Business Case Components
|
|
- Shon Stevens
- 5 years ago
- Views:
Transcription
1 How to Build A SOC
2 Agenda Mission Business Case Components Regulatory requirements SOC Terminology Technology Components Events categories Staff Requirements Organiza>on s Considera>ons Training Requirements Staff Opera>ons Plans Overall SOC Infrastructure Design Facili>es & Building Requirements Processes and Procedures Diagram Social Media Profile
3 Mission All successful teams need a unifying sense of purpose to help mo>vate team members, priori>ze work, and respond effec>vely to the changing needs of the business. Time spent in this phase of planning will benefit the SOC long- term. Prior to building a SOC, organiza>ons must answer the following ques>ons: What needs will the SOC meet for the organiza>on? What are the specific tasks assigned to the SOC? (e.g., detec>ng asacks from the Internet, monitoring PCI compliance, detec>ng insider abuse on the financial systems, incident response and forensic analysis, vulnerability assessments, etc.) Who are the consumers of the informa>on collected and analyzed by the SOC? What requirements do they hope to impose on the SOC? Who is the ul>mate project sponsor for the SOC? Who will sell the SOC to the rest of the organiza>on? What requirements will he or she levy on the SOC? What types of security events will eventually be fed into the SOC for monitoring?
4 Business Case Components Facili>es: Furniture, computer equipment, special badging requirements, power, HVAC, telephony SOC Labor: Security analysts, shi[ leads, SOC managers Suppor>ng Labor: Network support, system support, database support, telephony support, security device management (if not performed by the SOC) Educa>on and Training: Classes, conferences, con>nuing educa>on Threat intelligence subscrip>ons: Up- to- the- minute informa>on on the latest threats Monitoring technology: Hardware, so[ware, storage, and implementa>on services Addi>onal technologies: Problem and change management, , knowledge sharing Recovering these costs is a much tougher problem to solve. The following list outlines some common approaches in jus>fying the expense of a SOC: Cost avoidance: Building the SOC will cost far less than not detec>ng, preven>ng, and responding to asacks. Cost efficiencies: Chances are that many of the SOC processes or technologies can help automate func>ons already taking place within the organiza>on. By accep>ng a new data feed and producing automated repor>ng, a SOC can o[en save the organiza>on money by reducing manual effort. Cost sharing: In many cases, other groups are currently tasked with the responsibili>es outlined for the future SOC. Are those groups willing to outsource these responsibili>es to the SOC? Having other organiza>ons help to foot the bill can minimize the overall impact to all. Revenue /Cost Recovery: Can SOC services be offered to customers either internal or external? There is more work in determining separa>on of informa>on among customers, pricing models, and other business aspects, but actual revenue (or cost recovery in the case of internal customers) is a powerful argument where SOC services can be leveraged to perform security services for other organiza>ons.
5 SOC Terminology Security defense center (SDC)" Security Intelligence Center (SIC)" Cyber Security Center (CSC)" Threat Defense Center (TDC)" Security Intelligence and Operations Center (SIOC) " Infrastructure Protection Centre (IPC)" Cyber Security Operations Centre (CSOC)
6 Regulatory requirements Establishing and opera>ng a SOC is expensive and difficult, IN SOME INSTANCES ITS COST EXCEEDS $4 USD. 1. Protec>ng sensi>ve data such online & e services, Ecommerce, Banking, Egovernment, Online transac>ons 2. Complying with industry rules such as PCI DSS 3. Complying with government rules, such as CESG GPG53
7 SOC Regulatory Requirements
8 Technology Components
9 Technology Components Security Events & Informa>on Management Network Discovery Vulnerability Assessment Governance, Risk & Compliance Website Assessments Monitoring Systems Applica>ons & Database Scanners Penetra>on Tes>ng Tools Intrusion Detec>on Tools Intrusion Preven>on Tools Log management Tools Network Behaviour Analysis tools DDOS & DOS Service Monitoring tools Wireless Intrusion Preven>on Systems NGFW Next Genera>on Firewall s Enterprise An>virus, An>spyware Malware Analysis Kit Unified threat Management Infrastructure Servers, Storage, Network, Cabling, End Users, Virtualisa>on, PC s & Monitors, Videowall PCOIP PC over IP connec>vity Mul>ple Networks Access & Security An> Phishing Service Converged Surveillance IP Network Cameras, Masts, VMS, Cabling, Infrastructure, Connec>vity Iden>ty & Access Management IAM & SSO, Physical Access Control Test Lab Data Centre Requirements Command & Control Centre design & requirements
10 SOC Events Categories CAT 0 Exercise/Network Defense Tes>ng CAT 1 Successful unauthorized Access CAT 2 Denial of service CAT 3 Successful installa>on or post- install beaconing of malicious code CAT 4 Improper Usage CAT 5 Scans/probes/ASempted Access CAT 6 Inves>ga>on
11 Staffing Requirements Opera;ons Shi[ Managers Team Leads Management Escala>ons Incident Handlers Execu>ve Support External En>>es such as Government, law enforcement Technical GIAC GCIA Engineers Researchers Cryptography CISSP SME s Forensics Network Engineers
12 Organiza>ons Considera>ons
13 Organiza>on's Considera>ons In some instances an org may need more than one SOC, or a NOC & SOC deployed. Deployments may be on a con>nent or global scale or within same campus depending on requirements. NOC will be responsible in such cases for monitoring overall network infrastructure while SOC is responsible for protec>ng networks.
14 Training Components Formal training should include the SANS (System Administra>on and Network Security) Intrusion Detec>on in Depth training module and the GCIA (GIAC Cer>fied Intrusion Analyst) cer>fica>on. This is the industry standard in training analysts in the fundamentals of TCP/IP, TCP/IP monitoring tools, and skills associated with advanced intrusion analysis. On- the- job training programs should provide an overview of important informa>on security concepts, training on specific intrusion detec>on tools in use, analy>cal processes and procedures, and effec>ve communica>on techniques. The SOC analyst will be required to effec>vely communicate and brief all levels of engineers and senior management during >mes of extreme stress, thus training in managing comba>ve communica>on is invaluable. This training should also include the hierarchy of communica>on methods. Learning when to page, call, e- mail or assign a >cket is a cri>cal skill. Addi>onally, it is important that any analyst learn to communicate in concise well- wrisen papers and e- mails. SOC managers should create a program that has aspiring analysts wri>ng analy>cal papers and then presen>ng their findings to their peers to hone wrisen and verbal communica>on skills.
15 Staff Opera>on Plans Staffing plans will evolve directly out of the needs of the mission. Is the SOC a virtual en>ty where events are collected, analyzed, alerted, and reported? Must the SOC have full- >me personnel to monitor consoles, analyze, alert, and report? Or, does the SOC need full staffing twenty- four hours a day, 7 days a week, all year round? These mission needs will dictate the staffing models that must be implemented.
16 Overall SOC Infrastructure Design
17 Process & Procedures Overflow
18 Ihab Ali Social Media Profile hap://blogs.forbes.com/people/ ihabali/
Strengthening Cybersecurity Workforce Development December 2017
Strengthening Cybersecurity Workforce Development December 2017 Agenda 1. Introduc3ons SANS GIAC Team 2. Goal: 2017 Execu3ve Order 3. SANS GIAC NICE Workforce Framework (NCWF) Mapping Overview 4. Workforce
More informationPutting the Pieces Together:
Putting the Pieces Together: Leveraging Current Audits to Solve the HITRUST Puzzle Presenter Gene Geiger, A-LIGN Partner - HITRUST Prac77oner CPA CISSP CCSK QSA PCIP ISO 27K LA performance resourceful
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationVendor Management: SSAE 18. Presented by Joseph Kirkpatrick CISSP, CISA, CGEIT, CRISC, QSA Managing Partner
Vendor Management: SSAE 18 Presented by Joseph Kirkpatrick CISSP, CISA, CGEIT, CRISC, QSA Managing Partner Audio Handouts Questions Welcome Joseph Kirkpatrick is the Managing Partner at KirkpatrickPrice
More informationCyber Security Capabilities
Cyber Security Capabilities Informa:on Assurance ü Vulnerability Assessment ü Penetra8on Tes8ng ü Informa8on Security Assessment ü Applica8on Security Evalua8on ü Network Traffic Assessment ü Cri8cality
More informationभ रत य ररज़र व ब क. Setting up and Operationalising Cyber Security Operation Centre (C-SOC)
Annex-2 Setting up and Operationalising Cyber Security Operation Centre (C-SOC) Introduction 1 - Banking Industry in India has evolved technologically over the years and currently delivering innovative
More informationEC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led
EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led Certification: Certified Network Defender Exam: 312-38 Course Description This course is a vendor-neutral, hands-on,
More informationGDPR ESSENTIALS END-USER COMPLIANCE TRAINING. Copyright 2018 Logical Operations, Inc. All rights reserved.
GDPR ESSENTIALS END-USER COMPLIANCE TRAINING 1 POTENTIAL MAXIMUM GDPR PENALTY 2 WHAT IS DATA PRIVACY? MOST NOTABLE US/CA PRIVACY LAWS Federal Trade Commission Act, Sec4on 5 California Online Privacy Protec4on
More informationCompTIA Cybersecurity Analyst+
CompTIA Cybersecurity Analyst+ Course CT-04 Five days Instructor-Led, Hands-on Introduction This five-day, instructor-led course is intended for those wishing to qualify with CompTIA CSA+ Cybersecurity
More informationAssessing Medical Device. Cyber Risks in a Healthcare. Environment
Assessing Medical Device Medical Devices Security Cyber Risks in a Healthcare Phil Englert Director Technology Operations Environment Catholic Health Ini
More informationTop 10 Web Application Vulnerabilities
Top 10 Web Application Vulnerabilities Why you should care about them plus a live hacking demo!! Why should you care?! Insecure so*ware is undermining our financial, healthcare, defense, energy, and other
More informationIden%ty, Risk and Privacy in the broader enterprise
Iden%ty, Risk and Privacy in the broader enterprise Or Why the hell are you calling ME in Florida in the middle of the night because there is a tornado in Indiana?? Mark Bruhn Associate Vice President
More informationStructuring Security for Success
University of Nebraska - Lincoln DigitalCommons@University of Nebraska - Lincoln Innovation in Pedagogy and Technology Symposium Information Technology Services 2018 Structuring Security for Success Matt
More informationLarge-scale Testbed and Cyber Range Organiza6on and Design
CYBER RANGE ORGANIZATION AND DESIGN Large-scale Testbed and Cyber Range Organiza6on and Design Razvan Beuran, Ken-ichi Chinen Outline 1. Mo9va9on & overview 2. Making use of StarBED 3. Case studies 4.
More informationSECURITY OPERATION CENTER - Models, Strategies and development - By Ali Mohammadi Desember 12,13, 2017
SECURITY OPERATION CENTER - Models, Strategies and development - By Ali Mohammadi Desember 12,13, 2017 1 Outline Organizational Security Concept Security Operations Center (SOC) Concept SOC Models SOC
More informationCost and benefit of NREN Cyber Risk Compliance
Cost and benefit of NREN Cyber Risk Compliance NORDUnet 2016 Helsinki September 20-22 Urpo Kaila What are cyber risks? Outline What kind of addi3onal security controls are needed? What are
More informationIngram Micro Cyber Security Portfolio
Ingram Micro Cyber Security Portfolio Ingram Micro Inc. 1 Ingram Micro Cyber Security Portfolio Services Trainings Vendors Technical Assessment General Training Consultancy Service Certification Training
More informationCybersecurity Curricular Guidelines
Cybersecurity Curricular Guidelines Ma2 Bishop, University of California Davis, co-chair Diana Burley The George Washington University, co-chair Sco2 Buck, Intel Corp. Joseph J. Ekstrom, Brigham Young
More informationDEVELOP YOUR TAILORED CYBERSECURITY ROADMAP
ARINC cybersecurity solutions DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP Getting started is as simple as assessing your baseline THE RIGHT CYBERSECURITY SOLUTIONS FOR YOUR UNIQUE NEEDS Comprehensive threat
More informationHacking to Get Caught. (Updated) Thoughts About Adversary Replica?on and Penetra?on Tes?ng
Hacking to Get Caught (Updated) Thoughts About Adversary Replica?on and Penetra?on Tes?ng Overview Personal Introduc?on Hacking to Get Caught The Conversa?on Adversary Simula?on Challenges Personal Introduc?on
More informationComposite Compliance: Demonstra1ng Suitability of Cloud Layering for Sensi1ve and Regulated Workloads
Composite Compliance: Demonstra1ng Suitability of Cloud Layering for Sensi1ve and Regulated Workloads Heather Hinton, PhD hhinton@us.ibm.com IBM Dis1nguished Engineer Master Inventor, Member IBM AoT 7
More informationICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)
ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary
More informationStaffing Services UnderDefense your source of experienced professionals to solve security staffing challenges today
Security Staffing Services UnderDefense your source of experienced professionals to solve security staffing challenges today Staff Augmentation, Executive Staffing, Flex Staffing Achieving our main goal
More informationCAREER PATH FOR THE NEXT GENERATION RECORDS MANAGER
CAREER PATH FOR THE NEXT GENERATION RECORDS MANAGER San Jose State University October 1,2014 Presented by: Jim Merrifield, IGP, CIP, ERMs Jim Merrifield, IGP, CIP, ERMs Director of Informa.on Governance
More informationSponsored by Oracle. SANS Institute Product Review: Oracle Audit Vault. March A SANS Whitepaper. Written by: Tanya Baccam
Sponsored by Oracle SANS Institute Product Review: Oracle Audit Vault March 2012 A SANS Whitepaper Written by: Tanya Baccam Product Review: Oracle Audit Vault Page 2 Auditing Page 2 Reporting Page 4 Alerting
More informationHow Breaches Really Happen
How Breaches Really Happen www.10dsecurity.com About Dedicated Information Security Firm Clients Nationwide, primarily in financial industry Services Penetration Testing Social Engineering Vulnerability
More informationCertified Cyber Security Specialist
Certified Cyber Security Specialist Page 1 of 7 Why Attend This course will provide participants with in-depth knowledge and practical skills to plan, deliver and monitor IT/cyber security to internal
More informationPULLING OUR SOCS UP VODAFONE GROUP AT RSAC Emma Smith. Andy Talbot. Group Technology Security Director Vodafone Group Plc
#RSAC SESSION ID: AIR-R04 PULLING OUR SOCS UP VODAFONE GROUP AT RSAC 2018 Emma Smith Group Technology Security Director Vodafone Group Plc Andy Talbot Global Head of Cyber Defence Vodafone Group Plc Pulling
More informationThe Ins(tute of Financial Opera(ons Cer(fica(on Programs
The Ins(tute of Financial Opera(ons Cer$fied Accounts Payable Professional (CAPP) Cer$fied Accounts Payable Associate (CAPA) by Lorraine Creek, BS, CAPP, CTE / Chair, Cer$fica$on CommiBee CAPP and CAPA
More informationSpecial Publication
Special Publication 800-171 Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations Patricia Toth NIST MEP What is Information Security? Personnel Security Cybersecurity
More informationCourse overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)
Overview This course is intended for those wishing to qualify with CompTIA Security+. CompTIA's Security+ Certification is a foundation-level certificate designed for IT administrators with 2 years' experience
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationThe New Era of Cognitive Security
The New Era of Cognitive Security IBM WATSON SUMMIT KANOKSAK RATCHAPAT Senior Technical Sales 1 Today s security challenges ACTORS TARGETS VECTORS REALITY Organized Crime Healthcare Ransomware Cloud, mobile,
More informationRFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template
RFP/RFI Questions for Managed Security Services Sample MSSP RFP Template Table of Contents Request for Proposal Template Overview 1 Introduction... 1 How to Use this Document... 1 Suggested RFP Outline
More informationMESC Conference Security and Privacy for Medicaid Information Systems. Scott Glover Deloitte & Touche, LLP
MESC Conference Security and Privacy for Medicaid Information Systems Scott Glover Deloitte & Touche, LLP Agenda Security and privacy requirements for Medicaid systems Implementing or applying a security
More informationOperations & Technology Seminar. Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ
Operations & Technology Seminar Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ Operations & Technology Roundtable Crowne Plaza Monroe, Monroe Township, NJ Tuesday, November 8, 2016
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationRadware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper
Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper Table of Contents Abstract...3 Understanding Online Business
More informationCertified Information Security Manager (CISM) Course Overview
Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,
More informationThe GenCyber Program. By Chris Ralph
The GenCyber Program By Chris Ralph The Mission of GenCyber Provide a cybersecurity camp experience for students and teachers at the K-12 level. The primary goal of the program is to increase interest
More informationSymantec Data Loss Preven2on 12.5 Demo Presenta2on
Symantec Data Loss Preven2on 12.5 Demo Presenta2on 1 Our Understanding PROJECT DRIVERS & DATA TO PROTECT Regulatory compliance PCI, GLBA Data inventory and cleansing SSNs, CCNs [Replace these bullet points
More informationNETWORKING &SECURITY SOLUTIONSPORTFOLIO
NETWORKING &SECURITY SOLUTIONSPORTFOLIO NETWORKING &SECURITY SOLUTIONSPORTFOLIO Acomprehensivesolutionsportfoliotohelpyougetyourbusiness securelyconnected.clickononeofoursolutionstoknowmore NETWORKING
More informationto Enhance Your Cyber Security Needs
Our Service to Enhance Your Cyber Security Needs Since the business critical systems by its nature are ON all of the time and the increasingly connected world makes you open your organization to everything
More informationIntroduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview
IBM Watson on the IBM Cloud Security Overview Introduction IBM Watson on the IBM Cloud helps to transform businesses, enhancing competitive advantage and disrupting industries by unlocking the potential
More informationUnlocking the Power of the Cloud
TRANSFORM YOUR BUSINESS With Smarter IT Unlocking the Power of the Cloud Hybrid Networking Managed Security Cloud Communications Software-defined solutions that adapt to the shape of your business The
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationO N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationClick to edit Master title style. DIY vs. Managed SIEM
DIY vs. Managed SIEM Meet Paul Paul Caiazzo Principal, Chief Security Architect CISSP, CISA, CEH M.S. Information Security and Assurance 15+ years of experience in Information Security Connect with me:
More informationVANGUARD POLICY MANAGERTM
VANGUARD TM VANGUARD dramatically reduces security risks and improves regulatory compliance, minimizing the need for expensive remediation, while increasing staff productivity. Policy Manager provides
More informationNebraska CERT Conference
Nebraska CERT Conference Security Methodology / Incident Response Patrick Hanrion Security Center of Excellence Sr. Security Consultant Agenda Security Methodology Security Enabled Business Framework methodology
More informationSANS and GIAC Certifications in alignment with the NICE Cyber Security Workforce Framework
SANS and s in alignment with the NICE Cyber Security Workforce Framework NIST Special Publication 800-181 Ensuring a trained and certified cyber security workforce Using the NICE Framework Newhouse, William,
More informationBUILDING AND MAINTAINING SOC
BUILDING AND MAINTAINING SOC Digit Oktavianto KOMINFO 7 December 2016 digit dot oktavianto at gmail dot com 1 Digit Oktavianto Profile in 1 Page Currently working as a Security Architect Professional Certifications:
More informationA Measurement Companion to the CIS Critical Security Controls (Version 6) October
A Measurement Companion to the CIS Critical Security Controls (Version 6) October 2015 1 A Measurement Companion to the CIS Critical Security Controls (Version 6) Introduction... 3 Description... 4 CIS
More informationTRUE SECURITY-AS-A-SERVICE
TRUE SECURITY-AS-A-SERVICE To effectively defend against today s cybercriminals, organizations must look at ways to expand their ability to secure and maintain compliance across their evolving IT infrastructure.
More informationPOLICY MANAGER VANGUARD POLICY MANAGER (AUDIT/COMPLIANCE)
POLICY MANAGER VANGUARD POLICY MANAGER (AUDIT/COMPLIANCE) VANGUARD POLICY MANAGER dramatically reduces security risks and improves regulatory compliance, minimizing the need for expensive remediation,
More informationCLOUD SERVICES. Cloud Value Assessment.
CLOUD SERVICES Cloud Value Assessment www.cloudcomrade.com Comrade a companion who shares one's ac8vi8es or is a fellow member of an organiza8on 2 Today s Agenda! Why Companies Should Consider Moving Business
More informationSANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045
Critical Security Control Solution Brief Version 6 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable,
More informationAre we breached? Deloitte's Cyber Threat Hunting
Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationPrepared for COMPANY X
Data Business Vision Prepared for Comple(on Rate This report was prepared by Info-Tech Research Group for on 2012-09-20. Previous completion date: 2012-09-20. --------------------------------------------------------------------------------------------------------------------
More informationCCNA Cybersecurity Operations. Program Overview
Table of Contents 1. Introduction 2. Target Audience 3. Prerequisites 4. Target Certification 5. Curriculum Description 6. Curriculum Objectives 7. Virtual Machine Requirements 8. Course Outline 9. System
More informationVANGUARD Policy Manager TM
Compliance Endures that RACF commands comply with company policy Remediation Provides proactive enforcement, corrects commands in accordance with corporate policies Auditing Provides and audit trail within
More informationCyber Security Stress Test SUMMARY REPORT
Cyber Security Stress Test SUMMARY REPORT predict prevent respond detect FINAL SCORE PREDICT: PREVENT: Final score: RESPOND: DETECT: BRILLIANT! You got a 100/100. That's as good as it gets. So take a second
More informationTotal Security Management PCI DSS Compliance Guide
Total Security Management PCI DSS Guide The Payment Card Industry Data Security Standard (PCI DSS) is a set of regulations to help protect the security of credit card holders. These regulations apply to
More informationCybersecurity: Incident Response Short
Cybersecurity: Incident Response Short August 2017 Center for Development of Security Excellence Contents Lesson 1: Incident Response 1-1 Introduction 1-1 Incident Definition 1-1 Incident Response Capability
More informationCyber Security in the time of Austerity. Shannon Simpson, CCO CNS Group
Cyber Security in the time of Austerity Shannon Simpson, CCO CNS Group The Austerity Agenda 1. Budgets are being cut. 2. Budgets are harder to compete for. 3. Cyber Security ROI is often hard to demonstrate
More informationCyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security
CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships About SANS The SANS (SysAdmin, Audit, Network, Security) Institute Established in 1989 Cooperative research
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More information85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges
Do You Have A Firewall Around Your Cloud? California Cybersecurity Education Summit 2018 Tyson Moler Oracle Security, North America Public Sector Conquering The Big Threats & Challenges Real Life Threats
More informationt a Foresight Consulting, GPO Box 116, Canberra ACT 2601, AUSTRALIA e foresightconsulting.com.
e info@ Mr. James Kavanagh Chief Security Advisor Microsoft Australia Level 4, 6 National Circuit, Barton, ACT 2600 19 August 2015 Microsoft CRM Online IRAP Assessment Letter of Compliance Dear Mr. Kavanagh,
More informationIntroduction to Securing Critical Infrastructure
Her kan tekst skrives Her kan tekst skrives Introduction to Securing Critical Infrastructure Her kan tekst skrives Keith Frederick CISSP, CAP, CRISC, Author securenok.com Topics A)acks on the Oil and Gas
More informationCyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)
Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,
More informationImproving the cyber security posture of New Zealand Barry Brailey NZITF Chair
New Zealand Internet Task Force Improving the cyber security posture of New Zealand Barry Brailey NZITF Chair Programme Introduc7on Background The Birth of a Trust Group Ongoing work Q&A Who Am I? Manager,
More informationDatabase Machine Administration v/s Database Administration: Similarities and Differences
Database Machine Administration v/s Database Administration: Similarities and Differences IOUG Exadata Virtual Conference Vivek Puri Manager Database Administration & Engineered Systems The Sherwin-Williams
More informationHow AlienVault ICS SIEM Supports Compliance with CFATS
How AlienVault ICS SIEM Supports Compliance with CFATS (Chemical Facility Anti-Terrorism Standards) The U.S. Department of Homeland Security has released an interim rule that imposes comprehensive federal
More informationCompTIA Security+ Study Guide (SY0-501)
CompTIA Security+ Study Guide (SY0-501) Syllabus Session 1 At the end of this session, students will understand what risk is and the basics of what it means to have security in an organization. This includes
More informationK12 Cybersecurity Roadmap
K12 Cybersecurity Roadmap Introduction Jason Brown, CISSP Chief Information Security Officer Merit Network, Inc jbrown@merit.edu @jasonbrown17 https://linkedin.com/in/jasonbrown17 2 Agenda 3 Why Use the
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationConsolidation Committee Final Report
Committee Details Date: November 14, 2015 Committee Name: 36.6 : Information Security Program Committee Co- Chairs: Ren Flot; Whitfield Samuel Functional Area: IT Functional Area Coordinator: Phil Ventimiglia
More informationHalkyn Consulting Ltd 15 Llys y Nant, Pentre Halkyn HOLYWELL, Flintshire, CH8 8LN
Halkyn Consulting Ltd 15 Llys y Nant, Pentre Halkyn HOLYWELL, Flintshire, CH8 8LN http://www.halkynconsulting.co.uk info@halkynconsulting.co.uk Password Security By T Wake CISSP CISM CEH 20/06/2011 Contents
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationCredit Card Data Compromise: Incident Response Plan
Credit Card Data Compromise: Incident Response Plan Purpose It is the objective of the university to maintain secure financial transactions. In order to comply with state law and contractual obligations,
More informationAutonomous Threat Hun?ng With Niddel And Splunk Enterprise Security: Mars Inc. Customer Case Study
Copyright 2016 Splunk Inc. Autonomous Threat Hun?ng With Niddel And Splunk Enterprise Security: Mars Inc. Customer Case Study Alex Pinto Chief Data Scien?st, Niddel Greg Poniatowski Security Service Area
More informationSage Data Security Services Directory
Sage Data Security Services Directory PROTECTING INFORMATION ASSETS ENSURING REGULATORY COMPLIANCE FIGHTING CYBERCRIME Discover the Sage Difference Protecting your business from cyber attacks is a full-time
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationSecuring the Grid and Your Critical Utility Functions. April 24, 2017
Securing the Grid and Your Critical Utility Functions April 24, 2017 1 Securing the Grid Effectively and Efficiently Recent threats to the Electric Grid and the importance of security Standards and Requirements
More informationSecurity Terminology Related to a SOC
Security Terminology Related to a SOC Cybersecurity literacy is crucial for practicing proper security hygiene. As business leaders develop fluency in the language of information security (infosec), they
More informationSolution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites
Solution Pack Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Subject Governing Agreement DXC Services Requirements Agreement between DXC and Customer including DXC
More informationState of Security Operations
State of Security Operations Roberto Sandoval / September 2014 Security Intelligence & Operations Consulting Founded: 2007 The best in the world at building state of the art security operations capabilities/cyber
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More informationLTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security
LTI Security Intelligent & integrated Approach to Cyber & Digital Security Overview As businesses are expanding globally into new territories, propelled and steered by digital disruption and technological
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationUnderstanding the Changing Cybersecurity Problem
Understanding the Changing Cybersecurity Problem Keith Price BBus, MSc, CGEIT, CISM, CISSP Founder & Principal Consultant 1 About About me - Specialise in information security strategy, architecture, and
More informationToo Little Too Late: Top Reasons Why You Got Hacked
TUESDAY MAY 23,2017 2:00-3:15 PM Too Little Too Late: Top Reasons Why You Got Hacked MODERATOR SPEAKERS John Gross Director of Financial Management, City of Long Beach, CA Chad Alvarado Supervisory Special
More informationIBM Security Services Overview
Services Overview Massimo Nardone Senior Lead IT Security Architect Global Technology Services, IBM Internet Security Systems massimo.nardone@fi.ibm.com THE VEHICLE THE SKILL THE SOLUTION Today s Business
More informationReading the Tea Leaves of the 2015 RSA Conference Submissions
Reading the Tea Leaves of the 2015 RSA Conference Submissions Hugh Thompson RSA Conference 2015 Program Committee Chairman Britta Glade RSA Conferences Senior Content Manager Agenda Quick submission &
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationDefense in Depth for Systems Administrators
Defense in Depth for Systems Administrators #whoami Jayme Hancock Currently: Penetra?on Tester with AppSec Consul?ng Previously: Systems Administrator for Small & Med Business Systems Administrator for
More information