CYBERSECURITY. Global cybersecurity capabilities for a digital transformation with confidence. Delivering Transformation. Together.



Similar documents
HOW TO PROTECT AIR TRAFFIC MANAGEMENT AGAINST CYBER ATTACKS?

Cyber Security solutions

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

NNIT Cybersecurity. A new threat landscape requires a new approach

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Cyber security Building confidence in your digital future

Are European companies equipped to fight off cyber security attacks?

Delivering peace of mind in outsourcing

Solutions and IT services for Oil-Gas & Energy markets

Addressing Cyber Risk Building robust cyber governance

Cyber security Building confidence in your digital future

Cybersecurity and internal audit. August 15, 2014

AEROLINE. Delivering transformation programmes for major aeronautic companies. Delivering Transformation. Together.

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

The Benefits of an Integrated Approach to Security in the Cloud

BUILD YOUR CYBERSECURITY SKILLS WITH NRB

InfoSec Academy Application & Secure Code Track

An enterprise grade information security & forensic technical team

Cloud security architecture

CYBER SECURITY TRAINING SAFE AND SECURE

National Cyber Security Policy -2013

Websense Data Security Suite and Cyber-Ark Inter-Business Vault. The Power of Integration

Delivering Transformation. Together. The challenges of the new customer experience. Delivering Transformation. Together.

Preemptive security solutions for healthcare

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?

Address C-level Cybersecurity issues to enable and secure Digital transformation

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

A COMPLETE APPROACH TO SECURITY

Security Risk Management Strategy in a Mobile and Consumerised World

COBIT 5 For Cyber Security Governance and Management. Nasser El-Hout Managing Director Service Management Centre of Excellence (SMCE)

Bellevue University Cybersecurity Programs & Courses

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013

Combating a new generation of cybercriminal with in-depth security monitoring

Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform

Continuous Network Monitoring

Cyber Security - What Would a Breach Really Mean for your Business?

Developing an Architectural Framework towards achieving Cyber Resiliency. Presented by Deepak Singh

Western Australian Auditor General s Report. Information Systems Audit Report

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Security Services. 30 years of experience in IT business

EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES

Performanta Pty Ltd. Company Profile. May Trust. Practical. Performanta.

End-to-end security with advanced biometrics technology

End-to-end security with advanced biometrics technology

BlackStratus for Managed Service Providers

IBM QRadar Security Intelligence April 2013

CFIR - Finance IT 2015 Cyber security September 2015

CONSULTING IMAGE PLACEHOLDER

A Guide to the Cyber Essentials Scheme

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

Critical Controls for Cyber Security.

Caretower s SIEM Managed Security Services

2012 North American Managed Security Service Providers Growth Leadership Award

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, CEO EDS Corporation

Protecting critical infrastructure from Cyber-attack

IT Security. Muscat 15+ ABOUT US IN A GLANCE

I.T. Security Specialists. Cyber Security Solutions and Services. Caretower Corporate Brochure

SIEM Implementation Approach Discussion. April 2012

BAE SYSTEMS CYBERREVEAL G-CLOUD SERVICE DEFINITION

Seamus Reilly Director EY Information Security Cyber Security

The Evolution of Application Monitoring

Strengthen security with intelligent identity and access management

nfx One for Managed Service Providers

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

Developing National Frameworks & Engaging the Private Sector

GOVERNMENT OF THE REPUBLIC OF LITHUANIA

SECURE IDENTITY MANAGEMENT. Globally recognised identity management expertise

Certified Information Systems Auditor (CISA)

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Prime Minister. The French Networks and Information Security Agency Agence nationale de la sécurité des systèmes d information

Phone: Fax:

Domain 1 The Process of Auditing Information Systems

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

We are Passionate about Total Security Management Architecture & Infrastructure Optimisation Review

Assuria from ZeroDayLab

Changing the Enterprise Security Landscape

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

Defending against modern cyber threats

Smart Security. Smart Compliance.

The enemies ashore Vulnerabilities & hackers: A relationship that works

Fujitsu Group s Information Security

InfoSec Academy Forensics Track

Securing business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security

integrating cutting-edge security technologies the case for SIEM & PAM

ISO27032 Guidelines for Cyber Security

Executive Summary P 1. ActivIdentity

Italy. EY s Global Information Security Survey 2013

Transcription:

CYBERSECURITY Global cybersecurity capabilities for a digital transformation with confidence Delivering Transformation. Together.

Sopra Steria, a European leader in digital transformation, has one of the most extensive portfolios of offerings available on the market, spanning consulting, systems integration, sales of industry-specific solutions and business process services. Sopra Steria also provides end-toend solutions to address the core business needs of large companies and organisations, helping them remain competitive and grow. Combining added value, innovative solutions and high-performance services, Sopra Steria excels in guiding its clients through their transformation projects, no matter how complex, and helping them make the most of digital technology. + 35 000 EMPLOYEES + 3.1 BILLION PRO FORMA REVENUES IN 2013 80 SITES IN EUROPE AND THROUGHOUT THE WORLD 2 Cybersecurity - Digital transformation with confidence

Digital transformation with confidence Supported by even more open and interconnected systems, the digital economy is a source of threats that are increasingly growing in number and sophistication. With more than 700 experts and advanced Cybersecurity Centres in Europe and around the globe, Sopra Steria is a global cybersecurity partner and a reference for cyber trust operators for the protection of major institutional and economic players and their business sectors. Sopra Steria accompanies these organisations in the protection of their information and enables them to seize new opportunities and to accelerate the development of their digital potential with complete confidence. A comprehensive range of cybersecurity services Sopra Steria covers the entire security life cycle, from the identification of risks to operational monitoring services. CYBER MONITORING SIEM / SOC APT Detection NGIPS / HIPS Probes Monitoring / CERT Forensic Crisis management DETECTION & REACTION Cyber Monitoring PREVENTION Strategy, Risk and Governance Audits and Compliance PROTECTION Digital ID Data Protection STRATEGY, RISK AND GOVERNANCE Strategy / ISMS Risk analysis IS Security Policy CISO consultancy Business Continuity Management AUDITS AND COMPLIANCE Regulatory compliance IS compliance Organisational audits Penetration testing Vulnerability management DATA PROTECTION Classification Encryption DLP DIGITAL IDENTITIES CMS / IAM / PKI Biometrics / eid Electronic signature Management of access and privileges Cybersecurity - Digital transformation with confidence 3

Prevention The multiplication and the complexity of cyber threats invite governments and companies to rethink cybersecurity for ensuring better prevention against attacks. New uses in the digital sphere, in the context of strengthening the regulatory framework, are leading organisations to transform their security and risk management strategy in order to ensure the compliance of operational realities with the market s various reference systems and standards. Strategy, risk and governance Our consultants assist you in defining and implementing processes and means of prevention for ambitious, efficient and tailored security policies through the following activities: Risk analyses according to recognised methodologies (EBIOS, for example); Strategy, governance and implementation of information security management systems (ISMS); An IS Security Policy (ISSP) according to security standards (best practice, computer standard rules established by ANSSI (French National Agency for the Security of Information Systems), etc.); A Business Continuity Plan (BCP) to ensure a fast return to normal operations in case of a major security incident; CISO accompaniment. Audits and compliance The business and technical expertise of our consultants enables you to integrate and test the compliance of your systems with business reference systems (PCI DSS, Basel II, etc.) and with security systems (27001, ISSP, computer standard rules, Military Programming Act, etc.) and to take corrective measures. This continuous improvement process, supplemented by audits and vulnerability management, allows you to transform your IS in order to increase its level of security. A proactive approach to risk management Our security consulting expertise is built from a strong experience gained through activities in accompanying strategic assignments throughout Europe. Sopra Steria accompanies the transformation of security systems of a national health agency in order to enable its digital development Our consulting strength relies on a global network of 700 security experts recognised by benchmark certifications for these activities, such as Lead Auditor 27001, Risk Manager 27005, CISSP and CEH (Certified Ethical Hacker). Our consultants task is to provide answers to enable the achievement of your objectives: Alignment of your business risks with your security policies; Organisational efficiency and governance; Optimization of security processes and architectures. 4 Cybersecurity - Digital transformation with confidence

Focus on Sopra Steria s IS compliance solution Measuring the compliance level of the IS and managing change through security IS compliance is an industrial programme that is part of a proactive approach to risk management, in addition to real-time detection and reaction to incidents. The key success factors of our compliance programmes are: Meeting the expected standards whether they be regulatory, business or technical standards, or computer security standard rules and the ISSP Reports adapted to each type of user: Senior Management, Functional Directors, IS Directors, CISO and its operational teams A simple and pragmatic solution for complex organisations: multiple plates, multiples sites, decentralised IS change management that is based on a dual experience of cybersecurity operations and infrastructure management. A pragmatic and tooled approach for tangible results in less than six months A measure of equipment compliance based on undeniable facts (computer standard rules, ISSP, etc.) A tool based on a BI-OLAP (Business Intelligence Online Analytical Processing) technology: a multi-dimensional cube developed by our experts, capable of handling Big Data Billing by equipment type, regardless of the volume processed: workstations, servers, databases, network devices, etc. SOC SERVICES The compliance programme enables: a reduction in the number of vulnerabilities and exposure to attacks productivity gains GOVERNANCE an assessment of ROI and performance transformation management COMPLIANCE SERVICES TRANSFORMATION OVERVIEW OF THE COMPLIANCE PROGRAMME GOVERNANCE PRAGMATIC RULES MEASUREMENTS COMPLIANCE REPORTS CORRECTION PLAN Cybersecurity - Digital transformation with confidence 5

Protection After having identified the most sensitive information for your organisation, putting in place tailored protection means will enable you to control access and to protect against data leakage, identified as the main security risk by 60% of security decision-makers. Digital identities Our experts implement security solutions including design, implementation and operation: Identity and access management (IAM) that is deployed quickly and efficiently; Public key infrastructure (PKI) and strong authentication by certificates; Biometrics: SteriaAFiS (automatic fingerprint recognition) solutions; SteriaFiTPlus, biometric data capture system; eid/card management system (CMS): identity federation solutions which enable identification, authentication, physical and logical access controls and electronic signatures and which facilitate access to online services; Management of access and privileges: control of IS super administrators. Data protection In the digital economy, information is the most valuable asset of businesses and administrations - its protection is essential to ensure competitiveness. Sopra Steria provides its expertise for the classification of sensitive data and the implementation of DLP and encryption technologies. Our modular approach enables the control and confidentiality of your information from a prior perimeter of the IS to third-party environments. Excellence in implementing trusted solutions These protection capabilities are based on Sopra Steria s strong experience in system development, integration and maintenance, gained in complex projects, realised for the benefit of major institutional clients and businesses, in Europe and internationally. Sopra Steria transforms, integrates and operates the PKI of the General Secretariat of the Council of the European Union to homogenise all the tools for sharing information internally and between the Member States of the European Union. Based on proprietary software around biometrics or solid partnerships with top-ranked suppliers, our innovative solutions guarantee an endto-end securing of information, access to it and exchanges between third parties. These so-called «cyber trust» solutions enable organisations to create new products and services with a high level of trust, and to gain efficiency by using secure collaborative tools in order to develop their digital potential with confidence and to accelerate their competitiveness in their market. 6 Cybersecurity - Digital transformation with confidence

The Pass IN solution, a turnkey service for managing professional digital identities A global partnership between Sopra Steria and the Imprimerie Nationale (French National Printing Press) on the theme of cyber trust This unique partnership between two major players heavily involved in cyber trust includes: Joint development of the Card Management System (CMS) and the federation of identities Joint selling of the solution to companies and communities The Imprimerie Nationale has also entrusted its critical systems monitoring to Sopra Steria s Cybersecurity Centre A comprehensive programme of digital identity management Digital identity federation Production of secure cards Management of associated digital services (authentication, signature, encryption, etc.) Administration of the life cycle of services (revocation, renewal, etc.) Provision of complementary services: Single Sign-On (SSO), approval and validation processes, digitalisation of regulatory processes, digital archiving system and safe The benefits of Pass in are numerous, including economic, regulatory and security-related: Optimisation of management costs; Improvement of security by identification of employees through cards; Federation of multiple access badges on a single medium (physical access, trusted services, etc.); Propagation of strong authentication across the applications of the Information System; Consumption of services in SaaS mode; Compliance with standards of the General Security Reference System (RGS) regulated by the ANSSi (National Agency for Information System Security); High level of security, redundancy, and availability. Sopra Steria brings us the trust capabilities required for our digital acceleration. Our Pass IN solution is spearheading our efforts. DIDIER TRUTT President and CEO of the Imprimerie Nationale Group Cybersecurity - Digital transformation with confidence 7

Detection and Response With the evolution of threats and the proven character of cyber-attacks of different origins and increasing complexity targeting institutions or major economic players, Sopra Steria has developed an expertise and advanced industrial capabilities around the implementation of detection and response tools and services that are up to the task. Cyber monitoring The monitoring of information systems has become an essential element in the fight against fraud and cyber attacks. Sopra Steria accompanies you in the implementation of detection and response solutions: Security Information and Event Management (SIEM)/ Security Operations Centre (SOC): integration of SIEM tools and security event correlation and management service, incident response; Detection of Advanced Persistent Threats (APT): advanced SOC services for the detection of sophisticated attacks like APTs; Monitoring/CERT: custom security monitoring, approved CERT (Computer Emergency Response Team) since 2014; Forensic: on-demand search for evidence, using specific analysis techniques in digital investigations; Crisis management: managing cyber attack crises, mobilisation of a war room, coordination of experts, communication and reporting, preparation of the post-crisis transformation plan. Sopra Steria develops and integrates a SIEM solution (GSEC security module) for the Ministry of Defence Enhanced monitoring capabilities that meet your needs Faced with the exponential acceleration of cyber crime, implementing capabilities for active monitoring and permanent information systems has become a requirement of senior management, and more particularly for Opérateurs d importance Vitale (Operators of Vital Importance, OIV) subject to national regulations on the detection of security incidents, in force since 1 st January 2015. Protecting informational capital and critical Information Systems requires experience and a processing capability that goes beyond the solutions on the market. Sopra Steria combines its expertise in the area of security monitoring with advanced innovation capabilities around the development of new means of detection and investigation in an R&D Lab. This way, Sopra Steria offers a response that meets current and future Information Systems monitoring challenges. Sopra Steria monitors critical and vitally important Information Systems of an international urban transportation player 8 Cybersecurity - Digital transformation with confidence

A comprehensive and innovative approach to IS monitoring When confronted with attacks from networks, defence capabilities must be built into networks. Sopra Steria is part of a federative programme of the various stakeholders in the cybersecurity ecosystem (industry, SMEs, research laboratories, schools and universities...) around a trustworthy industry in order to offer protection and monitoring capabilities that are up to the challenges of the business sectors. With a strong presence in the aeronautics and space in the Midi-Pyrénées region, Sopra Steria coordinates the Albatros federative programme and the Box@PME project, for the protection of the sector and its SMEs. FEDERATE THE STAKEHOLDERS OF THE CYBERSECURITY ECOSYSTEM PROTECT BUSINESS SECTORS INCREASE THE EFFICIENCY OF THE MEANS FOR CYBER MONITORING Box@PME: a collaborative solution for the protection and detection of the SMEs of a business sector IS behavioural analysis tools based on machine learning RESEARCH AND DEVELOPMENT IDENTIFY FUTURE DETECTION TECHNIQUES Creation of a security laboratory in partnership with the CEA Tech, an innovation driver for cyber monitoring SKILLS DEVELOP SKILLS AND ATTRACT THE BEST TALENTS Creation of a degree-awarding training programme in partnership with the University of Toulouse Steria Hacking Challenge: the first interschool ethical hacking competition Sopra Steria and its partners are strengthening the protection of the aeronautics and space with the Albatros cybersecurity federative programme approved by the Aerospace Valley competitive cluster. Cybersecurity - Digital transformation with confidence 9

RightSecurity: A tailored model of services A right delivery model that is flexible and scalable, combining proximity and industrialisation Adapted to your requirements and your maturity: Sopra Steria offers all of its consulting, integration and operational security services based on a modular approach, for à la carte services in line with your requirements. Able to accompany your transformation: thanks to a bespoke model, Sopra Steria is able to accompany your security services transformation by adapting the delivery modes between proximity support - with expertise or service centre teams - and industrialisation with our Cybersecurity Centre and its dedicated or mutualised teams. CONSULTING INTEGRATION MANAGED SERVICES Industrial Cybersecurity Centres integrated internationally Sopra Steria has established several high level Cybersecurity Centres in Europe and around the world, capable of protecting the most complex and international organisations. They can also outsource all or part of their security functions in an industrial and integrated model. In France, the Cybersecurity Centre in Toulouse, gathers more than 120 experts and brings together the most advanced technology to prevent, detect and respond to attacks in an optimal way. A global approach based on a specific methodology of management by risk: IPPCoR Risk Identification, Prevention, Protections, Control and Reporting. An «as a service» security services catalogue: All our services are provided in the form of a catalogue of work units enabling the measurement of value on the basis of tangible deliverables. CLOSE CLIENT SUPPORT EXPERTISE / PROJECT / DEDICATED SERVICE RIGHT SECURITY CYBERSECURITY CENTRES DEDICATED OR MUTUALISED TEAMS 10 Cybersecurity - Digital transformation with confidence

Sopra Steria s plus points A global network of more than 700 experts dedicated to cybersecurity More than 300 references in complex projects A comprehensive range of services covering the security life cycle Top-ranked Cybersecurity Centres in Europe and internationally A unique service model on the market Recognised expertise in digital ID management and cyber defence Cybersecurity - Digital transformation with confidence 11

Sopra Steria 9 bis, rue de Presbourg 75 116 Paris, France Tel. +33 (0)1 40 67 29 29 www.soprasteria.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information