FFIEC Cyber Security Assessment Tool. Overview and Key Considerations
|
|
- Sarah Griffin
- 6 years ago
- Views:
Transcription
1 FFIEC Cyber Security Assessment Tool Overview and Key Considerations
2 Overview of FFIEC Cybersecurity Assessment Tool
3 Agenda Overview of assessment tool Review inherent risk profile categories Review domain 1-5 for cyber security maturity Summary of risk/maturity relationships Overview of use case performed Final thoughts Q&A
4 Benefits to Institutions Identifying factors contributing to and determining the institution s overall cyber risk Assessing the institution's cybersecurity preparedness. Evaluating whether the institutions cybersecurity preparedness is aligned with its risks Determining risk management practices and controls that could be taken to achieve the institutions desired state of cyber preparedness Informing risk management strategies.
5 Not just for Finance! Don t tune out if your not in the financial services sector!! Throughout the presentation you can see that risk assessment and preparedness is a major theme in any industry. Feel free to ask particular questions about your company and industry.
6 Inherent Risk Profile
7 Inherent Risk Profile Categories Technologies and Connection Types Delivery Channels Online/Mobile Products and Technology Services Organizational Characteristics External Threats
8 Inherent Risk Profile Risk Levels
9 Inherent Risk Profile Excerpt
10 Inherent Risk Profile Technologies and Connection Types Internet service providers Third party connections Internal vs outsourced hosted systems Wireless access points Network devices EOL Systems Cloud services Personal Devices
11 Inherent Risk Profile Online and mobile products and services delivery channels Delivery Channels ATM operations
12 Inherent Risk Profile Online/Mobile Products and Technology Services Credit and debit cards P2P payments ACH Wire transfers Wholesale payments Remote deposit Treasury and trust Global remittances Correspondent banking Merchant acquiring activities
13 Inherent Risk Profile Organizational Characteristics Mergers and acquisitions Direct employees and contractors IT environment Business presence and locations of operations and data centers
14 Inherent Risk Profile
15 Inherent risk Reponses Best Practice Automate Answers using existing solutions to: Track in real time areas such as: Asset inventory Third party connections Transaction data
16 Cybersecurity Maturity Assessment
17 Cybersecurity Maturity Overview
18 Cybersecurity Maturity Domain Coverage
19 Domain 1 Cyber Risk Management & Oversight Governance Risk Management Resources Training and Culture
20 Domain 2 Threat Intelligence and Collaboration Threat Intelligence Monitoring and Analyzing Information Sharing
21 Domain 3 Cyber Security Controls Preventative Infrastructure management Access and asset management Device/endpoint security Secure coding practices Detective Threat and vulnerability detection Anomalous behavior activity detection Event detection Corrective Patch management Remediation
22 Domain 4 External Dependency Management Connections Identifications Monitoring Management of external connections and data flows to third parties Relationship Management Due diligence Contracts Ongoing monitoring
23 Domain 5 Cyber Incident Management and Response Incident Resilience Planning & Strategy Detection, Response, & Mitigation Escalation & Reporting
24 Risk Maturity Relationship
25 Risk Maturity Matrix
26 National Bank Case Study
27 ABC National Bank Business Profile Background employees banking locations HQ in Central US Est Banking Operations Branch Banking Commercial Banking Consumer Lending Investment Advisors Current State EOL systems still in use, no upgrade plan Mobile banking applications and some BYOD Previous security incidents external phishing attempts and ATM s being infected with malware IT Security Director has left the Bank
28 Inherent Risk Score Inherent Risk Score legend <= Category Data Weights Points Least Minimal Moderate Significant Most Technologies and connection Types Delivery Channels Organizational Characteristics Online/Mobile Products and Technological Services External Threats Totals % 28.21% 51.28% 10.26% 0.00%
29 Cybersecurity Maturity Assessment
30 FFIEC Recap of Steps Taken for Use Case Inherent Risk Profile Low Inherent Risk Minimal Inherent Risk Moderate Inherent Risk Significant Inherent Risk Most Inherent Risk Cybersecurity Maturity Domain 1: Cyber Risk Management & Oversight Domain 2: Threat Intelligence & Collaboration Domain 3: Cybersecurity Controls Domain 4: External Dependency Management Domain 5: Cyber Incident Management and Resilience
31 Maturity Achieved Against Defined Targets ABC Bank 81.06% Domain Desired Target %Achieved Maturity Achieved Statements Least Minimal Moderate Significant Most Cyber Risk Intermediate 64.89% Innovative % 6.67% Management Advanced % 15.63% 15.63% and Oversight Intermediate % 24.14% 24.14% Evolving % 67.65% 67.65% Threat Intelligence and Collaboration Cyber Security Controls Baseline % % Intermediate 88.46% Innovative % 0.00% Advanced % 18.18% 18.18% Intermediate % 72.73% 72.73% Evolving % % % Baseline % % Intermediate 80.62% Innovative % 10.00% Advanced % 20.00% 20.00% Intermediate % 58.97% 58.97% Evolving % 76.92% 76.92% Baseline % % External Intermediate 86.84% Innovative % 0.00% Dependency Advanced % 42.86% 42.86% Management Intermediate % 66.67% 66.67% Evolving % 84.62% 84.62% Baseline % % Cyber Incident Intermediate 84.48% Innovative % 10.00%
32 Domain Level Controls Domain 1 - Governance, Risk, and Audit Solution capability desired - Visibility and Intelligence Domain 2 - Threat Intelligence and Sharing Solution capability desired - Intelligence and Integration Domain 3 - Preventive, Detective, and Corrective controls Solution capability desired - Detection, Prevention, and Response No Endpoint visibility Limited Intelligence on oversight and audit functions Polling and scanning, basic manual risks assigned Limited Intelligence without any Integration Alerts and logs are consolidated in a SIEM for integration, manually shared Threat Intelligence Detection: AV signatures Only detects known malware, extensive logs analysis Prevention: Relying on AV only stops known malware Response: Reimage machines, No root cause analysis Control Maturity Level Baseline Inherent Risk Profile Level Low Negative Security Approach Evolving Minimal Detection: Software and IP reputation data Prevention: Remove admin rights, Basic whitelisting Response: Manual root-cause and scope analysis, Post-mortem forensics Domain 4 - Third Party Management Solution capability desired - Visibility and Detection Domain 5 - Incident Response Solution capability desired - Detection and Response No visibility into third party security or threats No detection of security incidents spawned from third party's Detection: AV signatures Only detects known malware, extensive logs analysis Response: Reimage machines, No root cause analysis Limited visibility into criticality of third party s Still no detection of interactions or unauthorized attempts to obtain/change sensitive information Detection: Software and IP reputation data Response: Manual root-cause and scope analysis, Post-mortem forensics
33 Control Maturity Level Intermediate Advanced Innovative Inherent Risk Level Moderate Significant Most Risks exceed appetite they are escalated to management Policies include threat intelligence Baselines cannot be altered w/o formal change request Formal IT change management process Risk management includes financial strategic, regulatory, and compliance implications Benchmarks and target performance metrics are established Audits are used to identify gaps Industry standards are used for the analysis of gaps Automated tools enable tracking, updating, asset prioritizing, and custom reporting of the asset inventory Automated processes are in place to detect and block unauthorized changes to software and hardware Risk assessments of changes in change management system Risk data aggregation and real time reporting capabilities support ongoing reporting Periodic audit process improvements based on threat landscape Continuous monitoring of security controls KPI's determine training awareness influence Formal change management function governs decentralized or highly distributed change requests and measures security risks Automated enterprise tools are implemented to detect and block unauthorized changes to software and hardware Formal threat Intelligence program is implemented and has external and internal source A read only central repository of cyber threat intelligence is maintained Profile of threats is created Threat Intelligence is automatically received from multiple sources in real time Threat Intelligence is used to update architecture and configuration standards IT systems automatically detect configuration weaknesses based on Threat Intellgince and alert management Real time threat sharing Threat analysis systems correlates threat data to risks while taking automated actions and alerting management Invests in threat intelligence and collaboration mechanisms Combines all threat intelligence from mechanisms Security controls for remote access Unauthorized code prevention tools s and attachments are automatically scanned to detect malware and blocked when it is present Tools for unauthorized data mining Tools to monitor security logs Audit logs are backed up to a centralized log server that is difficult to alter Event detection processes are tested as reliable Controls verified to detect and prevent intrusions from third party connections Monitoring covers all external and internal connections Anti-spoofing measures for forged IP addresses Automated tools proactively identifies high-risk behavior signaling on an employee who poses insider threat Automated tools detect unauthorized changes to critical system files, firewalls, IPS, IDS, or other security devices Real-time network monitoring and detection is implemented and incorporates Positive Security Approach sector wide event information Real time alerts are automatically sent when unauthorized software, hardware, or changes occur Tools are in place to actively correlate event information from multiple sources and send alerts based on established parameters Patch monitoring software is installed on all servers Maintain and improve security of external connections Automated real time risk scores of infrastructure Centralized end-point management tool Real time risk scoring of threats Detection of insider threats and block activity in real time Remediation of systems damaged by zero-days Detailed Diagram of data flow analysis IR team notified when anomalous behavior and attack patterns or signatures are detected Detect infiltrations before attacker traverses across systems, Incidents detected in real time through automated processes and correlated events across the enterprise Networks and system alerts are correlated across business units to detect and prevent multifaceted attacks Early analysis of security events to minimize impact Institution corrects root cause for problems discovered during testing Sophisticated and adaptive technologies are deployed that can detect an alert the incident response team of Specific tasks when threat indicators across the enterprise indicate potential external and internal threats Automated tools are implemented to provide specialized security monitoring based on the risk of the assets to detect and alert IR teams in real time, IR team collaborates with threat intelligence team during and incident, Detailed metrics, dashboards and/or scorecards outlining cyber events are provided to management. IR plan ensures recovery from disruption, assurance of data integrity, and recovery of lost or corrupted data following an incident IR process includes detailed actions and rule based triggers for automated response Validated the ability to remediate systems damaged by zero day attacks to maintain RTO Detect and block zero day attacks and alert management and IR teams in real time Risk management of significant cyber incidents results in limited to no down time for critical services Mechanism in place to alert in real time incidents through multiple channels while tracking and verifying communication for audit
34 Maturity Achieved Against Intermediate Targets with Proactive Security W/b9 intermediate 92.98% Domain Desired Target %Achieved Maturity Achieved Statements Least Minimal Moderate Significant Most Cyber Risk Intermediate 73.40% Innovative % 46.67% Management Advanced % 34.38% 34.38% and Intermediate % 31.03% 31.03% Oversight Evolving % 85.29% 85.29% Threat Intelligence and Collaboration Cyber Security Controls External Dependency Management Cyber Incident Management and Resilience Baseline % 100% Intermediate % Innovative % 50.00% Advanced % 45.45% 45.45% Intermediate % 100% 100% Evolving % 100% 100% Baseline % 100% Intermediate 91.47% Innovative % 40.00% Advanced % 64.00% 64.00% Intermediate % 82.05% 82.05% Evolving % 89.74% 89.74% Baseline % 100% Intermediate % Innovative % 0.00% Advanced % 42.86% 42.86% Intermediate % 100% 100% Evolving % 100% 100% Baseline % 100% Intermediate % Innovative % 60.00% Advanced % 53.33% 53.33% Intermediate % 100% 100% Evolving % 100% 100% Baseline % 100%
35 Domain Cyber Risk Management and Oversight Threat Intelligence and Collaboration Cyber Security Controls External Dependency Management Cyber Incident Managament and Resillence Maturity Achieved Against Defined Targets Status Quo 61.05% Achiev Stateme Moderat Significa Desired Target %Achecived Maturity ed nts Least Minimal e nt Most Innovative 47.52% Innovative % 6.67% Advanced % 15.63% 15.63% Intermediate % 24.14% 24.14% Evolving % 67.65% 67.65% Baseline % % Innovative 55.56% Innovative % 0.00% Advanced % 18.18% 18.18% Intermediate % 72.73% 72.73% Evolving % % % Baseline % % Innovative 63.79% Innovative % 10.00% Advanced % 20.00% 20.00% Intermediate % 58.97% 58.97% Evolving % 76.92% 76.92% Baseline % % Innovative 74.51% Innovative % 0.00% Advanced % 42.86% 42.86% Intermediate % 66.67% 66.67% Evolving % % % Baseline % % Innovative 63.86% Innovative % 10.00% Advanced % 20.00% 20.00% Intermediate % 71.43% 71.43% Evolving % 85.00% 85.00% Baseline % %
36 Maturity Achieved Against Innovative Targets with Proactive Security W/b9 innovative 77.65% Domain Desired Target %Achieved Maturity Achieved Statements Least Minimal Moderate Significant Most Cyber Risk Innovative 61.70% Innovative % 46.67% Management Advanced % 34.38% 34.38% and Oversight Intermediate % 31.03% 31.03% Evolving % 85.29% 85.29% Baseline % 100% Threat Intelligence and Collaboration Cyber Security Controls External Dependency Management Cyber Incident Management and Resilience Innovative Innovative % 50.00% Advanced % 45.45% 45.45% Intermediate % 100% 100% Evolving % 100% 100% Baseline % 100% Innovative 81.61% Innovative % 40.00% Advanced % 64.00% 64.00% Intermediate % 82.05% 82.05% Evolving % 89.74% 89.74% Baseline % 100% Innovative 80.39% Innovative % 0.00% Advanced % 42.86% 42.86% Intermediate % 100% 100% Evolving % 100% 100% Baseline % 100% Innovative 86.75% Innovative % 60.00% Advanced % 53.33% 53.33% Intermediate % 100% 100% Evolving % 100% 100% Baseline % 100%
37 Key Considerations While Using the CAT Being Innovative in Cybersecurity Maturity Real time detection and response Always be updating for changes Automatic metrics and reporting Threat analytics that matter Baseline risk measurement
38 How to use the CAT
39 Future of FFIEC Present Examiners have begun using the handbook Criticism from FI s of making a voluntary tool seem mandated. They do not track the NIST Cybersecurity Framework Declarative statements that are subjective in nature. Future FFIEC took in feedback as a response to the accusations this January. The tool will be updated on a periodic basis. Publications from the FFIEC and OCC released stating the CAT could become mandatory if examiners do not see risk mitigations improvements from banks.
40 Not just for Finance! Industry s can use the tool to fit their inherent risk profile by changing the criteria that best fits them. Eg, healthcare can tailor their inherent risk based on the nature of health services provided, number of devices connected to the network including medical devices, the number of sensitive patient files, and number of medical services locations as a start. Same goes for the cyber security assessment maturity questionnaire, you can tailor the questionnaire using the controls for HIPAA, PCI, and NIST and any other standard that pertains to your industry.
41 Questions?
ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)
ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary
More informationInterpreting the FFIEC Cybersecurity Assessment Tool
Interpreting the FFIEC Cybersecurity Assessment Tool Wayne H. Trout, CISA, CRISC, CBCA, CBRA, CBRITP NCUA Supervisor, Critical Infrastructure and Cybersecurity What We ll Cover Cyber risk management Cybersecurity
More informationEmerging Issues: Cybersecurity. Directors College 2015
Emerging Issues: Cybersecurity Directors College 2015 Agenda/Objectives Define Cybersecurity Cyber Fraud Trends/Incidents FFIEC Cybersecurity awareness initiatives Community Bank expectations FFIEC Cybersecurity
More informationFFIEC Cybersecurity Assessment Tool
All About the ew FFIEC Cybersecurity Assessment Tool June 22, 2016 Susan Orr Consulting, Ltd. 1 FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Board Users Guide Inherent
More informationFDIC InTREx What Documentation Are You Expected to Have?
FDIC InTREx What Documentation Are You Expected to Have? Written by: Jon Waldman, CISA, CRISC Co-founder and Executive Vice President, IS Consulting - SBS CyberSecurity, LLC Since the FDIC rolled-out the
More informationCybersecurity Assessment Tool
FederalDepasitlnsuranceCarparation ~~d 1~~i 5yreet ~lw,uuashinyoon, D.C.2d42~-990 Financial Institution Letter FIL-28-2015 JUIy 2, 2015 Cybersecurity Assessment Tool Summary: The FDIC, in coordination
More informationCybersecurity and Examinations
Tim Segerson, Deputy Director NCUA E&I Cybersecurity and Examinations October 6, 2016 Chicago, IL Connected Devices Declining costs + increased bandwidth + powerful algorithms will spur a new information
More informationSOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT
RSA ARCHER IT & SECURITY RISK MANAGEMENT INTRODUCTION Organizations battle growing security challenges by building layer upon layer of defenses: firewalls, antivirus, intrusion prevention systems, intrusion
More informationFFIEC Cybersecurity Assessment Tool
FFIEC Cybersecurity Assessment Tool Cybersecurity Controls & Incidence Mappings for Splunk Enterprise, Enterprise Security, User Behavior Analytics Curtis Johnson Senior Sales Engineer & Security SME September
More informationChoosing the Right Cybersecurity Assessment Tool Michelle Misko, TraceSecurity Product Specialist
Choosing the Right Cybersecurity Assessment Tool Michelle Misko, TraceSecurity Product Specialist Agenda Industry Background Cybersecurity Assessment Tools Cybersecurity Best Practices 2 Cybersecurity
More informationCybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security
Cybersecurity What Companies are Doing & How to Evaluate Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security Learning Objectives At the end of this presentation, you will be able to: Explain the
More informationCertified Information Security Manager (CISM) Course Overview
Certified Information Security Manager (CISM) Course Overview This course teaches students about information security governance, information risk management, information security program development,
More informationDHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1
Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com
More informationCybersecurity in Higher Ed
Cybersecurity in Higher Ed 1 Overview Universities are a treasure trove of information. With cyber threats constantly changing, there is a need to be vigilant in protecting information related to students,
More informationMay 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations
May 14, 2018 1:30PM to 2:30PM CST In Plain English: Cybersecurity and IT Exam Expectations Options to Join Webinar and audio Click on the link: https://www.webcaster4.com/webcast/page/584/24606 Choose
More informationBalancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld
Balancing Compliance and Operational Security Demands Nov 2015 Steve Winterfeld What is more important? Compliance with laws / regulations Following industry best practices Developing a operational practice
More informationFFIEC Cybersecurity Assessment Tool
All About the ew FFIEC Cybersecurity Assessment Tool August 25, 2015 Susan Orr Consulting, Ltd. FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Board Users Guide Inherent
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationCybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City
1 Cybersecurity A Regulatory Perspective Sara Nielsen IT Manager Federal Reserve Bank of Kansas City The opinions expressed are those of the presenters and are not those of the Federal Reserve Banks, the
More informationAutomating the Top 20 CIS Critical Security Controls
20 Automating the Top 20 CIS Critical Security Controls SUMMARY It s not easy being today s CISO or CIO. With the advent of cloud computing, Shadow IT, and mobility, the risk surface area for enterprises
More informationCyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.
Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK. In today s escalating cyber risk environment, you need to make sure you re focused on the right priorities by
More informationInformation Security Controls Policy
Information Security Controls Policy Classification: Policy Version Number: 1-00 Status: Published Approved by (Board): University Leadership Team Approval Date: 30 January 2018 Effective from: 30 January
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More information2017 IT Examination Preparedness. Iowa Bankers 2017 Technology Conference October 24, 2017
2017 IT Examination Preparedness Iowa Bankers 2017 Technology Conference October 24, 2017 1 Disclaimer Materials designed to give general information on the specific subjects covered and are educational
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationCISO as Change Agent: Getting to Yes
SESSION ID: CXO-W02F CISO as Change Agent: Getting to Yes Frank Kim Chief Information Security Officer SANS Institute @fykim Outline Catch the Culture Shape the Strategy Build the Business Case 2 #1 Catch
More information10 Cybersecurity Questions for Bank CEOs and the Board of Directors
4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors
More information"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary
Course Summary Description In this course, you will perform evaluations of organizational policies, procedures, and processes to ensure that an organization's information systems align with overall business
More informationMITIGATE CYBER ATTACK RISK
SOLUTION BRIEF MITIGATE CYBER ATTACK RISK CONNECTING SECURITY, RISK MANAGEMENT & BUSINESS TEAMS TO MINIMIZE THE WIDESPREAD IMPACT OF A CYBER ATTACK DIGITAL TRANSFORMATION CREATES NEW RISKS As organizations
More informationRBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH
RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH CONTEXT RBI has provided guidelines on Cyber Security Framework circular DBS. CO/CSITE/BC.11/33.01.001/2015-16
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationTechnology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017
Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 04/12/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT
More informationChallenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9
HAWK Overview Agenda Contents Slide Challenges 3 HAWK Introduction 4 Key Benefits 6 About Gavin Technologies 7 Our Security Practice 8 Security Services Approach 9 Why Gavin Technologies 10 Key Clients
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationReinvent Your 2013 Security Management Strategy
Reinvent Your 2013 Security Management Strategy Laurent Boutet 18 septembre 2013 Phone:+33 6 25 34 12 01 Email:laurent.boutet@skyboxsecurity.com www.skyboxsecurity.com What are Your Key Objectives for
More informationCybersecurity for Health Care Providers
Cybersecurity for Health Care Providers Montgomery County Medical Society Provider Meeting February 28, 2017 T h e MARYLAND HEALTH CARE COMMISSION Overview Cybersecurity defined Cyber-Threats Today Impact
More informationMedical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective Suzanne B. Schwartz MD, MBA Associate Director for Science and Strategic Partnerships Office of the Center Director (OCD) Center for Devices and Radiological
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationCarbon Black PCI Compliance Mapping Checklist
Carbon Black PCI Compliance Mapping Checklist The following table identifies selected PCI 3.0 requirements, the test definition per the PCI validation plan and how Carbon Black Enterprise Protection and
More informationWhy you should adopt the NIST Cybersecurity Framework
Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationThe HITRUST CSF. A Revolutionary Way to Protect Electronic Health Information
The HITRUST CSF A Revolutionary Way to Protect Electronic Health Information June 2015 The HITRUST CSF 2 Organizations in the healthcare industry are under immense pressure to improve quality, reduce complexity,
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationRFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template
RFP/RFI Questions for Managed Security Services Sample MSSP RFP Template Table of Contents Request for Proposal Template Overview 1 Introduction... 1 How to Use this Document... 1 Suggested RFP Outline
More informationNebraska CERT Conference
Nebraska CERT Conference Security Methodology / Incident Response Patrick Hanrion Security Center of Excellence Sr. Security Consultant Agenda Security Methodology Security Enabled Business Framework methodology
More informationHealthcare HIPAA and Cybersecurity Update
Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International. Healthcare HIPAA and Cybersecurity Update Agenda > Introductions > Cybersecurity
More informationTotal Security Management PCI DSS Compliance Guide
Total Security Management PCI DSS Guide The Payment Card Industry Data Security Standard (PCI DSS) is a set of regulations to help protect the security of credit card holders. These regulations apply to
More informationAvanade s Approach to Client Data Protection
White Paper Avanade s Approach to Client Data Protection White Paper The Threat Landscape Businesses today face many risks and emerging threats to their IT systems and data. To achieve sustainable success
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More information2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report
Nationwide Cyber Security Review: Summary Report Nationwide Cyber Security Review: Summary Report ii Nationwide Cyber Security Review: Summary Report Acknowledgments The Multi-State Information Sharing
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationINTELLIGENCE DRIVEN GRC FOR SECURITY
INTELLIGENCE DRIVEN GRC FOR SECURITY OVERVIEW Organizations today strive to keep their business and technology infrastructure organized, controllable, and understandable, not only to have the ability to
More informationBradford J. Willke. 19 September 2007
A Critical Information Infrastructure Protection Approach to Multinational Cyber Security Events Bradford J. Willke 19 September 2007 Overview A framework for national Critical Information Infrastructure
More informationCybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016
Cybersecurity: Considerations for Internal Audit Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016 Agenda Key Risks Incorporating Internal Audit Resources Questions 2 San Francisco
More informationTechnology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017
Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 05/24/2017 Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2 Managed IT
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationAligning with the Critical Security Controls to Achieve Quick Security Wins
Aligning with the Critical Security Controls to Achieve Quick Security Wins Background The Council on CyberSecurity s Critical Security Controls for Effective Cyber Defense provide guidance on easy wins
More informationSFC strengthens internet trading regulatory controls
SFC strengthens internet trading regulatory controls November 2017 Internet trading What needs to be done now? For many investors, online and mobile internet trading is now an everyday interaction with
More informationA Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface
A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface ORGANIZATION SNAPSHOT The level of visibility Tenable.io provides is phenomenal, something we just
More informationOne Hospital s Cybersecurity Journey
MAY 11 12, 2017 SAN FRANCISCO, CA One Hospital s Cybersecurity Journey SanFrancisco.HealthPrivacyForum.com #HITprivacy Introduction Senior Director Information Systems Technology, Children s Mercy Hospital
More informationWhat It Takes to be a CISO in 2017
What It Takes to be a CISO in 2017 Doug Copley Deputy CISO Sr. Security & Privacy Strategist February 2017 IMAGINE You re the CISO In Bangladesh Of a bank On a Friday when you re closed You realize 6 huge
More informationNIST Special Publication
DATASHEET NIST Special Publication 800-53 Security and Privacy Controls for Federal Information Systems and Organizations Mapping for Carbon Black BACKGROUND The National Institute of Standards and Technology
More informationCCISO Blueprint v1. EC-Council
CCISO Blueprint v1 EC-Council Categories Topics Covered Weightage 1. Governance (Policy, Legal, & Compliance) & Risk Management 1.1 Define, implement, manage and maintain an information security governance
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More informationAND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING
PROTECTING BANKING AND FINANCIAL INSTITUTIONS FROM CYBER FRAUD Enabling the financial industry to become proactively secure and compliant Overview In order to keep up with the changing digital payment
More informationREAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY
SEPTEMBER 11 13, 2017 BOSTON, MA REAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY HealthcareSecurityForum.com/Boston/2017 #HITsecurity Brian Selfridge Partner, Meditology Services https://www.meditologyservices.com/
More informationISO27001 Preparing your business with Snare
WHITEPAPER Complying with ISO27001 Preparing your business with Snare T he technical controls imposed by ISO (International Organisation for Standardization) Standard 27001 cover a wide range of security
More informationChanging the Game: An HPR Approach to Cyber CRM007
Speakers: Changing the Game: An HPR Approach to Cyber CRM007 Michal Gnatek, Senior Vice President, Marsh & McLennan Karen Miller, Sr. Treasury & Risk Manager, FireEye, Inc. Learning Objectives At the end
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationThe Convergence of Security and Compliance. How Next Generation Endpoint Security Manages 5 Core Compliance Controls
The Convergence of Security and Compliance How Next Generation Endpoint Security Manages 5 Core Compliance Controls Table of Contents Introduction.... 3 Positive versus Negative Application Security....
More informationThe Convergence of Security and Compliance
ebook The Convergence of Security and Compliance How Next Generation Endpoint Security Manages 5 Core Compliance Controls Table of Contents Introduction....3 Positive versus Negative Application Security....3
More informationInternet of Things. Internet of Everything. Presented By: Louis McNeil Tom Costin
Internet of Things Internet of Everything Presented By: Louis McNeil Tom Costin Agenda Session Topics What is the IoT (Internet of Things) Key characteristics & components of the IoT Top 10 IoT Risks OWASP
More informationDigital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS
Digital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS Digital Forensics Readiness: PREPARE BEFORE AN INCIDENT HAPPENS 2 Digital Forensics Readiness The idea that all networks can be compromised
More informationBusiness Context: Key for Successful Risk Management
Business Context: Key for Successful Risk Management Philip Aldrich, CISSP, CISM, CISA, CRISC, CIPP Program Director, Risk Management EMC Event Alert Finding Incident Law Vulnerability Regulation Audit
More informationCybersecurity- A Regulatory Perspective. Robert J. Lipot, CRISC Senior Financial Institutions Examiner Department of Business Oversight
Cybersecurity- A Regulatory Perspective Robert J. Lipot, CRISC Senior Financial Institutions Examiner Department of Business Oversight 1 Cybersecurity Issues Executive Order 13636 Key Areas of Focus Cyber
More informationRisk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23
Risk: Security s New Compliance Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23 Agenda Market Dynamics Organizational Challenges Risk: Security s New Compliance
More informationAT&T Endpoint Security
AT&T Endpoint Security November 2016 Security Drivers Market Drivers Online business 24 x 7, Always on Globalization Virtual Enterprise Business Process / IT Alignment Financial Drivers CapEx / OpEx Reduction
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationHow to Prepare a Response to Cyber Attack for a Multinational Company.
You Have Been Breached! How to Prepare a Response to Cyber Attack for a Multinational Company. Chayan Chakravarti, MBA, CISM, PMP Patrick Enyart, CISA, CISM, CRISC Presenters Chayan Chakravarti Manager,
More informationIT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA
IT Security Mandatory Solutions Andris Soroka 2nd of July, 2014 @LPS, RIGA Data Security Solutions business card Specialization IT Security IT Security services (consulting, audit, pen-testing, market
More informationAdopting Modern Practices for Improved Cloud Security. Cox Automotive - Enterprise Risk & Security
Adopting Modern Practices for Improved Cloud Security Cox Automotive - Enterprise Risk & Security 1 About Cox Automotive Cox Automotive is a leading provider of products and services that span the automotive
More informationEXABEAM HELPS PROTECT INFORMATION SYSTEMS
WHITE PAPER EXABEAM HELPS PROTECT INFORMATION SYSTEMS Meeting the Latest NIST SP 800-53 Revision 4 Guidelines SECURITY GUIDELINE COMPLIANCE There has been a rapid increase in malicious insider threats,
More informationTransforming Security from Defense in Depth to Comprehensive Security Assurance
Transforming Security from Defense in Depth to Comprehensive Security Assurance February 28, 2016 Revision #3 Table of Contents Introduction... 3 The problem: defense in depth is not working... 3 The new
More informationNEXT GENERATION SECURITY OPERATIONS CENTER
DTS SOLUTION NEXT GENERATION SECURITY OPERATIONS CENTER SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 - SUCCESS FACTORS SOC 2.0 - FUNCTIONAL COMPONENTS DTS SOLUTION SOC 2.0 - ENHANCED SECURITY O&M SOC 2.0 Protecting
More informationProactive Approach to Cyber Security
Proactive roach to Cyber Security Jeffrey Neo Sales Director HP Enterprise Security Products Customers struggle to manage the security challenge Today, security is a board-level agenda item 2 Trends driving
More informationSANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045
Critical Security Control Solution Brief Version 6 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable,
More informationManaged Endpoint Defense
DATA SHEET Managed Endpoint Defense Powered by CB Defense Next-gen endpoint threat detection and response DEPLOY AND HARDEN. Rapidly deploy and optimize endpoint prevention with dedicated security experts
More informationISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION
ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION Cathy Bates Senior Consultant, Vantage Technology Consulting Group January 30, 2018 Campus Orientation Initiative and Project Orientation Project
More informationDFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com
DFARS Compliance SLAIT Consulting SECURITY SERVICES Mike D Arezzo Director of Security Services Introduction 18+ year career in Information Technology and Security General Electric (GE) as Software Governance
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationReducing Liability and Threats through Effective Cybersecurity Risk Measurement. Does Your Security Posture Stand Up to Tomorrow s New Threat?
Reducing Liability and Threats through Effective Cybersecurity Risk Measurement Does Your Security Posture Stand Up to Tomorrow s New Threat? Christopher Strand Security Compliance and Risk Officer 1 The
More information