Global Security Operation Center GSOC

Similar documents
DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP

Continuous protection to reduce risk and maintain production availability

Virtustream Managed Services Drive value from technology investments through IT management solutions. Tim Calahan, Manager Managed Services

Accelerate Your Enterprise Private Cloud Initiative

EPRO. Electric Infrastructure Protection Initiative EPRO BLACK SKY SYSTEMS ENGINEERING PROCESS

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

REALIZE YOUR. DIGITAL VISION with Digital Private Cloud from Atos and VMware

Smart Data Center Solutions

DATACENTER SERVICES DATACENTER

INTELLIGENCE DRIVEN GRC FOR SECURITY

Angela McKay Director, Government Security Policy and Strategy Microsoft

New Zealand Government IBM Infrastructure as a Service

IT Consulting and Implementation Services

Transforming your IT infrastructure Journey to the Cloud Mike Sladin

Securing Your Digital Transformation

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

How Your Organization Can Drive Success in the Age of Digital Disruption

Information Infrastructure and Security. The value of smart manufacturing begins with a secure and reliable infrastructure

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

21ST century enterprise. HCL Technologies Presents. Roadmap for Data Center Transformation

PAGE - 16 PAGE - 1. Sometimes, the solution is just a benchmark away..

Department of Management Services REQUEST FOR INFORMATION

White Paper. View cyber and mission-critical data in one dashboard

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

PEOPLE INNOVATION CAPITAL INFRASTRUCTURE AGILITY. New Brunswick Growth Opportunity. Cybersecurity

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

SOLUTIONS BRIEF GOGO AIRBORNE SECURITY SUMMARY 2017 Q3 RELEASE

IFC ENERGY STORAGE MARKET REPORT

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

SIMPLIFY IT. Transform IT with VCE and Vblock TM Infrastructure Platforms. Copyright 2011 VCE Company LLC, All rights reserved.

Chapter X Security Performance Metrics

Sentinel and Digital Realty

Cyber Security and Cyber Fraud

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

Harsh Environment Solutions

Cybersecurity. Securely enabling transformation and change

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Power Management Solutions Maximise the reliability and efficiency of your power critical facility

Predictive Insight, Automation and Expertise Drive Added Value for Managed Services

RED HAT ENTERPRISE LINUX. STANDARDIZE & SAVE.

The State of Data Center Health Management Strategy 2017

John Stankey. President and CEO AT&T Operations. UBS Global Media and Communications Conference Dec. 9, 2008

TIES for Microsoft CityNext Next-Generation Situational Awareness

Cybersecurity Risk Management:

UNCLASSIFIED R-1 ITEM NOMENCLATURE FY 2013 OCO

VMware Cloud Operations Management Technology Consulting Services

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

GOVERNMENT IT: FOCUSING ON 5 TECHNOLOGY PRIORITIES

Security and networks

Data center interconnect for the enterprise hybrid cloud

MATURE YOUR CYBER DEFENSE OPERATIONS with Accenture s SIEM Transformation Services

Symantec Data Center Transformation

How Cisco IT Improved Development Processes with a New Operating Model

Data Centre & Colocation in Birmingham. Flexible. Secure. Accredited.

AKAMAI CLOUD SECURITY SOLUTIONS

THE PLATFORM EQUINIX VISION

The Future of Business Continuity & Resiliency

NCSF Foundation Certification

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Cisco Connected Factory Accelerator Bundles

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

SOLUTION BRIEF RSA NETWITNESS NETWORK VISIBILITY-DRIVEN THREAT DEFENSE

WHITE PAPER. HELPING BANKS SECURE DATA DURING AND AFTER DIGITIZATION An Infosys solution

Control Systems Cyber Security Awareness

DIGITAL TRANSFORMATION IN FINANCIAL SERVICES

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

Security Survey Executive Summary October 2008

Build Your Zero Trust Security Strategy With Microsegmentation

Application Performance Optimization Service

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

AtoS IT Solutions and Services. Microsoft Solutions Summit 2012

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Security and Privacy Governance Program Guidelines

IT-CNP, Inc. Capability Statement

The IBM Platform Computing HPC Cloud Service. Solution Overview

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

STRATEGIC PLAN

Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved. FlyntGroup.

Build confidence in the cloud Best practice frameworks for cloud security

align security instill confidence

Excellence Assured Accelerate your business potential with innovative IT Services

Cybersecurity Presidential Policy Directive Frequently Asked Questions. kpmg.com

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

2014 NASCIO Recognition Award Nomination

Smart Manufacturing in the Food & Beverage Industry

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

locuz.com SOC Services

2017 Trends in Datacenter and Critical Infrastructure

Information Security for the Future Seminar Oiva Karppinen, Chief Executive Officer NXme FZ-LLC (Nixu Middle East)

SERVICE OVERVIEW SERVICES CATALOGUE

STRATEGY ATIONAL. National Strategy. for Critical Infrastructure. Government

THE JOURNEY OVERVIEW THREE PHASES TO A SUCCESSFUL MIGRATION ADOPTION ACCENTURE IS 80% IN THE CLOUD

Building Management Solutions. for Data Centers and Mission Critical Facilities

OVERVIEW BROCHURE GRC. When you have to be right

National Policy and Guiding Principles

Copyright 2016 EMC Corporation. All rights reserved.

Transcription:

Global Security Operation Center GSOC Best of Breed Opinion Basic requirements for a best in class Global Security Operation Center. CONSULTING AND INVESTIGATIONS DIVISION The Consulting and Investigations (C&I) Division is part of one of the largest security companies in the United States. With a customer-centric approach that integrates risk management and enterprise security solutions, the company provides consulting and investigations expertise to long-standing customers in a variety of industries. The C&I Division supports customers through direct operating locations in the U.S., Canada, Central, Latin and South America, with local and global capabilities in more than 125 countries through dedicated resources. C&I services include due diligence, business intelligence, security/business continuity assessments, executive protection and transportation security, asset and intellectual property protection, and many other risk mitigation services that augment contract security services. For additional information regarding our full range of national security services, please call: 305.373.8488 or 800.452.1622. Los Angeles New York City Chicago Miami Atlanta Dallas Montreal Mexico City Bogotá Buenos Aires

Global Security Operation Center GSOC : Best of Breed Opinion This document highlights key requirements for the foundation of a best in class Global Security Operation Center (GSOC). A GSOC has diverse components and has to be extremely versatile, requiring synergistic coordination of many tools to work effectively. The key features described in this document offer a high level guide to achieve a comprehensive system for successfully building, maintaining, and running a GSOC. Concept of Operations Defining the charter or Concept of Operations (CONOPS), the role of the GSOC, is the first basic step of planning a GSOC, and should act as a compass for technology selections and deployments. Prioritizing the functions and expected deliverables will drive standards and requirements relating to GSOC tools and resource allocation. Identifying and responding to risks is typically the central role of the GSOC, necessitating monitoring of a range of systems from facility security and life safety systems, to critical equipment and travel risk. Monitoring access control systems is often at the center of GSOC monitoring activities. Defining this as a priority means the GSOC must have the ability to receive and respond to alarms in the most effective way possible. Requirements become clear when establishing the tools necessary to meet these operational monitoring needs. Response times, capacity, and quality can all be improved when the right tools are in place, directly impacting costs and performance. To operate at optimal efficiency, access control systems must have robust integrations allowing for automation, converging data sources such as video, device mapping, and automated logic, into actionable intelligence. Identifying the global system configuration may reveal multiple access control systems, which require a more specialized Physical Security Information Management (PSIMS) tool to integrate and filter data into the GSOC. System Standards and Technology Roadmap During the deployment stage of the GSOC toolbox, the development of system standards and a technology roadmap has proven essential to successful program implementation and continuity. This ensures that as the system grows, it does so in an organized and sustainable way. Developing these standards requires enforcement, which often involves partnering with other organizations within the company during expansion projects. This can be critical. Having standards available to the GSOC and the global team clarifies goals and team and individual roles, sets expectations, enforces accountability and increases operational efficiency. This works best when standards are centralized and accessible through an online portal, or a SharePoint site. 2014 Andrews International, L.L.C Page 1 of 5

Program Optimization It s important to understand when to make the investment in enterprise solutions, and when to find cost effective solutions that achieve the equivalent. For example: leveraging a virtual KVM switch and an industry standard commercial video card to manage a video wall instead of solution with a physical switcher, costly proprietary hardware and an expensive graphical user interface (GUI) may achieve the desired result with a more cost effective alternative design. In other cases, strategic investment in additional resources may result in the best optimization of GSOC function. Establishing a priority for global threat monitoring, for example, might require tools that an organization such as ijet 1 provides, offering 24x7 tracking and analyzing potential threats as well as trusted crisis management and response tools. Visual Command Center by IDV Solutions 2, another example, provides the ability to visualize data while analyzing trends and finding patterns. By searching through historical data and pulling together both external threat data along with internal data such as company internal databases, the result is a convergence of valuable actionable intelligence from divergent sources - all linked into one cockpit view for the GSOC to analyze. System Health Maintaining the system is as important as building it. Ensuring a tracking system is in place enables a GSOC to score the system, identify problems, and establish a transparent system health level. Operational status can be determined on thousands of cameras by detecting if they are online, if they are programmed to do so in the IP digital video management system. Tracking access control activity through automated reports allows for data analysis to identify major inefficiencies in the system. This tracking could also identify building utilization and support cost control for HVAC, in a facilities maintenance/equipment monitoring use. 1 ijet International, Inc. (ijet) an Annapolis, Maryland- based company helps multinational organizations monitor, protect against, and respond to global threats. ijet is a long- standing alliance partner that works with the C&I Division to develop best- of- breed programs for integration and management of next generation Global Security Operations Center (GSOC). 2 Visual Command Center software helps organizations achieve this mission by uniting data from external sources, enterprise systems, and internal devices into a real- time, common operating picture of risk and security. It provides organizations with a practical approach to managing risk a consolidated view to identify, interrogate, and initiate action. 2014 Andrews International, L.L.C Page 2 of 5

An effective global repair and maintenance program is required to ensure all of the GSOC resources and tools are working as expected. In the GSOC environment, devices will experience problems all over the world, so a strong partnership with a systems integrator is essential. Language barriers, regulatory requirements, cultural differences, local customs, and inconsistent installation can make this very challenging. Having comprehensive maintenance guidelines documented and available online for regional managers is important to ongoing success. Mapping maintenance processes is the crucial first step in developing a sustainable maintenance program. Once the detailed standards are established, effective project management followed by a thorough commissioning process must be maintained. GSOC Resiliency Ensuring 100% uptime is critical to a GSOC as it is a truly global helpdesk for safety and security. Having a hot redundant center or regional centers is recommended. The data also needs to be replicated, as many regional server models break up the data, which does not allow for enterprise- wide visibility from any one single GSOC. In trying to achieve this, systems do not always offer hot- swap servers redundancy. If an enterprise s IT department does not have a robust resiliency plan, EMC 3 has exceptional trusted tools that provide this solution. Cyber-security and Intelligence Our Nation s critical infrastructures are composed of public and private institutions in a wide range of sectors that drive the economy and quality of life in our nation. The information highway has become the nervous system that controls our steady flow of commerce. A large portion approximately 85% of critical infrastructure is in the control of private hands. Cyberspace is composed of hundreds of thousands of interconnected computers, servers, routers, switches and fiber optic cables. The health of cyberspace and stability of individual enterprise s information networks is essential to the financial well- being of the nation s critical organizations. While we face ever increasing complexity and dependence on these networks, we are exposed to a rapidly expanding and more aggressive and sophisticated risk landscape. A wide spectrum 3 EMC is a global leader in enabling businesses and service providers to transform their operations and deliver information technology as a service (ITaaS). Fundamental to this transformation is cloud computing. Through innovative products and services, EMC accelerates the journey to cloud computing, helping IT departments to store, manage, protect and analyze their most valuable asset information in a more agile, trusted and cost- efficient way. 2014 Andrews International, L.L.C Page 3 of 5

of multidimensional threats continues to grow and threaten information assets, with cyber- attacks for an equally wide spectrum of motivations. A reactionary approach to these threats poses too great a risk to critical infrastructures. If cyber threats aren t addressed until an attack occurs, unrecoverable loss can result. Just as it is no longer acceptable practice to stand back waiting for physical threats on our physical and human assets, it is the responsibility of enterprises to proactively prepare for cyber threats in order to protect their assets, personnel and customers. Thorough and ongoing risk assessment analysis, the establishment of sound threat intelligence and counter- intelligence should be key objectives of the GSOC. Anticipating what may be coming around the corner or over the horizon best serves the enterprise in protecting all assets, be they informational, physical or personal in nature. Conclusion This is a high level guide, detailing the basic components required for planning a successful GSOC operation. Every GSOC charter differs in order to meet the needs of the company it serves, and so the specific tools required to meet those needs will also differ. The basic requirements outlined herein for setting up the processes and standards are consistent best practices demonstrated by the Pillars of Excellence below. For more information regarding solutions to your specific GSOC needs, contact: D.C. Page Senior Vice President, Consulting and Investigations Andrews International 66 West Flagler Street, Suite 401 Miami, Florida 33130 305.373.8488 dcpage@andrewsinternational.com William M. "Bill" Besse, CHS- V Vice President, Consulting and Investigations Andrews International Dallas, Texas 214.254.3978 (T) 972.741.7532 (C) wbesse@andrewsinternational.com 2014 Andrews International, L.L.C Page 4 of 5

Pillars of Excellence GSOC Components System Health Program Optimization GSOC Resiliency Cyber Security & Intelligence Establishing standards Having the right tools Technology roadmap Concept of Operations Identifying a health score/ monitoring Automating reporting and tracking Global repair and maintenance process Making the best out of the tools that you have Identify the investments needed Dedicated IT support BCP in place Establish redundant server architecture Hot tools to automate failovers Counter- intelligence/ defense Positive collection/ protective Intelligence Dedicated Intel Analyst 2014 Andrews International, L.L.C Page 5 of 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback