Security Services A Solution for Providing BPM of Security Services within the Enterprise Environment.
First steps towards Next Generations Operations (OPS) to drive Gross Margin Dear security colleagues, It is a fact that our business environment is changing rapidly. Customers require shorter lead-times, product lifecycles are shortening while the number of variances and the demand for better quality are increasing. For us at Operations it is extremely important to respond to these developments. There are three areas upon which we have to most focus: A) Reduce response time: Seamless execution from security alert to remediation B) Prioritized remediation process: faster remediation process for business critical assets C) Increase efficiency: Drive operational excellence with all stakeholders We will have to change our methods of working to secure high delivery reliability through a more flexible and optimized threat analysis services. Next Generation IT Security Operations (OPS) will become a key change to support the company s efforts to improve its gross margin challenges. Traditionally, an OPS co-managed team must start with a detailed analysis and will look deeply into the following areas where we can to improve: o Increase cross functional collaboration within IT Security OPS o Strengthen end-to-end process integration by removing system interface barriers o Clear empowerment of key roles and responsibilities o Streamline existing technology implementation by automating stakeholder workflows o Improve overall business excellence through process integrity management Let us move up to the next level together. We already have expertise in the industry. It is our goal to work together to become even better. I fully believe that we have a great team in place which can help you to accomplish this. Best regards, Tim Larson CEO & President Version 1.5 2
Bottom-line Financial Risks Financial losses reported by the companies surveyed by Verizon and CSI/FBI Computer Crime and Security Survey continue to rise yearly. These losses were due to various cyber threats and incidents including computer virus attacks, external hacker attacks, and internal abuse among the most common threat sources. In addition, the US CERT (Computer Emergency Readiness Team) Coordination Center, which monitors and reports on cyber threats, intrusions, and vulnerabilities, consistently reports that the nature and sophistication of attack methods continues to increase. Given these facts, security service initiatives that are proactive, dedicated, integrated security solutions are necessary to provide a strong defensive layer within enterprise security architectures. Meeting the Demands of Business Today Over the past several years, security, network and audit teams have been focused on getting more and better data to support security and compliance initiatives. Logs have been collected, data has been generated, and audit frameworks and compliance controls have been put in place. Today, many of these same groups are finding that they are actually "drowning" in the data they once sought. Too much data without the proper analysis and correlation capabilities can be just as much of a problem as not enough! Combining log management and security best practices with vulnerability, configuration, asset, performance and network behavioral anomaly data enables IT professionals to solve security, risk and audit challenges. Regulatory Compliance Assistance Regulations like Sarbanes-Oxley, HIPAA, the Gramm-Leach-Bliley Act and the EU Data Protection Directive, as well as security certifications like BS 7799 and ISO 17799 have placed clear requirements for the protection of sensitive information with strong guidelines for auditing information flow capabilities. Operational & Financial Efficiencies HIS Corp. provides a variety of consultative and co-managed services to help your organization increase operational efficiencies, reduce implementation costs, and maximize the effectiveness of the overall information security and user integrity program. Version 1.5 3
Key Services performed in conjunction with your staff Project Management Needs Analysis Business Case Development Develop Project Plans Assist with Project Plan Deliverables Manage Global Solution Deployment Develop Support Documentation Security Data Management Review of Security Architect Analysis of Information Needs Develop Policies and Procedures Define Methods for Data Integration Deployment of Integrated Solution Define User Operational Processes Security Information/Event Management Security Event Analysis Process Centralized Policy Management SLA Metrics & Reporting Needs Case Management Processes Technology Integration Review of Security Architect Analysis of Information Flow Enhanced Auditing of Information Protection Levels Develop Transition Plan Develop Implementation Plan Risk Management Risk Management Framework - REMS Consulting Services Enterprises need experienced partners which can co-work with their business unit personnel to bring alignment between business strategies and technology solutions. The focus of this alignment is to build a business case for change that links business strategy, industry regulations, technology solutions and internal processes as critical factors driving organizational change. This practical, business focused approach enables organizations to achieve business objectives through a balance of business requirements, stakeholder expectations, employee commitment and industry regulations. HIS Corp. can help you achieve these business objectives by assessing your IT security environment against industry standards, and recommending best practice guidance to establish your required level of process maturity. We can specifically provide consulting services on security information and event management processes and procedures as well as develop and assist with technology integration project deliverables. Case Study article that was recently published: www.hostintegritysystems.com Project Management The key to success is the ability to manage projects efficiently and effectively. This takes strong skills and experience from people and teams that have succeeded in taking projects from inception to completion. Project management services from HIS Corp utilize proven experience and methodologies to deliver IT solutions that meet the business technology needs of our clients. The skills of our project leaders and team members are broad and deep, with expertise in virtually every aspect of networking, communications, technology and engineering solutions. Security Policy & Procedure Assessments and Consulting Whether a company has processes that need to be reviewed and updated, or developed from scratch, we can help. Our services include process assessment, development and dissemination as well as awareness training to ensure that your security systems are being fully leveraged in accordance with corporate guidelines and security best practices. We ensure that the business requirements of the organization are communicated as they relate to information assets, privacy and IT controls. Features: IT Security Standards, Policies & Procedures, Supportive documentation Operational Processes & Procedural Requirements for Automating Data Integration Version 1.5 4
Vulnerability, Intrusion, and Log Management Services PCI (Payment Card Industry) Standard and Sarbanes-Oxley requirements for public companies increasingly require corporations to run scans, detect intrusions and collect logs to and provide audit trails for all systems and applications impacted by these regulations. In-addition, provide continuous monitoring and reports on suspicious users and activity, and securely archive this data in a tamper-proof format. Often times, when implementing an enterprise security system technology is just the first step, and most organizations do not have process integration and management processes in place, or the staff resources trained to handle the ongoing services management. Compiling and analyzing security data from multiple applications is tedious and time-consuming. Many organizations faced with limited resources choose to let these logging devices run, and the monitoring or auditing of logs does not become a priority until there is an issue. HIS Corp. can assist your staff by providing the following process integration and automation project deliverables: 1. Centralization of enterprise network security logs in support of incident management & network performance troubleshooting. 2. Integration of numerous technology platforms into the centralized management system. 3. Develop IT Security standards to address the basic concerns of maximizing network uptime, IT risk management, event monitoring, operational efficiency and compliance with international regulations for handling sensitive information. 4. Establish policies and procedures for an effective and efficient audit trail of activities happening within IT infrastructure of networked systems. 5. Incorporate Legal requirements within the organization s ability to detection IT security breaches and to maintain the confidentiality, availability and integrity of business critical systems and data. Collaboration, Integration and Automation (CIA) The goal of the co-managed project is to deliver is a security solution that: 1. Integrates security data, asset data, and asset ownership data 2. Automates the workflow of information such that it is useful, timely and accurate 3. Enables collaboration between internal and external stakeholders 4. Reduce time and money spent on remediating security events thus freeing resources and budgets for other initiatives without reducing the level of security for the organization.. CERT Ticket Handling Process Version updated August 5,2008 Inform CERT MSSP Client CERT Team Service Providers Other source of information Inform CERT SEM Data SP handling Verification & Analysis Create REMs Ticket Update SP CERT duty-officer REMS TOOL MSSP / SOC Monitoring & Alerting Handling Remediation Valid incident, MP/SC Create a SP No Update REMS MSSP Portal Portal for SP s Inform CERT Possible Detected handling Counter measure Case assigned to CERT & MSSP Update REMs Update MSSP Ticket Create MSSP Ticket Approve to close SP Level 4-5 Event More SP remediation needed? No Std Conf mismatch, Update REMs MSSP handling Remediation verification Level 1-3 Event No Define new controls in MP / Std Config Implementation Review/update MP/Std Conf System Designer MSSP Portal Report Version 1.5 5
Formula for Success = 25% technology deployment + 50% process integration + 25% over come internal resistance to collaboration In today s business environment, managing business and operational risks by addressing security data log management is a core necessity and top priority for all organizations. Your customers demand proof of your capabilities, as concerns about privacy and information security continue to rise. Your business partners require secure interactions, particularly when providing mutual information access. National and International regulations demand that organizations demonstrate due care with respect to privacy and security of information. HIS Corp. is committed to working with your organization to analyze your current environment and design a solution to ensure process integrity. Please contact us to discuss the matter of security and integrity management. Keeping an eye on Integrity 4568 Pecan Valley Dr. Plano, TX 75093 In USA 214.952.4100 I Version 1.5 6