Security In A Box. Modular Security Services Offering - BFSI. A new concept to Security Services Delivery.

Similar documents
locuz.com SOC Services

BHConsulting. Your trusted cybersecurity partner

Suma Soft s IT Risk & Security Management Solutions for Global Enterprises

Run the business. Not the risks.

Effective Strategies for Managing Cybersecurity Risks

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

INFORMATION SECURITY GOVERNANCE, RISK & COMPLIANCE CLOUD CONSULTING SERVICES CIO & CISO SERVICES. forebrook

BHConsulting. Your trusted cybersecurity partner

SRM Service Guide. Smart Security. Smart Compliance. Service Guide

Security Operations & Analytics Services

Ingram Micro Cyber Security Portfolio

The Common Controls Framework BY ADOBE

Aligning IT, Security and Risk Management Programs. Ahmed Qurram Baig, CISSP, CBCP, CRISC, CISM Information Security & GRC Expert

Healthcare Security Success Story

GDPR Update and ENISA guidelines

FOUNDATION CERTIFICATE IN INFORMATION SECURITY v2.0 INTRODUCING THE TOP 5 DISCIPLINES IN INFORMATION SECURITY SUMMARY

IoT & SCADA Cyber Security Services

Security Readiness Assessment

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

Certified Information Security Manager (CISM) Course Overview

Building a Resilient Security Posture for Effective Breach Prevention

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

Objectives of the Security Policy Project for the University of Cyprus

Automating the Top 20 CIS Critical Security Controls

RMS(one) Solutions PROGRESSIVE SECURITY FOR MISSION CRITICAL SOLUTIONS

PREPARE FOR TAKE OFF. Accelerate your organisation s journey to the Cloud.

Table of Contents. Preface xvii PART ONE: FOUNDATIONS OF MODERN INTERNAL AUDITING

IT Governance ISO/IEC 27001:2013 ISMS Implementation. Service description. Protect Comply Thrive

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

ISO/ IEC (ITSM) Certification Roadmap

SAMPLE REPORT. Business Continuity Gap Analysis Report. Prepared for XYZ Business by CSC Business Continuity Services Date: xx/xx/xxxx

CCISO Blueprint v1. EC-Council

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Securing Data in the Cloud: Point of View

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

Gujarat Forensic Sciences University

Consolidation Committee Final Report

Manchester Metropolitan University Information Security Strategy

Controlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:

Cognizant Cloud Security Solution

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

Accelerate Your Enterprise Private Cloud Initiative

Sirius Security Overview

WHITE PAPER. Title. Managed Services for SAS Technology

Unlocking the Power of the Cloud

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Risk Advisory Academy Training Brochure

ISE North America Leadership Summit and Awards

Click to edit Master title style. DIY vs. Managed SIEM

SOLUTION BRIEF Virtual CISO

Enterprise & Cloud Security

Embedding GDPR into the SDLC. Sebastien Deleersnyder Siebe De Roovere

No IT Audit Staff? How to Hack an IT Audit. Presenters. Mark Bednarz, Partner-In-Charge, Risk Advisory PKF O Connor Davies, LLP

Request for Proposal (RFP)

CA Services Partner. Implementation Enablement. Eugene Banks FY18

Position Description IT Auditor

Information Technology General Control Review

Nebraska CERT Conference

AT FIRST VIEW C U R R I C U L U M V I T A E. Diplom-Betriebswirt (FH) Peter Konrad. Executive Partner Senior Consultant

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Embedding GDPR into the SDLC

Protecting your data. EY s approach to data privacy and information security

Cyber Security Program

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

HITRUST CSF Assurance Program HITRUST, Frisco, TX. All Rights Reserved.

to Enhance Your Cyber Security Needs

Integrigy Consulting Overview

Best Practices in Securing a Multicloud World

Enhance Your Cyber Risk Awareness and Readiness. Singtel Business

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Title: Planning AWS Platform Security Assessment?

External Supplier Control Obligations. Cyber Security

Data Sheet The PCI DSS

Cloud Customer Architecture for Securing Workloads on Cloud Services

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

IT MANAGER PERMANENT SALARY SCALE: P07 (R ) Ref:AgriS042/2019 Information Technology Manager. Reporting to. Information Technology (IT)

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

Certified Cyber Security Specialist

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

Cyber Security Technologies

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

COBIT 5 With COSO 2013

CyberSecurity. Penetration Testing. Penetration Testing. Contact one of our specialists for more information CYBERSECURITY SERVICE DATASHEET

NEXT GENERATION SECURITY OPERATIONS CENTER

CYBER RESILIENCE & INCIDENT RESPONSE

Vol. 1 Technical RFP No. QTA0015THA

John Snare Chair Standards Australia Committee IT/12/4

Secure & Unified Identity

Network Visibility and Segmentation

Leveraging COBIT to Implement Information Security

Privacy By Design: Privacy smart from the start. Agenda. 1. About Deloitte. 2. Privacy Incidents Around the World. 3. Privacy Smart from the Start

ROLE DESCRIPTION IT SPECIALIST

Designing and Building a Cybersecurity Program

Secure Access & SWIFT Customer Security Controls Framework

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

MEETING ISO STANDARDS

Wireless e-business Security. Lothar Vigelandzoon

Transcription:

Modular Security Services Offering - BFSI Security In A Box A new concept to Security Services Delivery. 2017 Skillmine Technology Consulting Pvt. Ltd. The information in this document is the property of Skillmine Technology Consulting Pvt. Ltd. and may not be copied or communicated to a third party or used for any purpose other than that for which it is supplied without the written consent of Skillmine Technology Consulting Pvt. Ltd.

Introduction Security in a Box Banking and Financial Institutions are making huge investments and efforts to ensure seamless access and transaction processing for their customers. Adoption of online banking and usage payment wallets are growing. Along with this, The associated security threats are also growing exponentially. In this context, the security governance, security policy framework and its implementation assume prime importance. As any system cannot be perfect, its audit and expeditious action on the findings become crucial to continuous enhancement of security systems in the face of ever-growing sophistication of potential attackers. Security in a Box is an innovative approach from Skillmine to help customers achieve a highly secure framework with compliance to RBI guidelines and Security standards. The approach allows organization to understand their current state using a gap assessment and to build a framework based on a modular approach at a very value price executed by experts. The customization allows the organization to pick and choose the on demand services based on the priority to provide much needed flexibility. The following pages describes the offerings in detail. 2 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Skillmine Information Security Services Portfolio Governance Risk & Compliance Identity & Access Management Threat Management Security Intelligence Data Protection ISO 27001 & ISO 20000 (IT Services Management) Consulting IT Governance - COBIT Implementation Advisory Enterprise Security Architecture Design Business Continuity & DR planning Network Security Architecture Reviews Information & Network Security Audits Vulnerability Assessment Penetration & Application Security Testing Web Application Security Identity Governance & Administration Access Management for Web & Mobile Directory Services Privileged Access Management Mobile Security Enterprise Single Sign-On IAM Architecture Design Cloud Single Sign-On Technology and Product Selection VM Framework & Strategy APT Risk Mitigation Strategy Advanced Security Testing Services Software Composition Analysis Security Posture Assessment Open Source Compliance Audit Web Threat Detection SOC Consulting Security Analytics Planning Security Dashboard Design Log Analysis Alert Tuning and Optimization SIEM Health Check Audits and Assessments Data Protection Framework Privacy Framework Data Flow Assessment Data Leakage Risk Assessment Data Privacy Assessment DLP Incident Analytics Database Security Data Protection and Audit 3 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Our Approach to Security SECURITY OPERATIONS Maintenance & Support Managed Security Services SOLUTIONS Implementation Integration Testing ASSESSMENT Firewall Assurance Services GRC, VA & PT, DLP Assessment PCI Readiness Assessment Gap Analysis ARCHITECTURE Design Network Segmentation Build PLANNING Workshop Evaluations POC Policies & Procedures 4 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Security In A Box Services Offering BRONZE SILVER GOLD ON DEMAND ISMS Frame Work Policies & Process Development IT Risk Management Framework Development Managed Security operations Centre On Demand Remediation of Gaps High Level Gap Assessment & Recommendations High Level Architecture assessment of Endpoint Protection High Level Architecture Review of Perimeter Security ISMS Governance Framework Creation Vulnerability Assessment & Penetration Testing Deep Dive Gap Analysis & Road map Creation for IT Security & Infrastructure Standards & Compliance Adherence Framework Creation Pre Audit Consulting for Certification Audit. Managed Security Services Audit & Certification Solution Design & Implementation of Security Technologies Firewall Assurance Services Secure Code Review & Web Application Security Testing. Virtual CISO 5 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Bronze ISMS Frame Work Policies & Process Development Building Information Security Management Framework in Lines with ISO 27001 Standards Development of Information Security Policies & Processes in Lines with ISO 27001 High Level Gap Assessment & Recommendations Core infrastructure assessment and security gap analysis based on discussion with IT team Based on identified gaps recommend industry best practices and solutions High Level Architecture assessment of Endpoint Protection Existing endpoint protection architecture assessment Gap assessment in the endpoint architecture and recommendation based on same High Level Architecture Review of Perimeter Security Network security assessment at perimeter level Recommendation based on observations in the network security assessment 6 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Silver IT Risk Management Framework Development Comprehensive view of all risks related to the use of IT and Develop a Framework for Management of IT Related Business Risks ISMS Governance Framework Creation Documenting an ISMS governance framework, and organisational information principles based on ISO 27001 standards Vulnerability Assessment & Penetration Testing VM assessment for current infrastructure and Pen test for core devices with detailed reporting Deep Dive Gap Analysis & Road map Creation for IT Security & Infrastructure Technical analysis (based on tools and techniques) of the existing infrastructure and creation of detailed road map for IT security Standards & Compliance Adherence Framework Creation Creation of ISMS Standards adherence requirement framework with respect to technology, Process & People perspective for the bank. Pre Audit Consulting for Certification Audit. Ensure that Bank is Adhering to all the Standards and guidelines provided by RBI and other Regulatory Authorities. Ensure that all Processes, Policies and Technology controls are in place as per ISMS Standards and other RBI Guidelines Helping the Bank in Remediation of Identified GAP during the Pre Audit. Ensure that Bank is ready for a Standards & Compliance audit. Engage & Coordinate with Third party Certified Auditors for Conducting an Audit and Issuance of Successful audit from the Third Party Auditor 7 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Gold Managed Security operations Centre Real time Security alert monitoring Security event management Security threat management Advanced SIEM tools based security incident response Managed Security Services On-site consulting Perimeter management of the client's network Penetration testing and vulnerability assessments Compliance monitoring Audit & Certification Pre-assessment audit Stage 1 certification audit Stage 2 certification audit Award of ISO 27001 certification 8 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

On Demand On Demand Remediation of Gaps Technical analyse the identified gap/s, design and craft the best fit solution in compliance to the existing infrastructure and implement the same as needed Post implementation support for implemented solution Solution Design & Implementation of Security Technologies Design, Stitch and implement security solution fit to existing environment Compare the available technologies in market with regard to features, stability, effectiveness and cost Firewall Assurance Services Firewall policy audit & clean-up Hidden device rules & rule usage analysis, Rule risk assessment Identification of technical mistakes in firewall rules, Un-used rules audit Secure Code Review & Web Application Security Testing. Authentication, Authorization, Session management, Data validation, Error handling, Encryption, logging Vulnerability, URL manipulation, SQL injection, XSS (Cross Site Scripting), Spoofing etc. Virtual CISO Information security leadership and guidance, Steering committee leadership or participation, Security compliance management, Security policy, process, and procedure development, Internal audit, Penetration testing, Vulnerability assessments, Risk assessment etc. 9 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Skillmine Consulting Services Approach Engage Initiate Discover Construct Recommend Implement Establish relationship Assemble the engagement team Schedule interviews & data collection methods Determine future IT state Build the business case justification Debrief the account team Determine business needs Conduct internal kickoff Execute data collection Conduct gap analysis Develop recommendations Develop detailed implementation plan Capture project requirements Conduct client kick-off Validate assumptions and findings with client Conduct roadmap analysis Conduct roadmap and dependency analysis Develop transition plan Determine scope of consulting engagement Identify quick wins Develop high-level implementation plan Hand-off roadmap to implementation team Develop proposal Conduct Cost Benefit Analysis Were Applicable Present recommendations Evolve client relationship Present proposal Agree on next steps Gain agreement to conduct engagement 10 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Skillmine Methodology Strategic Initiative Planning INSCAPE Information Security through Controls & Processes Project Scope & Planning Conduct current state assessment Co-create the Security Framework Risk Management Conduct Impact Analysis & Risk Assessment Develop Risk Treatment Plan Prepare Control Implementation Strategy Controls Deployment Develop Policies, Procedures & Define Metrics Recommend and Implement Technology Tools Conduct awareness programs and Training Assurance Perform Verification tests & audits Review & Measure Effectiveness, Refine Establish Security Governance & continuous improvements 11 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Skillmine Methodology COMBAT Continuity Management for Business & Technology Strategic Initiative Planning Understand Business & Technology Conduct current state assessment Develop Project Charter Development of Plan Co-create Continuity with Secured Systems Conduct Impact Analysis & Risk Assessment Develop Recovery Strategy, Processes & Procedures Execution, Testing & Maintenance Conduct Testing & Training Refine & Finalize Processes & Procedures Develop Maintenance Procedures & Handover 12 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Our Capability Portrait of Capability Application Dev IT Security IT Infrastructure IT Service Mgmt ERP Bahrain Suite 12, Building 3809 Road 475 Manama PO Box 65176 India # 711, Carlton Tower A-Wing, Old Airport Road Bangalore 560008 Singapore 1 Harbour front Place, Harbour front Tower One Level 04-01 Singapore - 098633 Sydney Level 5, 7 Eden Park Drive Macquarie Park, North Ryde NSW - 2113 13 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Our Customers 14 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

Thank You Chandraprakash C +91 99406 84888 chandraprakash.c@skill-mine.com www.skill-mine.com Our Values Think & Care about Customer s Investment Predictable Delivery Every Time since First Time Passionate about Desired Outcome www.skill-mine.com orders@skill-mine.com info@skill-mine.com 15 2017 Skillmine Technology Consulting Pvt. Ltd. Confidential

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback