Selecting a SIEM Provider & Adapting to Information SECURITY DEMANDS

Similar documents
White Paper. How to Write an MSSP RFP

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

How to Write an MSSP RFP. White Paper

Sage Data Security Services Directory

to Enhance Your Cyber Security Needs

Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

RED HAT ENTERPRISE LINUX. STANDARDIZE & SAVE.

The Resilient Incident Response Platform

Cyber Security and Cyber Fraud

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Staffing Services UnderDefense your source of experienced professionals to solve security staffing challenges today

Data Sheet The PCI DSS

Today s cyber threat landscape is evolving at a rate that is extremely aggressive,

TRUE SECURITY-AS-A-SERVICE

FOR FINANCIAL SERVICES ORGANIZATIONS

Symantec Business Continuity Solutions for Operational Risk Management

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

CA Security Management

Act! in the Cloud. Finding your path to success with hosted CRM

Go Cloud. VMware vcloud Datacenter Services by BIOS

NEXT GENERATION SECURITY OPERATIONS CENTER

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

CYBER RESILIENCE & INCIDENT RESPONSE

Best practices in IT security co-management

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

CYBER SECURITY TAILORED FOR BUSINESS SUCCESS

SIEMLESS THREAT DETECTION FOR AWS

A Checklist for Compliance in the Cloud 1. A Checklist for Compliance in the Cloud

Canada Highlights. Cybersecurity: Do you know which protective measures will make your company cyber resilient?

Background FAST FACTS

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE

Incident Response Services

PAGE - 16 PAGE - 1. Sometimes, the solution is just a benchmark away..

Traditional Security Solutions Have Reached Their Limit

Secure your company s Crown Jewels. workshop

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

22 BEVIS MARKS, LONDON, EC3A 7JB

Partner with an MSSP or Grow an In-House Security Team: What s Right For Your Business?

Cyber Risks in the Boardroom Conference

What you need to know about cloud backup: your guide to cost, security, and flexibility. 8 common questions answered

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

74% 2014 SIEM Efficiency Report. Hunting out IT changes with SIEM

Popular SIEM vs aisiem

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

Security-as-a-Service: The Future of Security Management

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com

Predictive Insight, Automation and Expertise Drive Added Value for Managed Services

Run the business. Not the risks.

RSA NetWitness Suite Respond in Minutes, Not Months

ESSENTIAL, QUALITY IT SUPPORT FOR SMALL AND MEDIUM BUSINESSES

Are we breached? Deloitte's Cyber Threat Hunting

Datacenter Care HEWLETT PACKARD ENTERPRISE. Key drivers of an exceptional NPS score

RESELLER LOGO RADICALLY BETTER. DDoS PROTECTION. Radically more effective, radically more affordable solutions for small and medium enterprises

AND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING

INTEGRATION BRIEF DFLabs and Jira: Streamline Incident Management and Issue Tracking.

REGULATORY COMPLIANCE REGULATORY COMPLIANCE SERVICES. Dynamic Solutions. Superior Results.

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

This Online Gaming Company Didn t Want to Roll the Dice on Security That s Why it Worked with BlackBerry

GDPR COMPLIANCE REPORT

भ रत य ररज़र व ब क. Setting up and Operationalising Cyber Security Operation Centre (C-SOC)

COMPANY BROCHURE. About Us. Kinnectiv, LLC. Consulting. Security. Innovation. +1(888)

The Importance of Cybersecurity Threat Detection for Utilities

MITIGATE CYBER ATTACK RISK

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

The State of Cybersecurity and Digital Trust 2016

Modern Database Architectures Demand Modern Data Security Measures

Illinois Cyber Navigator Program

locuz.com SOC Services

KEDAYAM A KAAPAGAM MANAGED SECURITY SERVICES. Kaapagam Technologies Sdn. Bhd. ( T)

THE POWER OF TECH-SAVVY BOARDS:

IT Consulting and Implementation Services

Dell helps you simplify IT

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

CyberArk Privileged Threat Analytics

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

Resolving Security s Biggest Productivity Killer

Core Services for ediscovery Perfection

HOSTED SECURITY SERVICES

deep (i) the most advanced solution for managed security services

IT Security: Managing a New Reality

T-SURE VIGILANCE CYBER SECURITY OPERATIONS CENTRE

DIGITAL TRANSFORMATION IN FINANCIAL SERVICES

OPERATIONS CENTER. Keep your client s data safe and business going & growing with SOC continuous protection

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

SIEM: Five Requirements that Solve the Bigger Business Issues

Symantec Security Monitoring Services

Total Cost of Ownership: Benefits of the OpenText Cloud

align security instill confidence

Healthcare Independent Health Jeremy Walczak

Your single source for a safe, secure, and sustainable airport

EMPOWER PEOPLE IMPROVE LIVES INSPIRE SUCCESS

Grow Your Services Business

Case Study. Encode helps University of Aberdeen strengthen security and reduce false positives with advanced security intelligence platform

KNOWLEDGE GAPS: AI AND MACHINE LEARNING IN CYBERSECURITY. Perspectives from U.S. and Japanese IT Professionals

Transcription:

Selecting a SIEM Provider & Adapting to Information SECURITY DEMANDS 1

Technology is moving fast. TMG is moving faster. TMG (The Members Group) is an organization devoted to making life easier for its clients. As a technology company, TMG continually strives to offer the highest quality, customized card processing and payment solutions in the market. These tailored payment products and services are offered to credit unions and community banks across the U.S. and Canada. Innovation and commitment to excellence is what sets TMG apart from its competition. Of course, advancements in technology do not come without their challenges, especially when it involves keeping data safe and secure. Hackers and cybercriminals are always looking for the big payday. They do this by targeting industries with vast amounts of valuable data and aggressively searching for gaps in their networks and systems. Companies like TMG, ones with access to the personally identifiable information (PII) of consumers, are prime targets for the corrupt, ne er-do-wells of the online underworld. Targeted attacks make it essential for these organizations to deliver safe and secure products that protect the transmission and storage of sensitive data. The continual battle against cybercrime requires a combination of strategic, forward-looking leadership and intuitive, data-driven technology. For many organizations, a security partner plays an important role in the marriage of human and technological advances to defend against cyber-attacks. Selecting the right partner begins with a self-assessment of the organization s strengths and readiness for next-generation enhancements. 2

Opportunities for Enhancement Understanding When an MSSP is the Right Choice TMG has always understood the importance of protecting its data. From the beginning, its technology and security teams have been dedicated to building secure products. However, as advancements in technologies continued to occur so did the threats associated with malicious cyber activity against those technologies. Finding Yourself at a Crossroads TMG has very aggressive business growth objectives. Knowing this may have an impact on the ability to monitor network security at a higher level, the company s technology and security leadership understood the need to prepare for continued growth. As its client base began to grow, and the demand for more innovation in its products and services increased, TMG had to make a decision. Were they going to expend their staff s time on improving the reactive process of security monitoring, or were they going to focus on improving technology by building advanced products with a proactive security approach? Playing to Your Strengths Both reactive security monitoring and proactive security development are critical components in a comprehensive security program, but it all reverts back to assessing a team s strengths and abilities. TMG s team was capable of security monitoring, as they had already been doing so, but the results they were getting from their monitoring could not justify the efforts being dedicated to it. TMG had been committed to building its technology team into an innovative arm of its business, and on-premise security monitoring didn t fit within the team s existing initiatives. This is when TMG realized it was time to partner with a third-party managed security services provider (MSSP) for security information and event management (SIEM) services to complement its security and technology teams. TMG s foresight into the need for future security innovation allowed the company to restructure its technology team to better align with its long-term goals of making clients lives easier. When internal security monitoring threatened to slow the technology team and stifle advancements, there was no time to delay in making a shift in operations. Finding that trusted MSSP partner was going to be critical in the pursuit of a comprehensive security program. 3

Analyzing Options Three Factors to Consider When Selecting an MSSP There are many factors that go into deciding whether or not to hire an MSSP, and if you decide to go with an MSSP, it is equally difficult to decide which one to select. As is common with many organizations, TMG focused on three major factors: effectiveness, value and collaboration. Having already elected to go the route of partnering with an MSSP, it was time to select the provider with the best fit for TMG s needs. Effectiveness The effectiveness factor is about finding an MSSP that excels at providing quality SIEM. TMG has a brand promise to uphold; its products and services are designed to bring innovative and easy-to-use solutions to a quickly advancing industry. To deliver on that promise while maintaining a safe and secure environment, TMG needed to select an MSSP that would exceed the expectations of its financial institution clients and the consumers they serve, as well as align with its pioneering reputation. A performance benchmark had already been established, as TMG s internal technology team had been delivering on-premise security monitoring. TMG s technology team understood its own capabilities and was determined to select a provider that would be even more effective and proactive. Value Value is about getting the best for your organization with the resources you have. Security is not defined by the amount of money you spend, but rather by how well you spend that money. Risk must be assessed and security decisions be made based on findings in the discovery process. On-premise SIEM operations are expensive, and with considerations for salaries, benefits, software licenses, maintenance requirements, and a number of other potential unforeseen expenses, these demands quickly accumulate. With an MSSP, however, the fees are established upfront and honored through the life of the contract. Staffing concerns are removed, and hefty software implementations are no longer a burden. Considering all additional expenses, MSSP is far more affordable than the average on-premise SIEM solution. Collaboration Collaboration is an essential part of any successful SIEM operation, specifically when dealing with a third-party MSSP. Effectiveness and value are not enough; it is imperative the client and MSSP have an open line of communication. Even though the MSSP handles the bulk of the SIEM responsibilities, the client must be prepared to react to security alerts as they are generated. This must be done in a deliberate manner to improve the overall security program. 4

Making the Selection Understanding Your Needs and Finding the Right Fit INDUSTRY STANDARD SIEM Cost Benefit Analysis With a strategic plan in place and three main deciding factors in mind, TMG set out to select a long-term security monitoring partner. From a technical standpoint, switching between SIEM providers can be done fairly easily, but it certainly isn t something a company wants to do from year to year. A great SIEM MSSP will continue to add cumulative value to a client each year, which is why it is important to take your time upfront when searching for the right partner and establishing a lasting relationship. The Right Fit TMG was vigilant in its selection process. Having already managed SIEM internally, TMG s technology and risk teams understood TMG s needs and the appropriate questions to ask. They interviewed a number of MSSPs throughout the U.S., and one provider stood out. TMG became most comfortable with Pratum, a Des Moines, Iowa-based information security, IT risk management, and compliance consulting firm. Pratum specializes in managed security monitoring with a team of engineers and analysts focused on managed services. Pratum fit each of the demands of the three major factors. Its team was highly effective, with accolades in information security and proven results with existing SIEM clients, and the highly competitive pricing of its managed SIEM made it a great value with strong upside. (View the table to the right for typical cost benefits.) Most importantly, Pratum s team thrives on communicating and building strong relationships with its clients. Ready. Set. Go. Once the decision was made, Pratum got to work immediately. The implementation process was simple, and event population began almost instantly. Pratum began by working with TMG on new custom log sources to ensure hard-to-identify systems and applications were logging appropriately. Its ability to quickly familiarize itself with systems and architecture allows Pratum to communicate efficiently with TMG, without needless dialogue. Pratum s focus on event log monitoring and the sorting and correlating of alerts allows TMG to drive its proactive security initiatives without costly interruption. Each organization has its role, and in performing those roles they collectively advance the overall strength of TMG s security program. Cost Comparison Based on 251 Monitored Devices. In-house Solution $ 190,510 $ 66,264 $ 99,510 $ 99,510 Total In-house Cost Year One Costs Year Two Costs Year Three Costs Integrity MSSP $ 66,264 $ 66,264 Total MSSP Cost $ 389,530 $ 198,792 48% Savings with MSSP Option Totaling $190,738 over 3 Years integritysrc.com/images/content/managedsiem_costbenefit_251devices.pdf 5

Evaluation A Look Back on Pratum s Impact Information Processed by Integrity for TMG Events Per Day 112 Million Incidents Per Month 50,000 Notifications Per Month 9,000 Security Alerts Delivered to TMG 23 Tickets Per Month Over the course of its relationship with Pratum, TMG has become immersed in proactively enhancing its security posture while relying on Pratum to deliver important security incidents and alerts. TMG is no longer bothered with an overwhelming number of daily notifications, as Pratum has taken the burden from TMG and turned it into a value-add for the organization. TMG receives relevant security tickets, without the unwanted noise. TMG still remains involved in reacting to relevant incidents that affect its organization, but not without the helpful guidance from its MSSP. Last year we were receiving alerts, which gave us reason to believe we were under attack from a widely publicized vulnerability. However, we were able to work with Pratum to determine that even though we were being probed, we were not actually at risk. Our network was not truly susceptible to the vulnerability, and the controls we have in place assured us of our security, stated Corey Weeklund, Director of Technology Infrastructure at TMG. The thought of an active security breach or malicious cyberattack could send some organizations into panic. TMG decided to keenly avoid the need for frantic response, and instead to rely on Pratum to help its technology and security experts develop a sound security program with guidelines for reacting to cyberattacks. Pratum is poised and ready to notify TMG of any issues or alarms that need attention. This allows TMG s security and technology teams to commit to their own initiatives with the reassurance of Pratum s preparedness to deliver the necessary warnings and first-class security support. 6

Strong Partnership Building a Lasting Relationship To remain focused on enhancing its technologies and maintaining a strong security posture, TMG strategically selected to work with a dedicated managed security services provider for its security information and event management needs. As expected, TMG took the selection process very seriously, and in doing so enlisted Pratum s team of security professionals as their SIEM MSSP. TMG s security and technology teams are confident its network is being properly monitored for incidents and alerts, which allows technology and security leadership throughout the organization to remain focused on what is important to them. The partnership allows each organization to remain dedicated to its core competencies while collectively improving the security and privacy for TMG, its clients and the consumers they serve. TMG devotes time to proactive security enhancements, while Pratum is able to handle the much-needed reactive security landscape. The partnership is now into its fourth year, and their continued efforts allow for constant growth and security development. The information contained herein is proprietary to Pratum and cannot be copied, published, or distributed without the express prior written consent of Pratum 2016. Des Moines (Headquarters) 1370 NW 18th St., Suite 104 Ankeny, IA 50023 515-965-3756 Kansas City Office 9393 West 110th St., Suite 500 Overland Park, KS 66210 Dallas Office 5050 Quorum Dr., Suite 700 Dallas, TX 75254 www.pratumsecurity.com sales@pratumsecurity.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback