Response to Questions CML Managed Information Security
|
|
- Allison Hodges
- 8 years ago
- Views:
Transcription
1 Response to Questions CML Managed Information Security 1. What are the most critical aspects that need to be provided for this RFP, in light of the comment that multiple awards might be provided? The Library is seeking proposals from firms which can provide security consulting / practice development and/or managed security services. Multiple awards could be provided if the Library feels this is the most advantageous approach. 2. What are the decision criteria and weighting criteria being used for this RFP? Please see page 7 of the Managed Information Security Services RFP. Quality and comprehensiveness of the proposal. Quality of the proposed solution. Stability and viability of the product and Offeror. Offeror s experience on projects of similar scope. Input from reference contacts. 3. Do you want the partner to implement Office 365 as part of this contract? No. We are currently an o365 customer. 4. What are the total number of IT Staff who are managing the Network and Security operations of the Library currently? 2 5. How long does the library take to identify and valid a security incident from false positives? This varies based on incident. We believe an Infosec partner could help us in the areas of threat intelligence, incident management, and incident response. 6. How many people and man hours are typically spent in remediating a valid IT Security Incident ( infection of machine, etc )? This varies based on incident. We believe an Infosec partner could help us in the areas of threat intelligence, incident management, and incident response.
2 7. Please provide us data points / feedback on internal gaps analysis performed regarding the IT Security / Risk Management / Compliance posture of the library that will allow us to understand your current maturity model from a people / process / technology perspective. We will provide information related to prior assessments once a partner is selected. 8. Can we be provided a copy of the IT Strategic plan to help formulate response? No, this information will be provided once a partner is selected. 9. Does the library have a written IT Security policy in place? Please provide a copy for review if possible. Yes. The Library may seek input and guidance on policy, procedure, and practice creation to develop a more formalized security program. 10. Does the library currently use any threat intelligence data feeds as part of the security operations? What are the sources of the threat intelligence? ( name, vendor, etc ) The Library leverages threat intelligence today through various mediums. In the future the Library envisions having a partner as a primary go-to to fill this need. 11. How often does the library desire to have penetration testing performed? Annually 12. What cloud services are you using and what are planned cloud services over next 3-5 years? Example ( O365,Amazon,Box, Dropbox, etc ) The Library is currently using o365. The Library is evaluating IaaS options and our assessment of cloud based services and applications is ongoing. 13. What are the current IT Security technologies deployed and the applicable version running of the solution ( for desktop and laptop, servers, filtering and security, web application firewalls, firewalls, network IDS / IPS, advanced threat solutions, web filtering solutions? The Library has standard Information Security technology in place including firewall, antivirus, web filtering, malware protection, and log/event management. 14. Does the library want to deploy new solutions IT Security technologies that are for the differing platforms: Desktops, Servers, Mobile Devices We are open to further discussions and receiving proposals for replacement.
3 15. Does the library have a vulnerability scanning tool? What is the platform / vendor and current release of version running? No. Scans are performed on an as needed basis through a MSSP. 16. How often does the vulnerability scanning currently take place for the library? It is performed on an as needed basis through a MSSP. 17. How long does it take to remediate findings of vulnerabilities? This varies based on vulnerability. 18. What are is your length of storage requirements from a time aspect for log management and compliance purposes? (90 days for logs for example?) (1 year for PCI compliance data for example?) We will be looking for recommendations from our selected partner to ensure we are in compliance. 19. What is your current log management solution? The Library is using Solarwinds Log and Event Manager. The Library is seeking recommendations as part of this engagement. 20. Do you currently have a SEIM, Security Event Identification Management Solution, in production? What is platform and release information? The Library is using Solarwinds Log and Event Manager 21. How many total IP addresses ( physical and virtual IPs) does the library have for their network and systems? We have approximately 200 virtual servers. We have approximately 300 IP addresses allocated to network devices including WAPs. 22. What is expected growth rate for IP addresses for the library over next 3-5 years? ( Best estimate ) Approximately 10% per year.
4 23. Per each library location please provide the number s for total servers and desktops / laptops? Each location has 1 branch server which supports public computing technologies. Approximately 90 end user devices per locations. 24. How many total desktops & laptops & tablet computers are under library management? What are the current Security solutions deployed to these devices. What is the current version of the Security solution in production Approximately 1,800. antivirus, web filtering, malware protection 25. Is a Security tool platform change in scope for this RFP? We are open to further discussions and receiving proposals for replacement. 26. How man total server operating systems are deployed at the library and what are their operating systems and release level? What are the current Security solutions deployed to these server assets? What is the current version of the Security solution deployed to server assets? The Library runs a mix of Windows and Linux. Additional details will be provided once a partner is selected. 27. How many servers are virtualized versus physical servers? What are the virtualization technologies deployed for servers and desktops? What vendor version and software release are running for the virtualization platform(s)? What is the management platform in use? The Library is 95% virtualized. The Library uses VMware ESX for server virtualization. 28. Please describe your network topology and a provide a network diagram and denote ingress and egress points of internet traffic. How many total number of egress points? How many total number of ingress points? Please see page 3 of the RFP. Additional details will be provided once a partner is selected. 29. What aspects of your network design represent the biggest concern or risk to the library?
5 30. Who are your internet and telecom vendors? OPLIN, TWC, XO 31. What are the total number of routers deployed? What are the vendor model number and software release running? Please denote each distinct active/ active and active / passive pair clusters deployed. How many active / active pairs? How many active / passive pairs? What is the management platform in use? Approximately What are the total number of switches you have deployed? What are the vendor model number and software release running? Please denote each distinct active/ active and active / passive pair clusters deployed. How many active / active pairs? How many active / passive pairs? What is the management platform in use? Approximately What are total number(s) of firewalls and / or UTM devices deployed? What are the vendor model numbers and software release running on your firewalls and / or UTM device? Please denote each distinct active/ active and active / passive pair clusters deployed. How many active / active pairs? How many active / passive pairs? What is the management platform in use? 34. What are the total number of network based IDS and IPS systems deployed? 35. What are deployed behavioral analysis tools deployed within network? Please provide vendor platform information and software release deployed in production? Please denote each VPN device active / active and active / passive pair clusters deployed. What is the management platform in use? 36. What type of VPN solution do you have deployed an in production? Please denote platform / vendor and software release running in production? What is the management platform in use?
6 37. What is your web filtering platform? What are the vendor model numbers and software release running? Please denote each active / active and active / passive pair clusters deployed. How many active / active pairs? How many active / passive pairs? What is the management platform in use? OpenDNS. 38. Do you deploy a web proxy / gateway solution? 39. Do you have a web application firewall solution deployed? 40. Do you have deployed a host based intrusion detection / intrusion prevention solution deployed to endpoint servers, desktops, laptops? 41. What is you endpoint security platform deployed on servers. desktops, laptops, and mobile devices? 42. What are your mission critical applications and the server operating systems running on? Please list and describe. i. Financial application ii. Web server environment iii. Staff Intranet iv. Public computing / print management v. ADFS/DirSync 43. What are your mission critical services and their operating underlying operating systems? AD, file, print, DCHP, DNS 2008, Please list all server operating systems deployed? The Library runs a mix of Windows and Linux. Additional details will be provided once a partner is selected.
7 45. Please list all desktop / laptops / tablet operating systems deployed? What is the total count of these systems? Windows 7 (1500), 8 (300) 46. What database platforms and releases you have deployed? SQL Server, MySQL 47. Do you have in production any advanced anti-malware such as Fireeye, PaloAlto, or Symantec ATP platforms? 48. Please provide information if load balancers are deployed and the platform and software release running? 49. Are you using netflow collectors? 50. Please provide any key contextual details and additional information that will help us understand your key objectives for your Managed Security Services. Please see page 3 5 of the RFP. 51. We need the number of external IP s currently being utilized at Columbus Metropolitan Library. Thank you in advance for your timely response. Approximately First, can you clarify the goal of the security consulting work? The goal of the security consulting work is to work with a chosen partner who will support the Library to enhance its IT security posture as well as reduce Information Security risk. We see this happening through general advising, policy and procedure development, threat intelligence, and incident management and response. Is it meant specifically to identify gaps in the program that will impede the managed services transition?
8 No, this should be performed as a discovery function as part of a managed services proposal. Or is it meant to help shore up additional security program elements that will remain a responsibility of Library staff? Yes. The consulting partnership will help to enhance security program elements that will remain a responsibility of the Library. 53. Are you looking to add outside resources to assist in developing and operating the security program? Not outside of the selected partner(s) recommendations or resources. 54. Can you also give us a better understanding of the current program and its major components? You list it as security practices in the Appendix A can you list those out for us to better understand your intent? This includes governance, incident response, policies, procedures, and standards. The Library has standard Information Security technology in place including firewall, antivirus, web filtering, malware protection, and log/event management. 55. What drives the program today? What compliance initiatives are you concerned about? Compliance and organizational risk drives the program today. 56. If already developed, what security framework are you following (ISO, NIST, etc)? The Library is seeking recommendations as part of this engagement. 57. How many full time IT security resources are there and their responsibilities? IT security is a duty that all technical staff are responsible for. We do not have an FTE 100% focused on Information Security. 58. Can you give us a list of policies, procedures, standards that already are in existence? No. This will be shared once a partner is selected.
9 59. Do you leverage threat intelligence already today? In what forms do you take in threat intelligence? If so, in what capacity/tools? How are you envisioning it in the future? The Library leverages threat intelligence today through various mediums. In the future the Library envisions having a partner as a primary go-to to fill this need. 60. Generally speaking, what type of incidents do you experience? Are these generic issues such as malware infection and cleanup? Or are they insider or outsider threat type of issues? Recent events include malware, virus, and phishing attempts. 61. Appendix A Section 1 seems to imply that you are looking for someone to assess the library and its overall practice, provide guidance to the program through a set of projects and reassess as deemed appropriate. Much of this falls into the category of security management. Who would the outsourcer be advising through this series of practice improvements? Advising would be delivered to various stakeholders including, but not limited to, the project team, the Library s Strategic Planning Team, and/or the Library s Board of Trustees. 62. Is this feeding your own risk management practices? Do you follow a specific risk management framework and if so, which one? Yes. More details about the Library s risk management will be shared once a partner is selected. 63. What is your expectation for the scanning activities? Can you give an estimate to the frequency and scope of the following types of scans: External vulnerability scan - Annually Internal network vulnerability scan - Quarterly Network penetration testing - Annually Web application assessment - Annually
10 64. What type of output are you expecting? Something on line? Automated and formatted data from the scan? Or are you looking for analysis from security consultants and a tailored/custom report for each? Not all reports would need to be tailored / customized. As long as the output can be downloaded / exported we are open to various mediums. 65. Can you please elaborate on the technical specifications around the IaaS scenario that you are trying to describe (ie. what type of network resources and operations would you foresee moving to an IaaS environment?). The Library is currently investigating IaaS solutions. In the future, the Library may move its virtual server infrastructure to an IaaS provider. 66. Are you looking for a single provider to cover all aspects? The Library is seeking proposals from firms which can provide security consulting / practice development and/or managed security services. Multiple awards could be provided if the Library feels this is the best most advantageous approach. 67. What is the initial term for this contract if selected? The contract term will be discussed once a partner is selected. Appendix B of the RFP states pricing for a 12 month period should be provided. 68. Are you expecting to award this contract in phases for ex. the security consulting/development phase would be selected first and then based on how the findings from that project turn out then the managed services part of the project would be phase 2, etc., can you provide more guidance here? The Library will move forward with an approach that is deemed most advantageous based on the responses received. 69. Are all Services Centralized for the 25 locations? Yes. 70. Can you provide an overview of your current IT architecture firewall, network devices, IPS/IDS, wireless, etc.? What requirement will the old architecture place on this bid and the associated services to be delivered? Please see page 3 of the RFP. Additional details will be provided once a partner is selected.
11 71. What services are you referencing here? - This partner would provide implementation resources that would work closely with the Library infrastructure resources. Are the Services to be part of the contract? The Library is stating that if there will be implementation work as part of the proposed solution, the Library would expect partner resources to work with Library resources to implement the solution. Services should be detailed in the proposal. 72. If there are 25 locations as stated on Page 3, lower on the Page it says there are 22 Branch locations. If the operations Center is the 23rd, what are the other two? The other locations support administrative functions. The Library currently has 22 branch locations. 73. Is the Cisco Wireless Meraki? No. 74. How old is the Cisco Network Infrastructure Equipment? If the plan was first put together in 2003, this would (most likely) infer that the infrastructure needs to be updated. Is the design and architecture to be handled outside the RFP Information Security Consulting? The Cisco Infrastructure equipment is 4-6 years old. None of the Library s network infrastructure is EOL. 75. Do you currently have policies and procedures that the winning bid will maintain, update and create and new policies? Yes. The Library may seek input and guidance on policy, procedure, and practice creation and updates. 76. Do you currently have an incident management and response plan? Will the winning bidder be responsible for maintaining and updating, keeping current? Yes. The Library may seek input and guidance on maintaining and updating its incident management and response plan. 77. Are you using any log management application currently? Solarwinds Log and Event Manager. 78. What products are being used under Desktop and Server Protection? Antivirus, malware protection, and Web filtering.
12 79. Page 5, the contractor shall complete a discovery phase to capture the current state of their infrastructure is this billable? Service rates and charges shall be all inclusive. 80. What does MBE/DBE/WBE stand for (page 5) I assume Minority/Disabilities/Women? Minority Business Enterprise Disadvantaged Business Enterprise Women Business Enterprise 81. On-going/regular vulnerability scanning, what is the goal for performing this service? To mitigate risk and meet compliance standards. 82. Database security, what does that mean? Ensuring security controls to protect databases are in place. 83. What is your current definition of penetration scanning for ex. authenticate versus nonauthenticate scanning? The Library would be seeking recommendations from the selected partner as to which level of penetration scan should be performed. 84. Page 10, what is your definition of persistent default (can you provide some examples)? Contractor repeatedly misses deadlines. Contractor fails repeatedly to meet requirements of the contract. Repeated breaches by contractor to agree-to terms and conditions. 85. If select, when do you want to start this effort? ASAP once a partner is selected and a contract is in place. 86. There was no specific discussion on SLA s anywhere; do you have any specifics in mind here? Please provide your capabilities in your response.
13 Goal of the Engagement: 87. Clarify: what do ""Security Services"" and ""Highly Secure"" mean to CML (Setting our Expectations) Security Services are to include points 1-6 on page 4. Highly secure means working with a partner to help ensure CML is meeting compliance standards and cost effectively developing and delivering an Information Security program to meet the needs of the organization while mitigating risk. 88. We expect that there are publicly usable Internet workstations, but are there other services and applications in scope (i.e. Online catalog, e-library, fee collection that may fall under PCI-DSS requirements, etc.) Yes. 89. Is there currently, an existing security program and staff or are security responsibilities loosely defined and security operations best effort?"" The Library may seek input and guidance on policy, procedure, and practice creation to develop a more formalized security program. IT security is a duty that all technical staff are responsible for. We do not have an FTE 100% focused on Information Security. 90. Is there a manager, who has or will assume responsibility, for information security oversight? Yes 91. Have there been any prior assessments within the past 3-5 years and will those reports be provided?" Yes. Those reports can be provided once a partner is selected. 92. Could we obtain a Network Diagram? No. Please see page 3 of the RFP. Security Consulting/ Practice Development 93. Is there an existing security program and/or existing policies or procedures that provide some guidance? Yes, there are. The Library may seek input and guidance on policy, procedure, and practice creation to develop a more formalized security program.
14 94. Is there a particular program/control framework they have familiarity with (ISO, NIST, etc)? The Library is seeking recommendations as part of this engagement. 95. How many and what type of "publicly-facing services are in scope? Primarily web and authentication services. 96. Are there any system interconnections to other libraries or external entities/partners that would need to be considered? Yes 97. Log Management under Security Monitoring is called out, but there is no reference to the Log Management system being used. Can we please be provided with additional information around the Log Management platform? (Model, Version, etc ) The Library is using Solarwinds Log and Event Manager. The Library is seeking recommendations as part of this engagement. 98. In the section for Desktop and Server Protection Data Base Security is referenced. Can we better understand the infrastructure housing the data base? Would this be already what the customer called out to us as a critical server? The Library primarily uses Microsoft SQL Server and MySQL. 99. For Vulnerability Scanning can you verify the number of internal and external ip addresses would you like to have vulnerability scanning done for? (Most enterprises will have critical servers and network infrastructure devices included in this scanning) External 40 Internal For Vulnerability Scanning if we place one scanner will we be able to scan all internal address space in scope for this RFP? Yes 101. For the internal scanner appliance, would you prefer a physical appliance or a virtual appliance? (The virtual appliance runs on VMWare, Oracle VirtualBox, Citrix XenServer, and Microsoft Hyper-V) Physical appliance if not cost prohibitive.
15 102. For pen testing, we often utilize a sampling methodology to help an organization complete a cost effective penetration test of their environment. For example, if 100 web servers are all running Windows 2008R2 with IIS 7.0, the same vulnerabilities will likely be detected on all servers running the same software. By utilizing sampling, we can assess a smaller number of hosts and reduce the time and cost to the organization. With this knowledge, consider approximately how many live, "unique" hosts would be in scope for the penetration test to answer the next two questions. Total number of unique internal servers / IP addresses in scope for penetration testing? i. 150 Total number of unique externally reachable servers / IP addresses in scope for penetration testing? i. 30
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationRequest for Proposal INFORMATION SECURITY ASSESSMENT SERVICES RFP #12-680-004. Addendum 1.0
Request for Proposal INFORMATION SECURITY ASSESSMENT SERVICES RFP #12-680-004 Addendum 1.0 ISSUE DATE: February 23, 2012 Receipt of this addendum should be acknowledged on the Proposal Form. Inquiries
More informationGoals. Understanding security testing
Getting The Most Value From Your Next Network Penetration Test Jerald Dawkins, Ph.D. True Digital Security p. o. b o x 3 5 6 2 3 t u l s a, O K 7 4 1 5 3 p. 8 6 6. 4 3 0. 2 5 9 5 f. 8 7 7. 7 2 0. 4 0 3
More informationPHILADELPHIA GAS WORKS Information Security Assessment and Testing Services RFP#30198 Questions & Answers December 4, 2015
QUESTIONS ANSWERS Q1 What is the goal of testing? A1 We engage in this type of testing to promote our own best practices and ensure our security posture is as it should be. Q2 No of active IP s (internal):
More informationRFP No. 1-15-C017 OFFICE OF TECHNOLOGY INFORMATION SYSTEMS AND INFRASTRUCTURE PENETRATION TEST
RFP No. 1-15-C017 OFFICE OF TECHNOLOGY INFORMATION SYSTEMS AND INFRASTRUCTURE PENETRATION TEST Questions and Answers Notice: Questions may have been edited for clarity and relevance. 1. How many desktops,
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationVendor Questions and Answers
OHIO DEFERRED COMPENSATION REQUEST FOR PROPOSALS (RFP) FOR COMPREHENSIVE SECURITY ASSESSMENT CONSULTANT Issue Date: December 7, 2016 Written Question Deadline: January 11, 2016 Proposal Deadline: RFP Contact:
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationExtreme Networks Security Analytics G2 Vulnerability Manager
DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering
More informationSample Vulnerability Management Policy
Sample Internal Procedures and Policy Guidelines February 2015 Document Control Title: Document Control Number: 1.0.0 Initial Release: Last Updated: February 2015, Manager IT Security February 2015, Director
More informationINCIDENT RESPONSE CHECKLIST
INCIDENT RESPONSE CHECKLIST The purpose of this checklist is to provide clients of Kivu Consulting, Inc. with guidance in the initial stages of an actual or possible data breach. Clients are encouraged
More informationAfter reviewing all the questions, the most common and relevant questions were chosen and the answers are below:
2015 007 After reviewing all the questions, the most common and relevant questions were chosen and the answers are below: 1. Is there a proposed budget for this RFP? No 2. What is the expect duration for
More informationHIPAA SECURITY RISK ANALYSIS FORMAL RFP
HIPAA SECURITY RISK ANALYSIS FORMAL RFP ADDENDUM NUMBER: (2) August 1, 2012 THIS ADDENDUM IS ISSUED PRIOR TO THE ACCEPTANCE OF THE FORMAL RFPS. THE FOLLOWING CLARIFICATIONS, AMENDMENTS, ADDITIONS, DELETIONS,
More informationPayment Card Industry Self-Assessment Questionnaire
How to Complete the Questionnaire The questionnaire is divided into six sections. Each section focuses on a specific area of security, based on the requirements included in the PCI Data Security Standard.
More informationSecurity Services. 30 years of experience in IT business
Security Services 30 years of experience in IT business Table of Contents 1 Security Audit services!...!3 1.1 Audit of processes!...!3 1.1.1 Information security audit...3 1.1.2 Internal audit support...3
More informationUnified Threat Management, Managed Security, and the Cloud Services Model
Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationMcAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software
McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationQUESTIONS & RESPONSES #2
QUESTIONS & RESPONSES #2 RFP / TITLE 070076 IT Cybersecurity Assessment and Plan CONTACT Michael Keim, CPPB, Sr. Contract Adminstrator EMAIL procurement@portoftacoma.com PHONE NUMBER 253-428-8608 SUBMITTAL
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationEnterprise Computing Solutions
Business Intelligence Data Center Cloud Mobility Enterprise Computing Solutions Security Solutions arrow.com Security Solutions Secure the integrity of your systems and data today with the one company
More informationWe are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review
We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review The security threat landscape is constantly changing and it is important to periodically review a business
More informationChapter 9 Firewalls and Intrusion Prevention Systems
Chapter 9 Firewalls and Intrusion Prevention Systems connectivity is essential However it creates a threat Effective means of protecting LANs Inserted between the premises network and the to establish
More informationIBM Security QRadar Vulnerability Manager
IBM Security QRadar Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution Highlights Help prevent security breaches by discovering and highlighting high-risk
More informationD. Grzetich 6/26/2013. The Problem We Face Today
Ideas on Using Asset Criticality Inference (ACI) Through Gathering and Processing of Asset Contextual Utilizing Analytical Models and Processing Rules D. Grzetich 6/26/2013 The Problem We Face Today Security
More informationContinuous Monitoring for the New IT Landscape. July 14, 2014 (Revision 1)
Continuous Monitoring for the New IT Landscape July 14, 2014 (Revision 1) Table of Contents Introduction... 3 The New IT Landscape... 3 Gaps in the New IT Landscape... 5 Tenable s Continuous Monitoring
More informationHow To Connect Log Files To A Log File On A Network With A Network Device (Network) On A Computer Or Network (Network Or Network) On Your Network (For A Network)
SIEM FOR BEGINNERS EVERYTHING YOU WANTED TO KNOW ABOUT LOG MANAGEMENT BUT WERE AFRAID TO ASK www.alienvault.com A Rose By Any Other Name SLM/LMS, SIM, SEM, SEC, SIEM Although the industry has settled on
More informationCisco Advanced Services for Network Security
Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs
More informationFortinet Solutions for Compliance Requirements
s for Compliance Requirements Sarbanes Oxley (SOX / SARBOX) Section / Reference Technical Control Requirement SOX references ISO 17799 for Firewall FortiGate implementation specifics IDS / IPS Centralized
More informationRequest for Proposal MDM0031012338. Offeror s Questions for RFP for Virtual Private Network Solution (VPN)
Request for Proposal MDM0031012338 Offeror s Questions for RFP for Virtual Private Network Solution (VPN) 1. How much throughput must the VPN support long-term? Answer: 10 GB firewall, 4 GB 3DES/AES VPN
More informationPCI DSS. Get Compliant, Stay Compliant Seminar
PCI DSS Get Compliant, Stay Compliant Seminar ValueSYS Solutions & Services Wael Hosny CEO ValueSYS Wael.hosny@valuesys.net Solutions you Need, with Quality you Deserve Seminar Agenda Time 09:00 10:00
More informationAutomate PCI Compliance Monitoring, Investigation & Reporting
Automate PCI Compliance Monitoring, Investigation & Reporting Reducing Business Risk Standards and compliance are all about implementing procedures and technologies that reduce business risk and efficiently
More informationPCI Compliance - A Realistic Approach. Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com
PCI Compliance - A Realistic Approach Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com What What is PCI A global forum launched in September 2006 for ongoing enhancement
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationREQUEST FOR PROPOSAL (RFP) #021-14 HIPAA SECURITY ASSESSMENT VENDOR QUESTIONS & ANSWERS ~ MAY 29, 2014
REQUEST FOR PROPOSAL (RFP) #021-14 HIPAA SECURITY ASSESSMENT VENDOR QUESTIONS & ANSWERS ~ MAY 29, 2014 Q1) Page 2, Section A and Page 5, Section H --- Does the County desire only an assessment of compliance
More informationAddendum No. 2 RFP # 13-10340-3950 SAP ERP SYSTEM AND INFORMATION SECURITY PROGRAM ASSESSMENTS
Addendum 2 RFP # 13-10340-3950 SAP ERP SYSTEM AND INFORMATION SECURITY PROGRAM ASSESSMENTS Prospective Respondents: You are hereby notified of the following information in regard to the referenced RFP:
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.5)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.5) Directions and Instructions for completing this assessment The answers provided
More informationPCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR
PCI COMPLIANCE REQUIREMENTS COMPLIANCE CALENDAR AUTHOR: UDIT PATHAK SENIOR SECURITY ANALYST udit.pathak@niiconsulting.com Public Network Intelligence India 1 Contents 1. Background... 3 2. PCI Compliance
More informationLarry Wilson Version 1.0 November, 2013. University Cyber-security Program Critical Asset Mapping
Larry Wilson Version 1.0 November, 2013 University Cyber-security Program Critical Asset Mapping Part 3 - Cyber-Security Controls Mapping Cyber-security Controls mapped to Critical Asset Groups CSC Control
More informationSECURITY 2.0 LUNCHEON
PROTECTING YOUR ORGANIZATION SECURITY 2.0 LUNCHEON AGAINST CYBER THREATS Tommy Montgomery, Principal Consultant Viral Dhimar, Consultant Adam Ferguson, VP October 22, 2014 #SWCEvents Security 2.0: Next
More informationPCI-DSS Penetration Testing
PCI-DSS Penetration Testing Adam Goslin, Co-Founder High Bit Security May 10, 2011 About High Bit Security High Bit helps companies obtain or maintain their PCI compliance (Level 1 through Level 4 compliance)
More informationGetting Started with the iscan Online Data Breach Risk Intelligence Platform
Getting Started with the iscan Online Data Breach Risk Intelligence Platform 2 Table of Contents Overview... 3 Data Breach Risk Intelligence... 3 Data Breach Prevention Lifecycle Defined... 3 Choosing
More informationagenda 5 IBM ISS security consulting solutions 6 Reduzca costos y la complejidad de la seguridad en su negocio
Reduzca costos y la complejidad de la seguridad en su negocio Juan Carlos Carrillo Security Sales Leader Viernes, 11 de Septiembre de 2009 agenda 1 2 3 X-Force 2008 Trend & Risk Report Highlights IBM Security
More informationBUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports
BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports Building a Security Operation Center Agenda: Auditing Your Network Environment Selecting Effective Security
More informationFind the needle in the security haystack
Find the needle in the security haystack Gunnar Kristian Kopperud Principal Presales Consultant Security & Endpoint Management Technology Day Oslo 1 Find the needle in the security haystack Manually deep
More information8. Firewall Design & Implementation
DMZ Networks The most common firewall environment implementation is known as a DMZ, or DeMilitarized Zone network. A DMZ network is created out of a network connecting two firewalls; i.e., when two or
More informationHow To Protect A Virtual Desktop From Attack
Endpoint Security: Become Aware of Virtual Desktop Infrastructures! An Ogren Group Special Report May 2011 Executive Summary Virtual desktops infrastructures, VDI, present IT with the unique opportunity
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationEXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS
EXTENDING THREAT PROTECTION AND WHITEPAPER CLOUD-BASED SECURITY SERVICES PROTECT USERS IN ANY LOCATION ACROSS ANY NETWORK It s a phenomenon and a fact: employees are always on today. They connect to the
More informationAssuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices
The Payment Card Industry (PCI) Data Security Standard (DSS) provides an actionable framework for developing a robust payment card data security process. The Payment Application Data Security Standard
More informationSygate Secure Enterprise and Alcatel
Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise eliminates the damage or loss of information, cost of recovery, and regulatory violation due to rogue corporate computers, applications, and
More informationClient Security Risk Assessment Questionnaire
Select the appropriate answer from the drop down in the column, and provide a brief description in the section. 1 Do you have a member of your organization with dedicated information security duties? 2
More informationPRESIDIO MANAGED SERVICES OVERVIEW
OVERVIEW VALUE AND COMMITMENT OUR COMMITMENT In our pursuit of excellence for Managed Services we dedicate our team to support the strategic business and IT drivers from our customers. Enabling you to
More informationResponse to Queries Received for RFP of Security Integrator - Tender No. 63
Sr.N RFP Clause Original Query Reply/Remark o. 1. Perform Incident Management with respect to the following: For Forensic Analysis of logs Please clarify the systems/devices Contain attacks through for
More informationSupplier Security Assessment Questionnaire
HALKYN CONSULTING LTD Supplier Security Assessment Questionnaire Security Self-Assessment and Reporting This questionnaire is provided to assist organisations in conducting supplier security assessments.
More informationCompany Profile. First Page. Previous Page. Next Page. Last Page. A Member of Harel Mallac Group
Company Profile A Member of Harel Mallac Group First Table of Contents Who are we? 3 Our Services 4-11 Key Differentiators 11 Contact Us 12 Who are we? Founded in the early 1970 s, Mauritius Computing
More informationSecurity Information and Event Management (SIEM) Hardware & Software RFP #15-109309
CITY OF FARMINGTON 800 Municipal Drive Farmington, NM 87401-2663 (505) 599-1373 Fax (505) 599-1377 http://www.fmtn.org REQUEST FOR PROPOSALS FOR Security Information and Event Management (SIEM) Hardware
More informationHOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments
HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments OVERVIEW This document explains the functionality of Security for Virtual and Cloud Environments (SVCE) - what
More informationNetwork Virtualization Network Admission Control Deployment Guide
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
More informationApache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, 2013 2:32 pm Pacific
Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide Revised February 28, 2013 2:32 pm Pacific Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide
More informationO N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response workflow guide. This guide has been created especially for you for use in within your security
More informationCyber Security. John Leek Chief Strategist
Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationCONTENTS. PCI DSS Compliance Guide
CONTENTS PCI DSS COMPLIANCE FOR YOUR WEBSITE BUILD AND MAINTAIN A SECURE NETWORK AND SYSTEMS Requirement 1: Install and maintain a firewall configuration to protect cardholder data Requirement 2: Do not
More informationTECHNICAL NOTE 01/02 PROTECTING YOUR COMPUTER NETWORK
TECHNICAL NOTE 01/02 PROTECTING YOUR COMPUTER NETWORK 2002 This paper was previously published by the National Infrastructure Security Co-ordination Centre (NISCC) a predecessor organisation to the Centre
More informationDesigning & Implementing. Programs. MBA Bank Expo 2012 April 11, 2012
Designing & Implementing Enterprise Security Programs MBA Bank Expo 2012 April 11, 2012 Session Purpose G R O U P Premise: Security is institutionalized, but the enterprise is evolving. the enterprise
More informationGFI White Paper PCI-DSS compliance and GFI Software products
White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption
More informationIs your business prepared for Cyber Risks in 2016
Is your business prepared for Cyber Risks in 2016 The 2016 GSS Find out Security with the Assessment Excellus BCBS customers hurt by security breach Hackers Access 80 Mn Medical Records At Anthem Hackers
More informationTowards End-to-End Security
Towards End-to-End Security Thomas M. Chen Dept. of Electrical Engineering Southern Methodist University PO Box 750338 Dallas, TX 75275-0338 USA Tel: 214-768-8541 Fax: 214-768-3573 Email: tchen@engr.smu.edu
More informationConfiguring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1)
Configuring Virtual Switches for Use with PVS February 7, 2014 (Revision 1) Table of Contents Introduction... 3 Basic PVS VM Configuration... 3 Platforms... 3 VMware ESXi 5.5... 3 Configure the ESX Management
More informationInformation Technology 2016-2021 Strategic Plan
Information Technology 2016-2021 Strategic Plan Draft Table of Contents Table of Contents... 3 Introduction... 4 Mission of IT... 4 Primary Service Delivery Objectives... 4 Availability of Systems...
More informationIs Your Network a Sitting Duck? 3 Secrets to Securing Your Information Systems. Presenter: Matt Harkrider. Founder, Alert Logic
Is Your Network a Sitting Duck? 3 Secrets to Securing Your Information Systems Presenter: Matt Harkrider Founder, Alert Logic Who We Are: Corporate Fact Sheet Founded: 2002 Sample Customers: HQ: Houston,
More informationQRadar SIEM 6.3 Datasheet
QRadar SIEM 6.3 Datasheet Overview Q1 Labs flagship solution QRadar SIEM is unrivaled in its ability to provide an organization centralized IT security command and control. The unique capabilities of QRadar
More informationVulnerability management lifecycle: defining vulnerability management
Framework for building a vulnerability management lifecycle program http://searchsecurity.techtarget.com/magazinecontent/framework-for-building-avulnerability-management-lifecycle-program August 2011 By
More informationVendor 1 QUESTION CCSF RESPONSE
Vendor 1 QUESTION 1 If we have already filled out the vendor profile application, business tax declaration and local business forms will we need to fill them out again? 2 Is CCSF open to rolling up all
More informationIntro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.
Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationDeploy Remote Desktop Gateway on the AWS Cloud
Deploy Remote Desktop Gateway on the AWS Cloud Mike Pfeiffer April 2014 Last updated: May 2015 (revisions) Table of Contents Abstract... 3 Before You Get Started... 3 Three Ways to Use this Guide... 4
More informationIT Security & Compliance. On Time. On Budget. On Demand.
IT Security & Compliance On Time. On Budget. On Demand. IT Security & Compliance Delivered as a Service For businesses today, managing IT security risk and meeting compliance requirements is paramount
More informationSIEM Implementation Approach Discussion. April 2012
SIEM Implementation Approach Discussion April 2012 Agenda What are we trying to solve? Summary Observations from the Security Assessments related to Logging & Monitoring Problem Statement Solution Conceptual
More informationARCHITECT S GUIDE: Comply to Connect Using TNC Technology
ARCHITECT S GUIDE: Comply to Connect Using TNC Technology August 2012 Trusted Computing Group 3855 SW 153rd Drive Beaverton, OR 97006 Tel (503) 619-0562 Fax (503) 644-6708 admin@trustedcomputinggroup.org
More informationCounselorMax and ORS Managed Hosting RFP 15-NW-0016
CounselorMax and ORS Managed Hosting RFP 15-NW-0016 Posting Date 4/22/2015 Proposal submission deadline 5/15/2015, 5:00 PM ET Purpose of the RFP NeighborWorks America has a requirement for managed hosting
More informationData Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement
Comprehensive Endpoint Enforcement Overview is a complete, end-to-end network access control solution that enables organizations to efficiently and securely control access to corporate networks through
More informationContinuous Network Monitoring for the New IT Landscape. March 16, 2015 (Revision 4)
Continuous Network Monitoring for the New IT Landscape March 16, 2015 (Revision 4) Table of Contents Introduction... 3 The New IT Landscape... 3 Gaps in the Modern IT Landscape... 5 Tenable s Five Critical
More informationOracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0
Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies
More informationPCI Solution for Retail: Addressing Compliance and Security Best Practices
PCI Solution for Retail: Addressing Compliance and Security Best Practices Executive Summary The Payment Card Industry (PCI) Data Security Standard has been revised to address an evolving risk environment
More informationCloud Security: Getting It Right
Cloud Security: Getting It Right Sponsored by Armor Independently conducted by Ponemon Institute LLC Publication Date: October 2015 Ponemon Institute Research Report Cloud Security: Getting It Right Ponemon
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationChapter 1 The Principles of Auditing 1
Chapter 1 The Principles of Auditing 1 Security Fundamentals: The Five Pillars Assessment Prevention Detection Reaction Recovery Building a Security Program Policy Procedures Standards Security Controls
More informationExtending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper
with Cloud-Based Security Services > White Paper It s a phenomenon and a fact: employees are always on today. They connect to the network whenever they want, from wherever they happen to be, with laptops,
More informationICT budget and staffing trends in the UK
ICT budget and staffing trends in the UK Enterprise ICT investment plans to 2013 January 2013 TABLE OF CONTENTS 1 Trends in ICT budgets... 1 1.1 Introduction... 1 1.2 Survey demographics... 1 1.3 IT budget
More informationSECURITY OVERVIEW FOR MY.ENDNOTE.COM. In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our
ENDNOTE ONLINE SECURITY OVERVIEW FOR MY.ENDNOTE.COM In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our servers from attacks and other attempts
More informationRequired Software Product List
Symantec ($3.2 million, 35% weight) AdVantage AdvisorMail AntiVirus (Endpoint Protection) AntiVirus Enterprise Edition App Center Application HA Arellia Application Control Solution Arellia Endpoint Security
More informationHow to Grow and Transform your Security Program into the Cloud
How to Grow and Transform your Security Program into the Cloud Wolfgang Kandek Qualys, Inc. Session ID: SPO-207 Session Classification: Intermediate Agenda Introduction Fundamentals of Vulnerability Management
More informationCybersecurity: An Innovative Approach to Advanced Persistent Threats
Cybersecurity: An Innovative Approach to Advanced Persistent Threats SESSION ID: AST1-R01 Brent Conran Chief Security Officer McAfee This is who I am 2 This is what I do 3 Student B The Hack Pack I used
More informationRequired Software Product List
Symantec ($3.2 million, 35% weight) AdVantage AdvisorMail AntiVirus (Endpoint Protection) AntiVirus Enterprise Edition App Center Application HA Asset Management Suite Backup Exec Certificate Intelligence
More informationForeScout CounterACT. Device Host and Detection Methods. Technology Brief
ForeScout CounterACT Device Host and Detection Methods Technology Brief Contents Introduction... 3 The ForeScout Approach... 3 Discovery Methodologies... 4 Passive Monitoring... 4 Passive Authentication...
More informationData Security and Healthcare
Data Security and Healthcare Complex data flows Millions of electronic medical records across many systems New and emerging business relationships Changing and maturing compliance frameworks Diverse population
More information