CoreMax Consulting s Cyber Security Roadmap

Similar documents
Cyber Security Audit & Roadmap Business Process and

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Security Solutions. Overview. Business Needs

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Is your business prepared for Cyber Risks in 2018

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

epldt Web Builder Security March 2017

Integrigy Consulting Overview

Payment Card Industry (PCI) Data Security Standard

CS 356 Operating System Security. Fall 2013

Kaspersky Enterprise Cybersecurity. Kaspersky Security Assessment Services. #truecybersecurity

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

PROFESSIONAL SERVICES (Solution Brief)

Vulnerability Management

Cyber Criminal Methods & Prevention Techniques. By

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

You Might Know Us As. Copyright 2016 TierPoint, LLC. All rights reserved.

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

the SWIFT Customer Security

Chapter 5: Vulnerability Analysis

Best Practices in Securing a Multicloud World

WHITE PAPER- Managed Services Security Practices

Simple and Powerful Security for PCI DSS

Designing and Building a Cybersecurity Program

ENDNOTE SECURITY OVERVIEW INCLUDING ENDNOTE DESKTOP AND ONLINE

K12 Cybersecurity Roadmap

Automating the Top 20 CIS Critical Security Controls

Information Security Risk Strategies. By

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

University of Pittsburgh Security Assessment Questionnaire (v1.7)

What is Penetration Testing?

Total Security Management PCI DSS Compliance Guide

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

Effective Strategies for Managing Cybersecurity Risks

McAfee Database Security

The Common Controls Framework BY ADOBE

Chapter 9. Firewalls

NOTICE TO ALL PROSPECTIVE RESPONDENTS RFP 18-ITSS/CY. Addendum No. 1 issued September 7, RFI responses are in red bold print

CyberSecurity. Penetration Testing. Penetration Testing. Contact one of our specialists for more information CYBERSECURITY SERVICE DATASHEET

A company built on security

Overview: Compliance and Security Management PCI-DSS Control Compliance Suite Overview

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

ALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Canada Life Cyber Security Statement 2018

CompTIA CAS-002. CompTIA Advanced Security Practitioner (CASP) Download Full Version :

ISE North America Leadership Summit and Awards

Protect Your Organization from Cyber Attacks

Nebraska CERT Conference

PCI Compliance Assessment Module with Inspector

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Cloud Security Whitepaper

Continuous protection to reduce risk and maintain production availability

Compliance and Privileged Password Management

SECURITY PLATFORM FOR HEALTHCARE PROVIDERS

Secure Access & SWIFT Customer Security Controls Framework

Education Network Security

Cyber security tips and self-assessment for business

Internet Scanner 7.0 Service Pack 2 Frequently Asked Questions

CBAI SECURED SOLUTIONS FOR COMMUNITY BANKS WEBSITE HOSTING SERVICES POWERED BY DBS SERVICES

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

Security Audit What Why

A Comprehensive Guide to Remote Managed IT Security for Higher Education

Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats.

Future-ready security for small and mid-size enterprises

PCI DSS v3.2 Mapping 1.4. Kaspersky Endpoint Security. Kaspersky Enterprise Cybersecurity

ANATOMY OF AN ATTACK!

Cybersecurity The Evolving Landscape

SECURITY PRACTICES OVERVIEW

Monthly Cyber Threat Briefing

SAP Security. BIZEC APP/11 Version 2.0 BIZEC TEC/11 Version 2.0

QuickBooks Online Security White Paper July 2017

CYBERSECURITY RISK LOWERING CHECKLIST

SoftLayer Security and Compliance:

CCISO Blueprint v1. EC-Council

Art of Performing Risk Assessments

Table of Contents 1.1 Service Service Activity Subscription and Managed Service Management

A Pragmatic Path to Compliance. Jaffa Law

MySQL Enterprise Security

COMPUTER NETWORK SECURITY

SIEMLESS THREAT MANAGEMENT

CYBER SECURITY AND MITIGATING RISKS

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

Comptia.Certkey.SY0-401.v by.SANFORD.362q. Exam Code: SY Exam Name: CompTIA Security+ Certification Exam

align security instill confidence

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

PND at a glance: The World s Premier Online Practical Network Defense course. Self-paced, online, flexible access

HIPAA Compliance Assessment Module

Verasys Enterprise Security and IT Guide

Security Architecture

Best practices with Snare Enterprise Agents

SOLUTION BRIEF Virtual CISO

The Center for Internet Security

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Ethical Hacking and Prevention

Transcription:

CoreMax Consulting s Cyber Security Roadmap What is a Cyber Security Roadmap? The CoreMax consulting cyber security unit has created a simple process to access the unique needs of each client and allows us to tailor a solution to best meet the priorities, typography and budget of each client. How does the Cyber Security Road Map work? 1. Contact CoreMax Consulting for an initial consultation 2. The questionairre (later in this document) is completed by the client to determine initial scope and allocate appropriate expertise 3. A scoping/kick-off meeting is held The goal of the meeting is to try to determine which type of engagement is appropriate for the client and CoreMax consulting to agree upon scope and budget. 4. The assessment is scheduled (projected end date is noted as well) 5. Assessment is performed during agreed upon times CoreMax experts and the client will be in contact throughout the process. Any findings that are deemed urgent (presenting an immediate security risk) would be communicated immediately to the customer. 6. The assessment report is produced and reviewed by the client 7. The wrap-up meeting is held where detailed findings are explained 8. Both groups sign off on the results and decide on next steps. Next steps can include: a. A deeper Penetration test of additional targets b. Remediation recommendations c. Audit to be conducted against appropriate national standards d. System hardening e. Ongoing monitoring f. Policy updates g. Cyber hygiene

Cyber Security Assessment Services What kinds of services do you offer? In this section, you will find the description of the most common assessment scenarios. These can be customized in many ways to meet a client s needs. Each type of assessment takes varying amounts of time and is impacted by the number of targets (applications, servers, networks, etc.). The exact type of assessment should be determined in the kickoff meeting. Network Based (Attack & Penetration) Penetration testing includes components of application vulnerability assessment, host vulnerability assessment, and security best practices. This type of test can be performed with (white box) or without (black box) detailed prior knowledge of the environment. When it is performed without prior knowledge additional steps will be taken to enumerate hosts and applications and to assess the ease with which any outsider could exploit publicly available information or social engineering to gain unauthorized access. An attack and penetration test will answer questions like: How vulnerable is the network, host, and application(s) to attacks from the internet or intranet? Can an intruder obtain unauthorized access to critical resources? Are social engineering techniques effective? Are operational controls effective? This would involve our experts acting as an attacker and looking at the system as an outsider. The CoreMax Consulting expert would look for: Remotely exploitable vulnerabilities Patch levels (OS and Apps) Unnecessary services Weakness of encryption Weakness of authentication Etc. Host Based This is an assessment of the health and security of given workstation or server. Automated scanning tools (e.g. Nessus) are the primary vehicle for this type of assessment. Additional hands-on inspection may also be necessary to assess conformance to security best practice.

This assessment will answer questions like: Is patching up to date? Are unnecessary services running? Are anti-virus/anti-malware signatures up to date? This would involve our experts acting as a Sys Admin and auditing the system and applications looking for: Locally exploitable vulnerabilities Patch levels (OS and Apps) Access rights Security best practices Etc. Application Based This is an assessment of the functionality and resilience of the compiled application to known threats. This assessment focuses on the compiled and installed elements of the entire system: how the application components are deployed, communicate or otherwise interact with both the user and server environments. Application scanning tools as well as manual testing with and without application credentials are used to perform this assessment. Typically, some host, network, and general information security practices are assessed as part an application vulnerability assessment. This assessment will answer questions like: Does the application expose the underlying servers and software to malicious attack? Can a malicious user access, modify, or destroy data or services within the system? This would involve the CoreMax Consulting Cyber Security expert auditing an application (typically web based) and looking for vulnerabilities like: SQL Injection Cross Site Scripting Cross Site Request Forgery Improper data sanitization Buffer overflows (limited) Mis-configured/weak authentication Etc.

Compliance This would involve our experts auditing systems for compliance with specific regulations: HIPAA FERPA PCI NIST CIS ITIL etc Physical Security Assessment This assessment typically involves interviews with key staff, documentation review, and an on-site visit to assess appropriate physical and environmental controls for safeguarding computing resources. This assessment will answer questions like: Are there appropriate physical access controls in place for securing servers and desktop machines Are appropriate environmental controls in place to sustain critical computing infrastructure Are systems left logged in while staff are away Enterprise Security Assessment This is a comprehensive study of the hosts, networks, applications, environmental controls, as well as policies and procedures.

Cyber Security Roadmap Questionnaire So how do we get started? The following questionnaire is necessary to guarantee the accuracy of the time estimates as well as the thoroughness of the assessment. Please fill out as much of the information as possible to have as input for our initial consultation. Basic Information Name: Title: Telephone: Cell phone: Email address: All machines: IP Addresses OS All machine names (DNS, WINS, Virtual Hosts, etc.) Is your organization subject to any specific regulatory requirements? (Examples Sarbanes-Oxley, GLBA, HIPAA) Audit Information Would you like the Information Security Office to perform a network-based assessment? (A&P) How many Internet-facing hosts do you want the Information Security Office to assess? Would you like the Information Security Office to perform a host-based assessment? Which hosts? Would you like the Information Security Office to perform compliance, physical or enterprise assessment? If compliance, which regulations? (HIPAA, FERPA, etc.) Would you like the Information Security Office to perform an application security assessment?

Which specific applications? (URL, Application name, Installer, etc.) Would you like this tested with or without credentials? Would you like this tested with or without administrative credentials? Network Security Information Has your organization ever been compromised (internally or externally)? List all IP address blocks registered to your organization. (Example 12.34.56.x/24) List all the domain names registered to your organization. (Examples acme.com; acmesales.com) Does your organization use a local Firewall(s)? If so, please list quantity and manufacturer(s) of firewall(s). Does your organization use a local Intrusion Detection System(s) (IDS)? Does your organization use a local Intrusion Prevention System(s) (IPS)? If your organization uses local IDS, do you use host-based IDS (HIDS) or networkbased IDS (NIDS) or a combination of both? List the quantity of IDS (both HIDS and NIDS) and IPS devices, as well as the manufacturer(s). Do you use DMZ networks? Does your organization have any dedicated connections to other organization s networks (vendors, business partners)? If so, please list all dedicated connections to other networks. Does your organization use any Remote Access services? Specifically, what type of remote access services does your organization use (VPN or Dial-Up RAS)? How many employees use remote access services?

Does your organization use site-to-site Virtual Private Network (VPN) tunnels? If so, how many site-to-site VPN tunnels are in use? Does your organization have any systems that use modems? System Information How many Microsoft Windows NT/2000/2003 servers does your organization use? How many Unix servers (AIX, HPUX, Linux, Solaris, etc.) does your organization use? Please list specific distributions. List any servers with operating systems other than what is listed above. Please include quantities and list specific operating system versions/distributions. How many Microsoft Windows 2000/XP Professional clients does your organization use? List any clients with operating systems other than what is listed above. Please include quantities and list specific operating system versions/distributions. What Enterprise Resource Planning (ERP) application(s) does your organization use? (Examples SAP, Peoplesoft, Oracle, JD Edwards) Please include a brief description of each. What E-commerce application(s) does your organization use? Please include a brief description of each. What database technologies does your organization use? (Examples Oracle, Microsoft SQL, IBM DB2, MySQL) Please include a brief description of the purpose for each.

Service Information What services do you expose to the internet? (Examples: Web, Database, FTP, SSH, etc.) What services do you expose to the campus? What type of authentication do you use for your web services? (Examples: PubCookie, Windows Integrated, htaccess, etc.) What languages do you use for your web services? (Examples: PHP, Perl, Ruby, ASP, etc.) What antivirus application(s) do you use? Is your antivirus application implemented using a managed client/server architecture, or in a stand-alone configuration? What s next? Contact CoreMax Consulting s Cyber Security team head Robert.Linehan@CoreMax.Com to set up your initial consultation - and let us help you gain peace of mind that you have hired the best Cyber Security team for your organization s needs.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback