Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017

Similar documents
Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

External Supplier Control Obligations. Cyber Security

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

Managed Endpoint Defense

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

Building a Resilient Security Posture for Effective Breach Prevention

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

MITIGATE CYBER ATTACK RISK

esendpoint Next-gen endpoint threat detection and response

Carbon Black PCI Compliance Mapping Checklist

Designing and Building a Cybersecurity Program

MANAGED DETECTION AND RESPONSE

ForeScout Extended Module for Splunk

NIST Special Publication

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

What It Takes to be a CISO in 2017

Protecting organisations from the ever evolving Cyber Threat

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

CyberArk Privileged Threat Analytics

RiskSense Attack Surface Validation for IoT Systems

A Risk Management Platform

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

10 FOCUS AREAS FOR BREACH PREVENTION

empow s Security Platform The SIEM that Gives SIEM a Good Name

Securing Digital Transformation

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Qualys Indication of Compromise

RSA NetWitness Suite Respond in Minutes, Not Months

locuz.com SOC Services

Managed Security Services - Endpoint Managed Security on Cloud

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Cybersecurity for Health Care Providers

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Cybersecurity Auditing in an Unsecure World

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

SOLUTION BRIEF Virtual CISO

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

FDIC InTREx What Documentation Are You Expected to Have?

Industrial Defender ASM. for Automation Systems Management

Continuous Risk Assessment, Made Simple

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

RSA IT Security Risk Management

Total Security Management PCI DSS Compliance Guide

Continuous protection to reduce risk and maintain production availability

WHITEPAPER. Enterprise Cyber Risk Management Protecting IT Assets that Matter

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

Mapping BeyondTrust Solutions to

MATURE YOUR CYBER DEFENSE OPERATIONS with Accenture s SIEM Transformation Services

RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH

deep (i) the most advanced solution for managed security services

Automating the Top 20 CIS Critical Security Controls

Cloud Customer Architecture for Securing Workloads on Cloud Services

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

Oracle Data Cloud ( ODC ) Inbound Security Policies

Securing Your Most Sensitive Data

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

THE ACCENTURE CYBER DEFENSE SOLUTION

Defensible and Beyond

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

the SWIFT Customer Security

Qualys Cloud Platform

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Vulnerability Management

INTELLIGENCE DRIVEN GRC FOR SECURITY

Best Practices in Securing a Multicloud World

Interpreting the FFIEC Cybersecurity Assessment Tool

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

Cyber Security For Business

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

Aligning with the Critical Security Controls to Achieve Quick Security Wins

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

SOLUTION BRIEF. RiskSense Platform. RiskSense Platform the industry s most comprehensive, intelligent platform for managing cyber risk.

McAfee epolicy Orchestrator

ACM Retreat - Today s Topics:

Cyber Security Program

CYBER SOLUTIONS & THREAT INTELLIGENCE

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

Effective Strategies for Managing Cybersecurity Risks

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Reinvent Your 2013 Security Management Strategy

AT&T Endpoint Security

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

CYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager

Defensible Security DefSec 101

University of Pittsburgh Security Assessment Questionnaire (v1.7)

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

Technical Review Managing Risk, Complexity, and Cost with SanerNow Endpoint Security and Management Platform

SIEMLESS THREAT MANAGEMENT

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Transcription:

Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 04/12/2017

Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2

Managed IT Strategic Roadmap Long term strategic direction Scale services to larger financial institutions Managed IT Advanced Add Linux, Unix, Oracle, DBA Support, Application Development Add «Shared» Customer Tools Managed IT Custom Ala Carte Option Managed Risk Services Managed Security Services IPT/Network Services Hosted Services Help Desk/Deskside Support 3

Managed IT Enhancements Migrating to new endpoint management system Current system has not kept up with market enhancements New solution will allow greater efficiency in: Patch Management Asset Inventory Software Distribution Configuration Compliance 4

Operational Risk and Compliance Technology Roadmap for Managed IT and Security 5

Managed Risk Services Needs Drive Innovation Risk & Control Self Assessment (RCSA) Organizations are in need of a way to evaluate, document & monitor compliance with various regulations, framework & guidance. Managed Security Awareness (MSA) There is increased scrutiny by auditors/examiners surrounding cybersecurity awareness & training. Annual testing & training is not enough to properly equip employees with the tools to detect & properly handle phishing threats. Organizations need a tool to launch & manage phishing campaigns to properly test employees, report to management, & build awareness throughout the enterprise. Vendor Risk Manager (VRM) Enhancements Vendor management continues to be a focus area of regulators. As a result we are continuously looking at ways to create more efficient processes of managing vendors risk, while increase the oversight & monitoring capabilities. Enhanced GLBA/Information Security Risk Assessment & Enhanced Cybersecurity Risk Assessment Current risk assessment processes are designed for periodic (typically annual) evaluations of risk. Organizations are in need of a tool to integrate these risk assessment processes into their internal practices for better identification, monitoring, & reporting of risk. 6

Risk & Control Self Assessment (RCSA) Overview Designed to allow institutions to self assess against various regulations, frameworks, & guidance System defaults with defined Control Objectives to meet designated requirements, along with suggested Control Activities to meet the Control Objectives Quantify coverage & effectiveness of controls, along with documenting justification Ability to upload & attach supporting documentation to centralize documents to provide auditors & examiners to show compliance Progress indicators Ability to generate issues to document, track & monitor areas that need to be addressed based on the self assessment 7

8

9

10

11

Managed Security Awareness (MSA) Overview Social-engineering simulations across four vectors Email Phishing SMS (Smishing) Voice (Vishing) Mobile Media Over 300 phishing templates, 60+ landing pages and 150+ domains Patented multi-variable attack simulations Address book utility which incorporates over 50 data elements from which to measure risk Outlook plugin allows end-user reporting of suspected phishing attempts Leverage Regulatory University (RegU) for education & awareness 12

Vendor Risk Manager (VRM) Overview Real-time, online, quantitative vendor risk assessment and monitoring service VRM allows the institution to evaluate new vendor relationships and monitor existing relationships. Data feeds collected are analyzed by VRM s operational experts. The platform delivers a customized risk score based on the institution s unique relationship with the vendor, and the complete picture of empirical risk data on the vendor. VRM will initiate workflows to review, approve, or notify impacted stakeholders of material changes to the vendor s risk profile. Additionally, institutions can monitor their vendor risk with real time interactive dashboards that give a holistic view of all vendor profiles. 13

14

15

Vendor Risk Manager (VRM) Enhancements Roadmap 2017 - Q1 MAR 2017 - Q2 APR 2017 - Q3 MAY JUN JUL AUG FUTURE SEPT VENDOR SURVEY ENHANCEMENTS OPERATIONAL RISK ASSESSMENTS Nth PARTY RISK NON-MANAGED SERVICE SLA TRACKING MOBILE ENHANCEMENTS BBB INTEGRATION REPORTING ENHANCEMENTS SSO CONTRACT MANAGEMENT API VENDOR SURVEY ENHANCEMENTS: Nth PARTY RISK: BBB INTEGRATION: NON-MANAGED SERVICE: API: SSO: CONTRACT MANAGEMENT: ASSESSMENTS: SLA TRACKING: REPORTING ENHANCEMENTS: MOBILE ENHANCEMENTS: Support for vendor registration, and survey flow improvements Support for relating vendors and factoring in the risk of 4th parties and beyond Include BBB and D&B with the other vendor due diligence Support for stand-alone use of VRM Support for 2-way data integrations for importing/exporting of data with other systems Support for SSO for seamless authentication with other systems Enhanced support for managing contract terms, renewals, and workflows New RaaS module for performing Risk Assessments Support for SLA tracking, measuring, reporting and workflows New chart-based reporting with focus on auditors and compliance Support for Touch ID and push notifications on Apple ios Devices 16

Enhanced GLBA/Information Security & Cybersecurity Risk Assessments Web based risk assessment modules Based on GLBA & FFIEC Information Security Handbook Based on the FFIEC Cybersecurity Assessment Tool & NIST Cybersecurity Framework New product, service or asset risk assessment process to ensure Information Security & Cybersecurity risks are assessed before launch Incorporate within institutional policies to create a living risk assessment process instead of an annual risk assessment Issue management function to log, monitor & report issues identified in the risk assessment process Control testing documentation & tracking mechanism 17

Cybersecurity Product/Service Roadmap for Managed Security Service 18

New Services Roadmap Service Summary Cyberguard Endpoint Threat Detection Powered by Red Canary/Carbon Black Response Purpose: Endpoint threat detection platform that enables detection, response, and insight on threats in your network Cyberguard Endpoint Threat Prevention Powered by CylancePROTECT Purpose: Preventing unauthorized malware from running on a client s network through Artificial Intelligence Vulnerability Management (Enhanced Vulnerability Management, Perimeter and Internal Defense) Purpose: Managed Vulnerability Service utilizing FIS time to remediate asset prioritization 19

Cyberguard Endpoint Threat Detection Detect the threats your prevention tools miss. - Cloud-based 24/7 endpoint activity recording, visibility, and threat detection - Expert analysts to remove false positives - Integrated platform to rapidly respond to threats 20

Endpoint Platform SOC Analysts Alerts MSS responds sensors record Detects Threats Investigate customers with power activity file modifications registry modification user identity process creation module loads network connections process injection binary content EMET alerts 21

Endpoint Platform SOC Analysts Alerts MSS responds sensors record Detects Threats Investigate customers with power activity Using Identify Known bad New activity Good apps gone bad Unusual activity Application Behavioral Analysis Binary Analysis Threat Intelligence User Behavior Analytics Organizational Intelligence 22

Endpoint Platform SOC Analysts Alerts MSS responds sensors record Detects Threats Investigate customers with power activity 24/7 remote monitoring, investigation, and confirmation Full access to endpoint history Automated retrospective hunting from identified IOCs 23

Endpoint Platform SOC Analysts Alerts MSS responds sensors record Detects Threats Investigate customers with power activity Intelligence to understand the threat indicators, endpoint and user information threat timeline 24

Endpoint Platform SOC Analysts Alerts MSS responds sensors record Detects Threats Investigate customers with power activity Included tools and expertise to stop threats and return your organization to a good state Isolate Remediate Research Technical Q&A Automate 25

Cyberguard Endpoint Threat Prevention Predicts cyber attacks and blocks them on the endpoint in real-time before they ever execute. Leverages the power of machines, not humans, to dissect malware s DNA. Artificial intelligence then determines if the code is safe to run. Provides an innovative next generation endpoint threat protection solution to prevent advanced threats and malware from causing harm Utilizes artificial intelligence techniques, machine learning and algorithmic science 26

Cyberguard Endpoint Threat Prevention Prevents malware pre-execution No signatures / infrequent updates Silences memory attacks, exploits, privilege escalation, fileless attacks Ultra light agent footprint Thwarts unauthorized scripts Deployment simplicity Rejects potentially unwanted programs (PUPs) from entering the environment Uncovers the presence of powerful tools that can be used against you All without prior knowledge Protection is not Cloud dependent 27

Vulnerability Management The FIS-Developed Total Risk Score enables clients to quantify the risk of their devices in order to make effective decisions based on organizational risk appetite. Device usage cases build the device risk score and when paired with Common Vulnerability Security Score, it generates the Total Risk Score a numerical value for risk. Device Risk Score CVSS Total Risk Score 28

Vulnerability Management Allows workflow tracking for vulnerabilities Workflow Approvers provide oversight and governance over the Workflow Process. Bulk Remediation of many tasks at once. 29

Vulnerability Management Enhancements Integrate 3rd Party Objective Assessment/audit findings Track remediation efforts of 3rd party findings in the same system as tracking regular vulnerability remediation's Leverage existing workflow Risk Accepts Pending Fix False positives Integrate Threat Intelligence chatter into the system Scenario: Dark web chatter that a specific vulnerability is being exploited to deliver malware. The system would raise the priority of remediation based on this intelligence. Remediation prioritization would increase based on intelligence 30

Michael Kirby II, Scott Yoshimura Mike.Kirby@fisglobal.com, scott.yoshimura@fisglobal.com

2017 FIS and/or its subsidiaries. All Rights Reserved. FIS confidential and proprietary information.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback