Reserve Bank of India Cyber Security Framework
|
|
- Katrina Green
- 5 years ago
- Views:
Transcription
1 Reserve Bank of India Cyber Security Framework HOW SMOKESCREEN HELPS YOU COMPLY
2 RBI Cyber Security Framework How Smokescreen Helps You Comply Table Of Contents Executive Summary 3 About the Framework 3 General Compliance 4 Annex 1 - Baseline Cyber Security and Resilience Requirements 5 Annex 2 - Operationalising Cyber Security Operation Centre (C-SOC) 7 Annex 3 - Template for Reporting Cyber Security Incidents 10 About Smokescreen
3 RBI Cyber Security Framework How Smokescreen Helps You Comply Executive Summary The RBI Cyber Security Framework specifically calls for implementing counter-response and honeypot technologies that Smokescreen offers through our pioneering IllusionBLACK decoy technology. The systems that need to be put in place as a part of the Cyber SoC requires the following aspects to be addressed Counter response & honeypots RBI Cyber Security Framework - Annex 2 This white-paper explains how IllusionBLACK also helps you comply with more than 20 other points in the RBI framework. About the Framework In the light of growing cyber risks against banks, the RBI s new cyber security framework seeks to improve resilience, define baseline security controls, and move banks to pro-active defence. It mandates that the cyber security policy must be distinct from the broader IT and IS policies currently in place. The framework specifically calls for banks to move their thinking to assume breach, act pro-actively, and focus on detection, response and containment rather than just preventive capabilities. It also details capabilities around information sharing, reporting requirements and cyber crisis management. The policy is divided into general guidance followed by 3 annex sections which contain the details of the prescribed controls. The following are the Annex sections: 1. Baseline cyber security resilience requirements Covering the minimum security controls that banks need to implement in their policy. 2. Setting up and operationalising Cyber Security Operation Centre (C-SOC) Describing the specific capabilities that are expected from the bank s security monitoring and response center. 3. Template for reporting cyber Incidents A format for structured documentation of incidents for reporting to the RBI. 3
4 General Compliance The first section of the framework covers general guidance on how banks should approach cyber security at a strategic level. Smokescreen helps comply with the following points: Framework Reference Introduction Point 6 Framework Requirement Continuous surveillance How Smokescreen Helps Smokescreen s IllusionBLACK works 24/7, monitors the network in every single subnet, and is the only solution that covers the entire kill-chain (life-cycle of an attack). Introduction Point 6 Regularly updated on the latest nature of emerging cyber threats Smokescreen s IllusionBLACK detects the intent and behaviour of an attacker, and is agnostic to attacker s methodology, so it stays effective against any new type of threat. Introduction Point 12 Cyber crisis management plan should address detection, response, recovery and containment Smokescreen s IllusionBLACK is specifically designed for rapid detection, response and containment of advanced threats. We focus on reliable attack detection and minimising response time. Our integrations allow containment actions to be automated to stop attacks as soon as they occur. Introduction Point 14 Sharing of information on cyber security incidents with RBI Smokescreen's IllusionBLACK allows both human readable and machine readable export of threat intelligence in industry standard sharing formats such as STIX and CSV. Our ThreatPARSE natural language reconstruction automatically translates raw intelligence data into simple English. 4
5 Annex 1 - Baseline Cyber Security and Resilience Requirements This section deals with the specific requirements to be put in place by banks to achieve minimal cyber security resilience. Framework Reference Network and Security Point 4.9 Framework Requirement Security Operation Centre to monitor the logs of various network activities and should have the capability to escalate any abnormal / undesirable activities. How Smokescreen Helps IllusionBLACK provides complete network monitoring down to the subnet level and has built in manual and automatic escalations. Decoy technology has the lowest false positives of any security solution, avoiding event overload, and making the SOC monitoring highly effective. User Access Control / Point 8.2 Carefully protect customer access credentials such as logon userid, authentication information and tokens, access profiles, etc. against leakage/ attacks Decoy technology can create fictitious customer access account details, credentials, login passwords and so on. These decoy credentials are distributed across the bank s IT environment and trigger when an attacker attempts to gain access to them. User Access Control / Point 8.5 Log and monitor privileged/ superuser/administrative access to critical systems (Servers/OS/DB, applications, network devices etc.). IllusionBLACK s credential theft decoys create fake administrative credentials that can be placed on servers and endpoints in such a way that attackers find them easily. These dummy credentials appear to offer privileged access, however, they raise an alarm when an attacker attempts to use them. User Access Control / Point 8.7 Monitor any abnormal change in pattern of logon. Same as for Point 8.5 above. 5
6 Advanced Realtime Threat Defence and Point 13.1 Build a robust defence against the installation, spread, and execution of malicious code at multiple points in the enterprise. IllusionBLACK deception defences can detect the spread and execution of of malicious code in every single subnet of the network. The solution can also analyse the actions that the malware takes, and monitor its attempts to communicate with command and control channels. Data Leak Prevention Strategy Point 15.1 and 15.2 Develop a comprehensive data loss/leakage prevention strategy to safeguard sensitive (including confidential) business and customer data/ information. This shall include protecting data processed in end point devices, data in transmission, as well as data stored in servers and other digital stores, whether online or offline. IllusionBLACK creates data decoys that are decoy documents that appear to contain confidential information. These documents can be placed on the systems of highvalue targets (such as senior management), on servers, or on critical systems such as in the treasury or IT operations. Any attempt to access these data decoys will trigger a silent alarm. Furthermore, the decoys can track an entire nexus as the data is passed from one person to another. Incident Response and Point 19.6 (c) Establish and implement systems to collect and share threat information from local/ national/international sources IllusionBLACK can export industry standard threat intelligence that can be consumed by other systems. Additionally, it can integrate with practically any other security device in order to automatically push or pull threat information in real-time. Lastly, Smokescreen customers benefit from the wisdom of the crowd, where attacks seen against one bank create intelligence to protect all the others. Forensics Point 22.1 Have support/ arrangement for network forensics/forensic investigation/ddos mitigation services on stand-by. Smokescreen offers on-call triage and forensics services both independently and along with IllusionBLACK. Customers of our managed services model benefit from immediate attack analysis, system triage, containment recommendations and full-blown forensics. Our forensics services are on-demand with a pay only for what you use, when you use it commercial model. 6
7 Annex 2 - Operationalising Cyber Security Operation Centre (C-SOC) The second annex covers the requirements for operations of a cyber security operations centre, including what must be monitored, and how incidents must be responded to. Framework Reference Introduction Point 3 Governance Aspects Point 1 Governance Aspects Point 2 Framework Requirement Constant and continuous monitoring of the environment using appropriate and cost effective technology tools Board briefing on threat intelligence Dashboards and oversight How Smokescreen Helps IllusionBLACK is one of the most cost-effective solutions for monitoring a large environment. On average, our decoy monitoring solutions are 2 to 3 times cheaper than traditional monitoring. Additionally, the system requires minimal maintenance, freeing up existing resources to work on other priority areas. Smokescreen's private threat intelligence decoys give information about threats that specifically target your bank, not just companies in general. This information about who is seeking you out is of tremendous value to the board and helps define security priorities. IllusionBLACK has a highly accoladed visual dashboard that makes complex attacks easy to understand for laypersons without any technical knowledge. Cyber SOC Points to be Considered Point 1 Cyber SOC Points to be Considered Point 4 (b) The approach and methodology required to be put in place has to necessarily take into account proactive approaches rather than reactive approaches and have to also address possible unknown attacks. Incident investigation, forensics and deep packet analysis need to be in place to achieve the above. Our dashboard is regularly presented to senior management, and features replay capabilities to visually help understand the chronology of an attack. Decoy technology falls under the category of Active Defence, which is the new pro-active approach to security. Instead of waiting for attacks to complete, active defence solutions try to bring the attack to light with extremely rapid detection and response. Decoy technology is also agnostic to the attack methodology, so it stays effective no matter what the bad guys try tomorrow. IllusionBLACK has full packet capture of all attacks seen by the decoys. It also maintains full forensic evidence, and creates IOCs (indicators of compromise) to help find more instances of compromise. 7
8 Cyber SOC Points to be Considered Point 4 (d) Analytics with good dash board, showing the geolocation of the IP s IllusionBLACK s intuitive dashboard, and natural language attack reconstruction make analysis extremely simple. The system also geolocates attackers in real-time automatically, saving analysis time. Cyber SOC Points to be Considered Point 4 (e) Counter response and Honeypot services IllusionBLACK is an enterprise honeypot system. We have the maximum deception techniques and most holistic kill chain coverage of any deception technology available. Expectations from SOC Point (b) Ability to provide real-time/ near-real time information on and insight into security posture IllusionBLACK detection and alerts are real-time. They are also so accurate (minimal false positives) that telephone alerts can be configured directly from the system. Expectations from SOC Point (d) Ability to assess threat intelligence and the proactively identify/visualize impact of threats on the bank IllusionBLACK offers unparalleled threat intelligence that is instantly visualised, automatically analysed, and can be integrated with other systems. Expectations from SOC Point (e) Ability to know who did what, when, how and preservation of evidence IllusionBLACK ThreatPARSE automatically reconstructs attacker activity, reducing mean time to know (MTTK) from days to minutes. All attack evidence is forensically preserved in standard formats for further analysis. 8
9 Expectations from SOC Point (f) Integration of various log types and logging options into SIEM, ticketing/workflow/case management. IllusionBLACK has multiple integrations to push and pull information to other systems. If an integration for a particular system does not exist, Smokescreen can build it for you. Key Responsibilities of SOC - Monitor, analyze and escalate security incidents - Develop Response - protect, detect, respond, recover IllusionBLACK and Smokescreen s managed services increase your capabilities to cover all the key responsibilities of the SOC. - Conduct Incident and Forensic Analysis External Integration Threat intelligence feeds from various sources may be provided by the product vendors. Security information feeds from other Banks in particular and the financial ecosystem in general will be quite useful. IllusionBLACK offers the benefit of threat information sharing. Our strong client base in banking and financial services in India means that we often know about targeted threat attempts before anyone else. The benefits of this threat intelligence is shared with all other Smokescreen customers. 9
10 Annex 3 - Template for Reporting Cyber Security Incidents This section of the framework proposes a detailed documentation structure to capture the particulars of an incident for reporting to the RBI. When it detects an incident, Smokescreen s IllusionBLACK can provide information to help complete the following fields from the template: Basic Information Date and time of incident detection Type of incident and systems affected Chronological order of events Root cause analysis Date of resolution CSIR Form Incident severity Type of threat / incident When was the incident first observed? How was the incident first observed? Who observed TCP / UDP ports involved in the incident Affected systems IP address / attacker s IP address Operating system What is the earliest known date of attack? What is the source / cause of this incident? Did the bank locate / identify IP addresses / domain names relating to the incident? 10
11 About Smokescreen At Smokescreen, we use our deep insight into how apex hackers operate to build deception based defences. Our IllusionBLACK is the industry s most advanced decoy technology bringing military deception principles to the digital battlefield. Smokescreen s solutions protect some of the most highly targeted organisations globally, including leading financial institutions, and Fortune 500 companies. info@smokescreen.io Phone: Web: Address Smokescreen Technologies Kaledonia D wing, 1st Floor Sahar Road, Andheri East Mumbai , India.
भ रत य ररज़र व ब क. Setting up and Operationalising Cyber Security Operation Centre (C-SOC)
Annex-2 Setting up and Operationalising Cyber Security Operation Centre (C-SOC) Introduction 1 - Banking Industry in India has evolved technologically over the years and currently delivering innovative
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More informationATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS
PARTNER BRIEF ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS INTRODUCTION Attivo Networks has partnered with McAfee to detect real-time in-network threats and to automate incident response
More informationGujarat Forensic Sciences University
Gujarat Forensic Sciences University Knowledge Wisdom Fulfilment Cyber Security Consulting Services Secure Software Engineering Infrastructure Security Digital Forensics SDLC Assurance Review & Threat
More informationIntegrated, Intelligence driven Cyber Threat Hunting
Integrated, Intelligence driven Cyber Threat Hunting THREAT INVESTIGATION AND RESPONSE PLATFORM Zsolt Kocsis IBM Security Technical Executive, CEE zsolt.kocsis@hu.ibm.com 6th Nov 2018 Build an integrated
More informationNEXT GENERATION SECURITY OPERATIONS CENTER
DTS SOLUTION NEXT GENERATION SECURITY OPERATIONS CENTER SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 - SUCCESS FACTORS SOC 2.0 - FUNCTIONAL COMPONENTS DTS SOLUTION SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 Protecting
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationempow s Security Platform The SIEM that Gives SIEM a Good Name
empow s Security Platform The SIEM that Gives SIEM a Good Name Donnelley Financial Solutions empow s platform is unique in the security arena it makes all the tools in our arsenal work optimally and in
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationAnalytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS
Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS Overview Cyberattacks are increasingly getting more frequent, more sophisticated and more widespread than ever
More informationesendpoint Next-gen endpoint threat detection and response
DATA SHEET esendpoint Next-gen endpoint threat detection and response esendpoint powered by Carbon Black eliminates endpoint blind-spots that traditional technologies miss. Operating on a philosophy that
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationIncident Response Services to Help You Prepare for and Quickly Respond to Security Incidents
Services to Help You Prepare for and Quickly Respond to Security Incidents The Challenge The threat landscape is always evolving and adversaries are getting harder to detect; and with that, cyber risk
More informationForeScout Extended Module for Splunk
Enterprise Strategy Group Getting to the bigger truth. ESG Lab Review ForeScout Extended Module for Splunk Date: May 2017 Author: Tony Palmer, Senior Lab Analyst Abstract This report provides a first look
More informationIntroducing Cyber Observer
"Organizations are failing at early breach detection, with more than 92% of breaches undetected by the breached organization. The situation can be improved with stronger threat intelligence, the addition
More informationUsing Threat Analytics to Protect Privileged Access and Prevent Breaches
Using Threat Analytics to Protect Privileged Access and Prevent Breaches Under Attack Protecting privileged access and preventing breaches remains an urgent concern for companies of all sizes. Attackers
More informationRSA INCIDENT RESPONSE SERVICES
RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access
More informationRBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH
RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH CONTEXT RBI has provided guidelines on Cyber Security Framework circular DBS. CO/CSITE/BC.11/33.01.001/2015-16
More informationSFC strengthens internet trading regulatory controls
SFC strengthens internet trading regulatory controls November 2017 Internet trading What needs to be done now? For many investors, online and mobile internet trading is now an everyday interaction with
More informationManaging Microsoft 365 Identity and Access
Course MS-500T01-A: Managing Microsoft 365 Identity and Access Page 1 of 3 Managing Microsoft 365 Identity and Access Course MS-500T01-A: 1 day; Instructor-Led Introduction Help protect against credential
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationCYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO
CYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO INFORMATION SECURITY PAINS CISO RESPONSIBILITY WITHOUT AUTHORITY INVENTORY TO MANAGE ALERTS WITHOUT MEANING ASSETS SPREAD ACROSS
More informationNew York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief
Publication Date: March 10, 2017 Requirements for Financial Services Companies (23NYCRR 500) Solution Brief EventTracker 8815 Centre Park Drive, Columbia MD 21045 About EventTracker EventTracker s advanced
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationRSA INCIDENT RESPONSE SERVICES
RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access
More informationCYBER SECURITY TAILORED FOR BUSINESS SUCCESS
CYBER SECURITY TAILORED FOR BUSINESS SUCCESS KNOW THE ASIAN CYBER SECURITY LANDSCAPE As your organisation adopts digital transformation initiatives to accelerate your business ahead, understand the cyber
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationGuidelines. on the security measures for operational and security risks of payment services under Directive (EU) 2015/2366 (PSD2) EBA/GL/2017/17
GUIDELINES ON SECURITY MEASURES FOR OPERATIONAL AND SECURITY RISKS UNDER EBA/GL/2017/17 12/01/2018 Guidelines on the security measures for operational and security risks of payment services under Directive
More informationForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.
Real-time Visibility Network Access Control Endpoint Compliance Mobile Security ForeScout CounterACT Continuous Monitoring and Mitigation Rapid Threat Response Benefits Rethink IT Security Security Do
More informationSOLUTION BRIEF ASSESSING DECEPTION TECHNOLOGY FOR A PROACTIVE DEFENSE
SOLUTION BRIEF ASSESSING DECEPTION TECHNOLOGY FOR A PROACTIVE DEFENSE 1 EXECUTIVE SUMMARY Attackers have repeatedly demonstrated they can bypass an organization s conventional defenses. To remain effective,
More informationIT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,
IT Security Training MS-500: Microsoft 365 Security Administration $2,595.00 4 Days Upcoming Dates Course Description Day 1: Managing Microsoft 365 Identity and Access (MS-500T01-A) Help protect against
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationFOR FINANCIAL SERVICES ORGANIZATIONS
RSA BUSINESS-DRIVEN SECURITYTM FOR FINANCIAL SERVICES ORGANIZATIONS MANAGING THE NEXUS OF RISK & SECURITY A CHANGING LANDSCAPE AND A NEW APPROACH Today s financial services technology landscape is increasingly
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationSecurity In A Box. Modular Security Services Offering - BFSI. A new concept to Security Services Delivery.
Modular Security Services Offering - BFSI Security In A Box A new concept to Security Services Delivery. 2017 Skillmine Technology Consulting Pvt. Ltd. The information in this document is the property
More informationCyber Resilience - Protecting your Business 1
Cyber Resilience - Protecting your Business 1 2 Cyber Resilience - Protecting your Business Cyber Resilience - Protecting your Business 1 2 Cyber Resilience - Protecting your Business Cyber Resilience
More informationSIEM Solutions from McAfee
SIEM Solutions from McAfee Monitor. Prioritize. Investigate. Respond. Today s security information and event management (SIEM) solutions need to be able to identify and defend against attacks within an
More informationDetect Fraud & Financial Crime
IBM i2 Intelligence Analysis Detect Fraud & Financial Crime Acquire Discover Action! Urs Christen Security Sales Government urs.christen@ch.ibm.com 1 IBM Security 2014 IBM Corporation Build an integrated
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More information4-6 Opportunities Significant value in using SPARKL for Security
Solution Brief A Security Incident Management Solution with the SPARKL Sequencing Engine SPARKL Limited 2016 Inside This Brief 2 About What is the SPARKL Sequencing Engine? 3 Executive Summary What to
More informationSecurity Operations & Analytics Services
Security Operations & Analytics Services www.ecominfotech.biz info@ecominfotech.biz Page 1 Key Challenges Average time to detect an attack (Dwell time) hovers around 175 to 210 days as reported by some
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More informationdeep (i) the most advanced solution for managed security services
deep (i) the most advanced solution for managed security services TM deep (i) suite provides unparalleled threat intelligence and incident response through cutting edge Managed Security Services Cybersecurity
More informationTHE TRIPWIRE NERC SOLUTION SUITE
CONFIDENCE: SECURED BUSINESS INTELLIGENCE SOLUTION BRIEF THE TRIPWIRE NERC SOLUTION SUITE A TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on
More informationPrescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC
Prescriptive Security Operations Centers Leveraging big data capabilities to build next generation SOC Cyber Security Industry in constant renewal in 2016 and 2017 1 Tbps Mirai IoT Botnet broke the Internet
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationAcalvio Deception and the NIST Cybersecurity Framework 1.1
Acalvio Deception and the NIST Cybersecurity Framework 1.1 June 2018 The Framework enables organizations regardless of size, degree of cybersecurity risk, or cybersecurity sophistication to apply the principles
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationEFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave
EFFECTIVELY TARGETING ADVANCED THREATS Terry Sangha Sales Engineer at Trustwave THE CHALLENGE PROTECTING YOUR ENVIRONMENT IS NOT GETTING EASIER ENDPOINT POINT OF SALE MOBILE VULNERABILITY MANAGEMENT CYBER
More informationWHITE PAPER. HELPING BANKS SECURE DATA DURING AND AFTER DIGITIZATION An Infosys solution
WHITE PAPER HELPING BANKS SECURE DATA DURING AND AFTER DIGITIZATION An Infosys solution Abstract The banking industry is adopting digital technologies to renew how they deliver services to customers and
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationIncentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO
White Paper Incentives for IoT Security May 2018 Author: Dr. Cédric LEVY-BENCHETON, CEO Table of Content Defining the IoT 5 Insecurity by design... 5 But why are IoT systems so vulnerable?... 5 Integrating
More informationForeScout ControlFabric TM Architecture
ForeScout ControlFabric TM Architecture IMPROVE MULTI-VENDOR SOLUTION EFFECTIVENESS, RESPONSE AND WORKFLOW AUTOMATION THROUGH COLLABORATION WITH INDUSTRY-LEADING TECHNOLOGY PARTNERS. The Challenge 50%
More informationCyber security tips and self-assessment for business
Cyber security tips and self-assessment for business Last year one in five New Zealand SMEs experienced a cyber-attack, so it s essential to be prepared. Our friends at Deloitte have put together this
More informationEnhance Your Cyber Risk Awareness and Readiness. Singtel Business
Singtel Business Product Factsheet Brochure Managed Cyber Security Defense Readiness Services Assessment Enhance Your Cyber Risk Awareness and Readiness Much focus is on knowing one s enemy in today s
More informationMEETING ISO STANDARDS
WHITE PAPER MEETING ISO 27002 STANDARDS September 2018 SECURITY GUIDELINE COMPLIANCE Organizations have seen a rapid increase in malicious insider threats, sensitive data exfiltration, and other advanced
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationOUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER
OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER HOW TO ADDRESS GARTNER S FIVE CHARACTERISTICS OF AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER 1 POWERING ACTIONABLE
More informationCyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response
Cyber Incident Response Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response 1 2 Today, no Canadian business is immune from a potential attack. It s no longer
More informationHISPOL The United States House of Representatives Internet/ Intranet Security Policy. CATEGORY: Telecommunications Security
HISPOL 003.0 The United States House of Representatives Internet/ Intranet Security Policy CATEGORY: Telecommunications Security ISSUE DATE: February 4, 1998 REVISION DATE: August 23, 2000 The United States
More informationThe McGill University Health Centre (MUHC)
The McGill University Health Centre (MUHC) Strengthening its security posture with in- depth global intelligence Overview The need MUHC security staff wanted to more quickly identify and assess potential
More informationTHE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM
THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM Modern threats demand analytics-driven security and continuous monitoring Legacy SIEMs are Stuck in the Past Finding a mechanism to collect, store
More informationAKAMAI CLOUD SECURITY SOLUTIONS
AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More informationReducing the Cost of Incident Response
Reducing the Cost of Incident Response Introduction Cb Response is the most complete endpoint detection and response solution available to security teams who want a single platform for hunting threats,
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationWHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION. A Novetta Cyber Analytics Brief
WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION A Novetta Cyber Analytics Brief Why SIEMs with advanced network-traffic analytics is a powerful combination. INTRODUCTION Novetta
More informationSecurity. Made Smarter.
Security. Made Smarter. Your job is to keep your organization safe from cyberattacks. To do so, your team has to review a monumental amount of data that is growing exponentially by the minute. Your team
More informationAre we breached? Deloitte's Cyber Threat Hunting
Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationSECURITY SERVICES SECURITY
SECURITY SERVICES SECURITY SOLUTION SUMMARY Computacenter helps organisations safeguard data, simplify compliance and enable users with holistic security solutions With users, data and devices dispersed
More informationAssessing Your Incident Response Capabilities Do You Have What it Takes?
Assessing Your Incident Response Capabilities Do You Have What it Takes? March 31, 2017 Presenters Tim L. Bryan, CPA/CFF/CITP, CISA, EnCE Director, Advisory Services Forensic Technology & Investigation
More informationDefining cybersecurity.
PREPARING FOR TOMORROW S THREATS 28 September 2016 Andrew Facchini Presales & Product Manager +47 459 07 330 andrew@mnemonic.no Defining cybersecurity. WHO IS MNEMONIC? Founded in 2000 110+ security specialists
More informationT-SURE VIGILANCE CYBER SECURITY OPERATIONS CENTRE
www.thalesgroup.com/uk SECURE COMMUNICATIONS AND INFORMATION SYSTEMS T-SURE VIGILANCE CYBER SECURITY OPERATIONS CENTRE An enterprise-level bespoke security service for the detection and response to cyber
More informationINCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER
INCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER 1 INCIDENT RESPONDER'S FIELD GUIDE TABLE OF CONTENTS 03 Introduction
More informationRUAG Cyber Security Understand Cyber. Protect Values.
RUAG Cyber Security Understand Cyber. Protect Values. Your Cyber Security maturity depends on your awareness and the appropriate behaviour of every single user. RUAG Cyber Security empowers and efficiently
More informationTraditional Security Solutions Have Reached Their Limit
Traditional Security Solutions Have Reached Their Limit CHALLENGE #1 They are reactive They force you to deal only with symptoms, rather than root causes. CHALLENGE #2 256 DAYS TO IDENTIFY A BREACH TRADITIONAL
More informationCyber Threat Landscape April 2013
www.pwc.co.uk Cyber Threat Landscape April 2013 Cyber Threats: Influences of the global business ecosystem Economic Industry/ Competitors Technology-led innovation has enabled business models to evolve
More informationSecuring Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)
Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF) A Guide to Leveraging Privileged Account Security to Assist with SWIFT CSCF Compliance Table of Contents Executive Summary...
More informationCybersecurity Today Avoid Becoming a News Headline
Cybersecurity Today 2017 Avoid Becoming a News Headline Topics Making News Notable Incidents Current State of Affairs Common Points of Failure Three Quick Wins How to Prepare for and Respond to Cybersecurity
More informationO N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationHow Can Indian Banks Comply with RBI cybersecurity Guidelines
How Can Indian Banks Comply with RBI cybersecurity Guidelines Understanding the new RBI guidelines and how Cyberbit helps financial institutions achieve compliance White Paper www.cyberbit.com sales@cyberbit.com
More informationTechnology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017
Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 04/12/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationFinancial Conduct Authority. Financial Crime : A Guide for Firms
WHITEPAPER Financial Conduct Authority Financial Conduct Authority Financial Crime : A Guide for Firms Summary The Financial Conduct Authority regulates the financial services industry in the UK. Tackling
More informationAutomated Response in Cyber Security SOC with Actionable Threat Intelligence
Automated Response in Cyber Security SOC with Actionable Threat Intelligence while its biggest weakness is lack of visibility: SOCs still can t detect previously unknown threats, which is a consistent
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationTechnology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017
Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 05/24/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT
More informationIncident Response Agility: Leverage the Past and Present into the Future
SESSION ID: SPO1-W03 Incident Response Agility: Leverage the Past and Present into the Future Torry Campbell CTO, Endpoint and Management Technologies Intel Security The Reality we Face Reconnaissance
More informationCyber Resilience: Developing a Shared Culture. Sponsor Guide
Lead : Cyber Resilience: Developing a Shared Culture Guide ISfL Annual Cyber Security Conference This ISfL Conference has been made possible by the exhibitors who kindly sponsored the event. Please show
More informationSOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM
RSA NETWITNESS EVOLVED SIEM OVERVIEW A SIEM is technology originally intended for compliance and log management. Later, as SIEMs became the aggregation points for security alerts, they began to be more
More information