Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017

Similar documents
Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

External Supplier Control Obligations. Cyber Security

Building a Resilient Security Posture for Effective Breach Prevention

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

Managed Endpoint Defense

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

MITIGATE CYBER ATTACK RISK

esendpoint Next-gen endpoint threat detection and response

Carbon Black PCI Compliance Mapping Checklist

Designing and Building a Cybersecurity Program

MANAGED DETECTION AND RESPONSE

ForeScout Extended Module for Splunk

NIST Special Publication

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

What It Takes to be a CISO in 2017

Protecting organisations from the ever evolving Cyber Threat

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

CyberArk Privileged Threat Analytics

RiskSense Attack Surface Validation for IoT Systems

A Risk Management Platform

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Managed Security Services - Endpoint Managed Security on Cloud

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

10 FOCUS AREAS FOR BREACH PREVENTION

empow s Security Platform The SIEM that Gives SIEM a Good Name

Securing Digital Transformation

FDIC InTREx What Documentation Are You Expected to Have?

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Total Security Management PCI DSS Compliance Guide

Qualys Indication of Compromise

RSA NetWitness Suite Respond in Minutes, Not Months

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

locuz.com SOC Services

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Cybersecurity for Health Care Providers

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Cybersecurity Auditing in an Unsecure World

SOLUTION BRIEF Virtual CISO

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Industrial Defender ASM. for Automation Systems Management

Continuous Risk Assessment, Made Simple

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

RSA IT Security Risk Management

Continuous protection to reduce risk and maintain production availability

WHITEPAPER. Enterprise Cyber Risk Management Protecting IT Assets that Matter

Mapping BeyondTrust Solutions to

MATURE YOUR CYBER DEFENSE OPERATIONS with Accenture s SIEM Transformation Services

RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH

deep (i) the most advanced solution for managed security services

Automating the Top 20 CIS Critical Security Controls

Effective Strategies for Managing Cybersecurity Risks

Cloud Customer Architecture for Securing Workloads on Cloud Services

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

AT&T Endpoint Security

Oracle Data Cloud ( ODC ) Inbound Security Policies

Securing Your Most Sensitive Data

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

THE ACCENTURE CYBER DEFENSE SOLUTION

Defensible and Beyond

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

the SWIFT Customer Security

Qualys Cloud Platform

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Vulnerability Management

INTELLIGENCE DRIVEN GRC FOR SECURITY

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Best Practices in Securing a Multicloud World

Interpreting the FFIEC Cybersecurity Assessment Tool

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

SIEMLESS THREAT MANAGEMENT

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

Cyber Security For Business

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

Aligning with the Critical Security Controls to Achieve Quick Security Wins

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

ACM Retreat - Today s Topics:

SOLUTION BRIEF. RiskSense Platform. RiskSense Platform the industry s most comprehensive, intelligent platform for managing cyber risk.

McAfee epolicy Orchestrator

Cyber Security Program

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

CYBER SOLUTIONS & THREAT INTELLIGENCE

Verizon Software Defined Perimeter (SDP).

REGULATORY COMPLIANCE REGULATORY COMPLIANCE SERVICES. Dynamic Solutions. Superior Results.

NEXT GENERATION SECURITY OPERATIONS CENTER

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Reinvent Your 2013 Security Management Strategy

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

Defensible Security DefSec 101

CYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager

Transcription:

Technology Roadmap for Managed IT and Security Michael Kirby II, Scott Yoshimura 05/24/2017

Agenda Managed IT Roadmap Operational Risk and Compliance Cybersecurity Managed Security Services 2

Managed IT Strategic Roadmap Long term strategic direction Scale services to larger financial institutions Managed IT Advanced Add Linux, Unix, Oracle, DBA Support, Application Development Add «Shared» Customer Tools Managed IT Custom Ala Carte Option Managed Risk Services Managed Security Services IPT/Network Services Hosted Services Help Desk/Deskside Support 3

Managed IT Enhancements Migrating to new endpoint management system Current system has not kept up with market enhancements New solution will allow greater efficiency in: Patch Management Asset Inventory Software Distribution Configuration Compliance 4

Operational Risk and Compliance Technology Roadmap for Managed IT and Security Transition slide in template is un-editable, using this as a place holder 5

Managed Risk Services Needs Drive Innovation Risk & Control Self Assessment (RCSA) Organizations are in need of a way to evaluate, document & monitor compliance with various regulations, framework & guidance. Managed Security Awareness (MSA) There is increased scrutiny by auditors/examiners surrounding cybersecurity awareness & training. Annual testing & training is not enough to properly equip employees with the tools to detect & properly handle phishing threats. Organizations need a tool to launch & manage phishing campaigns to properly test employees, report to management, & build awareness throughout the enterprise. Vendor Risk Manager (VRM) Enhancements Vendor management continues to be a focus area of regulators. As a result we are continuously looking at ways to create more efficient processes of managing vendors risk, while increase the oversight & monitoring capabilities. Enhanced GLBA/Information Security Risk Assessment & Enhanced Cybersecurity Risk Assessment Current risk assessment processes are designed for periodic (typically annual) evaluations of risk. Organizations are in need of a tool to integrate these risk assessment processes into their internal practices for better identification, monitoring, & reporting of risk. 6

Risk & Control Self Assessment (RCSA) Overview Designed to allow institutions to self assess against various regulations, frameworks, & guidance System defaults with defined Control Objectives to meet designated requirements, along with suggested Control Activities to meet the Control Objectives Quantify coverage & effectiveness of controls, along with documenting justification Ability to upload & attach supporting documentation to centralize documents to provide auditors & examiners to show compliance Progress indicators Ability to generate issues to document, track & monitor areas that need to be addressed based on the self assessment 7

8

9

10

11

Managed Security Awareness (MSA) Overview Social-engineering simulations across four vectors Email Phishing SMS (Smishing) Voice (Vishing) Mobile Media Over 300 phishing templates, 60+ landing pages and 150+ domains Patented multi-variable attack simulations Address book utility which incorporates over 50 data elements from which to measure risk Outlook plugin allows end-user reporting of suspected phishing attempts Leverage Regulatory University (RegU) for education & awareness 12

Vendor Risk Manager (VRM) Overview Real-time, online, quantitative vendor risk assessment and monitoring service VRM allows the institution to evaluate new vendor relationships and monitor existing relationships. Data feeds collected are analyzed by VRM s operational experts. The platform delivers a customized risk score based on the institution s unique relationship with the vendor, and the complete picture of empirical risk data on the vendor. VRM will initiate workflows to review, approve, or notify impacted stakeholders of material changes to the vendor s risk profile. Additionally, institutions can monitor their vendor risk with real time interactive dashboards that give a holistic view of all vendor profiles. 13

14

15

OPERATIONAL RISK Vendor Risk Manager (VRM) Enhancements Roadmap 2017 - Q1 2017 - Q2 2017 - Q3 FUTURE MAR APR MAY JUN JUL AUG SEPT VENDOR SURVEY ENHANCEMENTS ASSESSMENTS Nth PARTY RISK NON-MANAGED SERVICE SLA TRACKING MOBILE ENHANCEMENTS BBB INTEGRATION REPORTING ENHANCEMENTS SSO CONTRACT MANAGEMENT API VENDOR SURVEY ENHANCEMENTS: Support for vendor registration, and survey flow improvements Nth PARTY RISK: Support for relating vendors and factoring in the risk of 4th parties and beyond BBB INTEGRATION: Include BBB and D&B with the other vendor due diligence NON-MANAGED SERVICE: Support for stand-alone use of VRM API: Support for 2-way data integrations for importing/exporting of data with other systems SSO: Support for SSO for seamless authentication with other systems CONTRACT MANAGEMENT: Enhanced support for managing contract terms, renewals, and workflows ASSESSMENTS: New RaaS module for performing Risk Assessments SLA TRACKING: Support for SLA tracking, measuring, reporting and workflows REPORTING ENHANCEMENTS: New chart-based reporting with focus on auditors and compliance MOBILE ENHANCEMENTS: Support for Touch ID and push notifications on Apple ios Devices 16

Enhanced GLBA/Information Security & Cybersecurity Risk Assessments Web based risk assessment modules Based on GLBA & FFIEC Information Security Handbook Based on the FFIEC Cybersecurity Assessment Tool & NIST Cybersecurity Framework New product, service or asset risk assessment process to ensure Information Security & Cybersecurity risks are assessed before launch Incorporate within institutional policies to create a living risk assessment process instead of an annual risk assessment Issue management function to log, monitor & report issues identified in the risk assessment process Control testing documentation & tracking mechanism 17

Cybersecurity Product/Service Roadmap for Managed Security Service Transition slide in template is un-editable, using this as a place holder 18

New Services Roadmap Service Summary Cyberguard Endpoint Threat Detection Powered by Red Canary/Carbon Black Response Purpose: Endpoint threat detection platform that enables detection, response, and insight on threats in your network Cyberguard Endpoint Threat Prevention Powered by CylancePROTECT Purpose: Preventing unauthorized malware from running on a client s network through Artificial Intelligence Vulnerability Management (Enhanced Vulnerability Management, Perimeter and Internal Defense) Purpose: Managed Vulnerability Service utilizing FIS time to remediate asset prioritization 19

Cyberguard Endpoint Threat Detection Detect the threats your prevention tools miss. - Cloud-based 24/7 endpoint activity recording, visibility, and threat detection - Expert analysts to remove false positives - Integrated platform to rapidly respond to threats 20

Endpoint sensors record activity Platform Detects Threats SOC Analysts Investigate Alerts customers MSS responds with power file modifications process creation process injection registry modification module loads binary content user identity network connections EMET alerts 21

Endpoint sensors record activity Platform Detects Threats SOC Analysts Investigate Alerts customers MSS responds with power Identify Using Known bad Good apps gone bad New activity Unusual activity Application Behavioral Analysis User Behavior Analytics Binary Analysis Threat Intelligence Organizational Intelligence 22

Endpoint sensors record activity Platform Detects Threats SOC Analysts Investigate Alerts customers MSS responds with power 24/7 remote monitoring, investigation, and confirmation Full access to endpoint history Automated retrospective hunting from identified IOCs 23

Endpoint sensors record activity Platform Detects Threats SOC Analysts Investigate Alerts customers MSS responds with power Intelligence to understand the threat indicators, endpoint and user information threat timeline 24

Endpoint sensors record activity Platform Detects Threats SOC Analysts Investigate Alerts customers MSS responds with power Included tools and expertise to stop threats and return your organization to a good state Isolate Remediate Research Technical Q&A Automate 25

Cyberguard Endpoint Threat Prevention Predicts cyber attacks and blocks them on the endpoint in real-time before they ever execute. Leverages the power of machines, not humans, to dissect malware s DNA. Artificial intelligence then determines if the code is safe to run. Provides an innovative next generation endpoint threat protection solution to prevent advanced threats and malware from causing harm Utilizes artificial intelligence techniques, machine learning and algorithmic science 26

Cyberguard Endpoint Threat Prevention Prevents malware pre-execution Silences memory attacks, exploits, privilege escalation, fileless attacks Thwarts unauthorized scripts No signatures / infrequent updates Ultra light agent footprint Deployment simplicity Rejects potentially unwanted programs (PUPs) from entering the environment Uncovers the presence of powerful tools that can be used against you All without prior knowledge Protection is not Cloud dependent 27

Vulnerability Management The FIS-Developed Total Risk Score enables clients to quantify the risk of their devices in order to make effective decisions based on organizational risk appetite. Device usage cases build the device risk score and when paired with Common Vulnerability Security Score, it generates the Total Risk Score a numerical value for risk. Device Risk Score CVSS Total Risk Score 28

Vulnerability Management Allows workflow tracking for vulnerabilities Workflow Approvers provide oversight and governance over the Workflow Process. Bulk Remediation of many tasks at once. 29

Vulnerability Management Enhancements Integrate 3 rd Party Objective Assessment/audit findings Track remediation efforts of 3 rd party findings in the same system as tracking regular vulnerability remediation's Leverage existing workflow Risk Accepts Pending Fix False positives Integrate Threat Intelligence chatter into the system Scenario: Dark web chatter that a specific vulnerability is being exploited to deliver malware. The system would raise the priority of remediation based on this intelligence. Remediation prioritization would increase based on intelligence 30

Michael Kirby II, Scott Yoshimura Mike.Kirby@fisglobal.com, scott.yoshimura@fisglobal.com

2017 FIS and/or its subsidiaries. All Rights Reserved. FIS confidential and proprietary information.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback