Readiness, Response & Resilence:

Similar documents
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

Cloud and Cyber Security Expo 2019

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

RSA ADVANCED SOC SERVICES

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

RSA INCIDENT RESPONSE SERVICES

RSA INCIDENT RESPONSE SERVICES

RSA NetWitness Suite Respond in Minutes, Not Months

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

THE EVOLUTION OF SIEM

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

MITIGATE CYBER ATTACK RISK

Security Operations Centers in Action

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

MATURE YOUR CYBER DEFENSE OPERATIONS with Accenture s SIEM Transformation Services

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

SOLUTION BRIEF Virtual CISO

esendpoint Next-gen endpoint threat detection and response

CYBER RESILIENCE & INCIDENT RESPONSE

Building a Resilient Security Posture for Effective Breach Prevention

Enhance Your Cyber Risk Awareness and Readiness. Singtel Business

Securing Your Digital Transformation

Un SOC avanzato per una efficace risposta al cybercrime

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

FOR FINANCIAL SERVICES ORGANIZATIONS

Traditional Security Solutions Have Reached Their Limit

Testing for cyber resilience tools & techniques for adversary simulation and improved defense

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

BREACHES HAPPEN: BE PREPARED. Endpoint Detection & Response

4/13/2018. Certified Analyst Program Infosheet

CTI Capability Maturity Model Marco Lourenco

INTELLIGENCE DRIVEN GRC FOR SECURITY

Bridging the gap: SOC and CSIRT

RSA Cybersecurity Poverty Index

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

The Critical Incident Response Maturity Journey

Cyber Threat Intelligence: Integrating the Intelligence Cycle. Elias Fox and Michael Norkus, Cyber Threat Intelligence Analysts January 2017

ARC VIEW. Critical Industries Need Active Defense and Intelligence-driven Cybersecurity. Keywords. Summary. By Sid Snitkin

GDPR: An Opportunity to Transform Your Security Operations

RSA IT Security Risk Management

Reinvent Your 2013 Security Management Strategy

The Modern SOC and NOC

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

RSA Cybersecurity Poverty Index : APJ

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

CYBERSECURITY MATURITY ASSESSMENT

Cyber Resilience. Think18. Felicity March IBM Corporation

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

NEXT GENERATION SECURITY OPERATIONS CENTER

Cylance Axiom Alliances Program

Designing and Building a Cybersecurity Program

EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

BUILDING AND MAINTAINING SOC

Why you should adopt the NIST Cybersecurity Framework

FROM SIEM TO SOC: CROSSING THE CYBERSECURITY CHASM

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

RiskSense Attack Surface Validation for IoT Systems

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

Cyber Defense Centers only for large companies?

Designing an Adaptive Defense Security Architecture. George Chiorescu FireEye

Are we breached? Deloitte's Cyber Threat Hunting

Managed Endpoint Defense

Automated, Real-Time Risk Analysis & Remediation

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany

Copyright 2016 EMC Corporation. All rights reserved.

May the (IBM) X-Force Be With You

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

Building and Instrumenting the Next- Generation Security Operations Center. Sponsored by

Space Cyber: An Aerospace Perspective

Simplify, Streamline and Empower Security with ISecOps

Incident Response Services

The University of Queensland

Cyber Resilience - Protecting your Business 1

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Securing Digital Transformation

SOLUTION BRIEF RSA NETWITNESS PLATFORM ACCELERATED THREAT DETECTION & AUTOMATED RESPONSE FROM THE ENDPOINT TO THE CLOUD

Run the business. Not the risks.

Defensible and Beyond

How to Underpin Security Transformation With Complete Visibility of Your Attack Surface

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

CYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO

SECURITY INCIDENT MANAGEMENT. Solution Primer. Jenn Black. Senior Research AnalystSolutions Research and Development Office of the CISO, Optiv

Vulnerability Assessments and Penetration Testing

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

WHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

भ रत य ररज़र व ब क. Setting up and Operationalising Cyber Security Operation Centre (C-SOC)

CYBER SECURITY AIR TRANSPORT IT SUMMIT

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

Jan Nys GM Cyber Security

Cybersecurity-Related Information Sharing Guidelines Draft Document Request For Comment

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Take Risks in Life, Not with Your Security

A Risk Management Platform

Reducing the Cost of Incident Response

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Transcription:

Readiness, Response & Resilence: building out advance security operations Husam Al Saraf Solutions Principal Lead Turkey, Africa & Middle East #RSAemeaSummit 1

Traditional Security Operations Top Gaps People Inadequate security resources Threat, Content and Analysis specialization R&R not clearly defined No user awareness training for advanced threats Process Based on failed controls Ad hoc processes/ procedures No post-incident lessons learned Lack of Breach Management process/ procedures Technology SIEM-centric lacking: o Actionable Data Intel o o o o o Threat Intel Content Intel Analytics Intel Forensics capability Business & Risk context 2

Understanding the Breach Cycle 3

Advanced Security Operations Requirements 1. Business Alignment: What is the purpose and mission; does it align with the Business and have appropriate buy-in? 2. Risk Based: We should not apply equal risk and importance to all assets. Focus must be risk based such that the ASOC ensures all critical assets are within scope and its threats are well defined. 3. Defense-in-depth: Security needs to be layered and the Program needs to leverage the defenses of the various technologies and other programs and components of the organizations security program 4. Content Intelligence: We need to ensure that the ASOC has a data enrichment capability such that white noise is filtered out and the data that gets to the analysts is value-added 5. Analytic Intelligence: We need to be able to conduct forensics and have actionable intelligence for further analysis 6. Threat Intelligence: We need to be proactive; who are the adversaries and what are their attack vectors; which assets are they interested in? 7. Operations: We need an Operations and Incident Handling & Response capability tied up with a Breach management framework 8. Reporting (Maturity & Metrics): The organization needs a tracking capability to ensure that it is evolving as the business and threat landscape evolve. 4

RSA s Solution Framework 5

360 Degrees of Innovation (RSA Driving the ASOC Space) The Advanced Cyber Defense practice as part of RSA Global Services was granted U.S. Patent #8,782,784 B1 and assigned to EMC Corporation 6

Modular Program Readiness, Response & Resilience 7

RSA Advanced Cyber Defense (ACD) Overview Develop strategy and tactics for an Intelligent Driven Security Operations for reduced breach exposure time The portfolio of services offered by the RSA Advanced Cyber Defense practice cover: Readiness Includes a review of current strategy and capabilities, a maturity scorecard with peer comparisons, and a phased roadmap with remediation recommendations for achieving the target state Response Includes a rapid breach-response service and a service-level agreement (SLA)-based retainer service providing surge access to resources and expertise Resiliency Includes advice on building and improving an organization s SOC and on transforming the security organization from a reactive to a proactive, intelligence-driven security operations program 8

ACD Solutions Portfolio 9

How do we start? 10

Start with RSA ACD BRASS - Overview 11

Engagement Approach 12

Capability Maturity Modeling 13

ACD Services Team 14

BRASS Typical Service Timelines 15

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback