response efforts for a variety of incidents. Review of these engagements revealed some observations
More informationINCIDENT RESPONSE CHECKLIST
INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged
More informationMaximizing Configuration Management IT Security Benefits with Puppet
White Paper Maximizing Configuration Management IT Security Benefits with Puppet OVERVIEW No matter what industry your organization is in or whether your role is concerned with managing employee desktops
More informationCYBERCRIME AND INFORMATION GOVERNANCE ARE YOU PREPARED?
CYBERCRIME AND INFORMATION GOVERNANCE ARE YOU PREPARED? Anthony Diana, Reed Smith LLP Scott Lashway, MassMutual Stephen Ramey, Navigant Consulting ARE YOU PREPARED?» Your security operations center is
More informationPCI Compliance for Cloud Applications
What Is It? The Payment Card Industry Data Security Standard (PCIDSS), in particular v3.0, aims to reduce credit card fraud by minimizing the risks associated with the transmission, processing, and storage
More informationDevice Hardening, Vulnerability Remediation and Mitigation for Security Compliance
Device Hardening, Vulnerability Remediation and Mitigation for Security Compliance Produced on behalf of New Net Technologies by STEVE BROADHEAD BROADBAND TESTING 2010 broadband testing and new net technologies
More informationNERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice
NERC Cyber Security Compliance Consulting Services HCL Governance, Risk & Compliance Practice Overview The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to
More informationCompliance Challenges. Ali Pabrai, MSEE, CISSP (ISSMP, ISSAP) Member, FBI InfraGard. Increased Audits & On-site Investigations
Enabling a HITECH & HIPAA Compliant Organization: Addressing Meaningful Use Mandates & Ensuring Audit Readiness Ali Pabrai, MSEE, CISSP (ISSMP, ISSAP) Member, FBI InfraGard Compliance Mandates Increased
More informationDIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014
DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014 Revision History Update this table every time a new edition of the document is
More informationINFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION
INFORMATION SECURITY GOVERNANCE ASSESSMENT TOOL FOR HIGHER EDUCATION Information security is a critical issue for institutions of higher education (IHE). IHE face issues of risk, liability, business continuity,
More informationStrategic Plan On-Demand Services April 2, 2015
Strategic Plan On-Demand Services April 2, 2015 1 GDCS eliminates the fears and delays that accompany trying to run an organization in an unsecured environment, and ensures that our customers focus on
More informationFREQUENTLY ASKED QUESTIONS
FREQUENTLY ASKED QUESTIONS Continuous Monitoring 1. What is continuous monitoring? Continuous monitoring is one of six steps in the Risk Management Framework (RMF) described in NIST Special Publication
More informationSAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts
SAP Cybersecurity Solution Brief Objectives Solution Benefits Quick Facts Secure your SAP landscapes from cyber attack Identify and remove cyber risks in SAP landscapes Perform gap analysis against compliance
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationQ&A ADDENDUM FOR INFORMATION SECURITY VULNERABILITY ASSESSMENT PUBLISHED 10/20/2015
Q&A ADDENDUM FOR INFORMATION SECURITY VULNERABILITY ASSESSMENT PUBLISHED 10/20/2015 UPDATE HISTORY: 10/21/2015 10/30/2015 11/5/2015 Questions submitted by Proposers All proposers should reference the following
More informationHigh End Information Security Services
High End Information Security Services Welcome Trion Logics Security Solutions was established after understanding the market's need for a high end - End to end security integration and consulting company.
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationSPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles
PNNL-24138 SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles March 2015 LR O Neil TJ Conway DH Tobey FL Greitzer AC Dalton PK Pusey Prepared for the
More informationCyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services
Cyber Risk Mitigation via Security Monitoring Enhanced by Managed Services Focus: Up to But Not Including Corporate and 3 rd Party Networks Level 4 Corporate and 3 rd Party/Vendor/Contractor/Maintenance
More informationNSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense
NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial
More informationThe Business Case for Security Information Management
The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un
More informationState of Florida Cyber Security Services RFI
RFI ATTENTION: State of Florida Dept. of Management Services Joel Atkinson Associate Category Manager 4050 Esplanade Way, Suite 360 Tallahassee, FL 32399-0950 (850) 488-1985 joel.atkinson@dms.myflorida.com
More informationOCIE CYBERSECURITY INITIATIVE
Topic: Cybersecurity Examinations Key Takeaways: OCIE will be conducting examinations of more than 50 registered brokerdealers and registered investment advisers, focusing on areas related to cybersecurity.
More informationCyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013
Cyber Security and Information Assurance Controls Prevention and Reaction 1 About Enterprise Risk Management Capabilities Cyber Security Risk Management Information Assurance Strategic Governance Regulatory
More informationCautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture
More informationOn-Site Manager Exclusive Customer Offer
On-Site Manager Exclusive Customer Offer Information Security & Compliance Subscription Programs Your Partner for a Secure Future NETWORK VULNERABILITY & THREAT MANAGEMENT PROGRAM PCI COMPLIANCE ASSESSMENT
More informationCyber Security Incident Handling Policy. Information Technology Services Center (ITSC) of The Hong Kong University of Science and Technology
Cyber Security Incident Handling Policy Information Technology Services Center (ITSC) of The Hong Kong University of Science and Technology Date: Oct 9, 2015 i Document Control Document Owner Classification
More informationEVALUATION REPORT. Weaknesses Identified During the FY 2014 Federal Information Security Management Act Review. March 13, 2015 REPORT NUMBER 15-07
EVALUATION REPORT Weaknesses Identified During the FY 2014 Federal Information Security Management Act Review March 13, 2015 REPORT NUMBER 15-07 EXECUTIVE SUMMARY Weaknesses Identified During the FY 2014
More informationEcom Infotech. Page 1 of 6
Ecom Infotech Page 1 of 6 Page 2 of 6 IBM Q Radar SIEM Intelligence 1. Security Intelligence and Compliance Analytics Organizations are exposed to a greater volume and variety of threats and compliance
More informationKeeping watch over your best business interests.
Keeping watch over your best business interests. 0101010 1010101 0101010 1010101 IT Security Services Regulatory Compliance Services IT Audit Services Forensic Services Risk Management Services Attestation
More informationDESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE
DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the
More informationCORE Security and the Payment Card Industry Data Security Standard (PCI DSS)
CORE Security and the Payment Card Industry Data Security Standard (PCI DSS) Addressing the PCI DSS with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com
More informationPresented by Evan Sylvester, CISSP
Presented by Evan Sylvester, CISSP Who Am I? Evan Sylvester FAST Information Security Officer MBA, Texas State University BBA in Management Information Systems at the University of Texas Certified Information
More informationHarmonizing Your Compliance and Security Objectives. Bonnie A. Goins Adjunct Professor, Illinois Institute of Technology
Harmonizing Your Compliance and Security Objectives Bonnie A. Goins Adjunct Professor, Illinois Institute of Technology Make sure efforts serve multiple purposes Use standards to guide effort Repeatable
More informationLAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES
LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable
More informationQUESTIONS & RESPONSES #2
QUESTIONS & RESPONSES #2 RFP / TITLE 070076 IT Cybersecurity Assessment and Plan CONTACT Michael Keim, CPPB, Sr. Contract Adminstrator EMAIL procurement@portoftacoma.com PHONE NUMBER 253-428-8608 SUBMITTAL
More information