Sirius Security Overview

Similar documents
Balancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld

Certified Information Security Manager (CISM) Course Overview

CCISO Blueprint v1. EC-Council

BHConsulting. Your trusted cybersecurity partner

locuz.com SOC Services

The Most Comprehensive Suite of Security Services and Solutions in the Market

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Designing and Building a Cybersecurity Program

Best Practices in Securing a Multicloud World

Information Security Risk Strategies. By

Building a Resilient Security Posture for Effective Breach Prevention

What It Takes to be a CISO in 2017

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

TRIAEM LLC Corporate Capabilities Briefing

Run the business. Not the risks.

HCL GRC IT AUDIT & ASSURANCE SERVICES

BHConsulting. Your trusted cybersecurity partner

Automating the Top 20 CIS Critical Security Controls

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

HITRUST CSF Assurance Program HITRUST, Frisco, TX. All Rights Reserved.

Jeff Wilbur VP Marketing Iconix

ISO STANDARD IMPLEMENTATION AND TECHNOLOGY CONSOLIDATION

Background FAST FACTS

Establishing a Credible Cybersecurity Program. September 2016

Digital Service Management (DSM)

Cybersecurity Auditing in an Unsecure World

Security In A Box. Modular Security Services Offering - BFSI. A new concept to Security Services Delivery.

ISE North America Leadership Summit and Awards

Sage Data Security Services Directory

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

Art of Performing Risk Assessments

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

INFORMATION SECURITY GOVERNANCE, RISK & COMPLIANCE CLOUD CONSULTING SERVICES CIO & CISO SERVICES. forebrook

Operations & Technology Seminar. Tuesday, November 8, 2016 Crowne Plaza Monroe, Monroe Township, NJ

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

Background FAST FACTS

Cloud Customer Architecture for Securing Workloads on Cloud Services

TSC Business Continuity & Disaster Recovery Session

Accelerate Your Enterprise Private Cloud Initiative

SRM Service Guide. Smart Security. Smart Compliance. Service Guide

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

Handling Complex and Difficult Privacy and Information Security Issues

Les joies et les peines de la transformation numérique

Cyber Resilience. Think18. Felicity March IBM Corporation

LESSONS LEARNED IN SMART GRID CYBER SECURITY

The Impact of Cybersecurity, Data Privacy and Social Media

Defense in Depth. Constructing Your Walls for Your Enterprise. Mike D Arezzo Director of Security April 21, 2016

Gujarat Forensic Sciences University

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

IT Consulting and Implementation Services

Aligning IT, Security and Risk Management Programs. Ahmed Qurram Baig, CISSP, CBCP, CRISC, CISM Information Security & GRC Expert

The simplified guide to. HIPAA compliance

Securing Data in the Cloud: Point of View

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

External Supplier Control Obligations. Cyber Security

CyberUSA Government Cyber Opportunities for your Region: The Federal Agenda - Federal, Grants & Resources Available to Support Community Cyber

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security

Checklist for Applying ISO 27000, PCI DSS v2 & NIST to Address HIPAA & HITECH Mandates. Ali Pabrai, MSEE, CISSP (ISSAP, ISSMP)

Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager,

INTO THE CLOUD WHAT YOU NEED TO KNOW ABOUT ADOPTION AND ENSURING COMPLIANCE

Security Diagnostics for IAM

CISO as Change Agent: Getting to Yes

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Welcome to the Jungle: (If we act like prey, they ll act like predators)

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Your Trusted Partner in Europe European Business Reliance Centre

Cyber Security Program

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Plenary Session: Branch Cybersecurity Controls Thursday, February 22 1:15 p.m. 2:15 p.m.

Protect Your Institution with Effective Cybersecurity Governance. Baker Tilly Virchow Krause, LLP

IT-CNP, Inc. Capability Statement

Click to edit Master title style. DIY vs. Managed SIEM

Session ID: CISO-W22 Session Classification: General Interest

White Paper. How to Write an MSSP RFP

University of Pittsburgh Security Assessment Questionnaire (v1.7)

Solutions Technology, Inc. (STI) Corporate Capability Brief

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

CYBER SECURITY WORKSHOP NOVEMBER 2, Anurag Sharma [CISA, CISSP, CRISC] Principal Cyber & Information Security Services

Supporting the Cloud Transformation of Agencies across the Public Sector

FDIC InTREx What Documentation Are You Expected to Have?

Business Continuity Planning

K12 Cybersecurity Roadmap

Transformation in Technology Barbara Duck Chief Information Officer. Investor Day 2018

EU General Data Protection Regulation (GDPR) Achieving compliance

Ransomware A case study of the impact, recovery and remediation events

NYDFS Cybersecurity Regulations

The Common Controls Framework BY ADOBE

Cybersecurity Overview

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

Watson Developer Cloud Security Overview

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Security Awareness Training Courses

CACUBO Higher Education Accounting Workshop Top 10 Cyber Security Issues for Higher Education Business Managers. May 2017

Transcription:

Sirius Security Overview Rob Hoisington IT Security Consultant www.siriuscom.com 8/18/2017 1

Rob Hoisington IT Security Consultant - CISSP, GLEG, GCIH Robert.Hoisington@siriuscom.com - 757.675.0101 Rob Hoisington is a Security Architect and member of the IT Consultant team for Sirius Computer Solutions. Robert holds a Masters of Science degree in Information Technology from University of Maryland University College and he is an alumnus of the U.S. Military Academy at West Point where he received a Bachelors of Science in Computer Science. Rob has been with Sirius Computer Solutions for 5 years. During this time he has worked with clients in a wide variety of industries including banking, insurance, education, healthcare, manufacturing, distribution, and utilities - addressing a wide variety of security, regulatory, and disaster mitigation challenges. Prior to joining Sirius, Rob worked for the U.S. Army as a Signal Corps Officer where he was responsible for technical teams as well as security, networks, and systems both in the U.S. and deployed overseas. Rob is married, has 3 kids, and lives in Spring Hill, Tennessee. www.siriuscom.com 8/18/2017 2

www.siriuscom.com 8/18/2017 3

Agenda Introductions Sirius Consulting Approach and Portfolio (high level) Sirius Security Capabilities Security Consulting Services Security Solutions Client Security Roadmap and Initiatives Next Steps www.siriuscom.com 8/18/2017 4

Sirius Consulting Approach and Portfolio

Consulting Services Portfolio Enterprise Consulting Interim CIO and CISO Services Digital Workspace Internet of Things IT Strategic Roadmaps IT Service Management Technology Solution Evaluation Process Optimization Assessments Cost Reduction Assessments Business Impact and Technology Investment Justification Insourcing/Outsourcing Assessments M&A Due Diligence and Integration Telecommunications Imaging and Print Services Organizational Assessments Data Center Transformation Data Center Models Private Cloud Hybrid Data Center Functions Production Disaster Recovery Other Data Center Services Strategic Planning and Budgeting Current State Inventory End State Design Detailed Implementation Planning and Budgeting Implementation and Testing Implementation Post Mortems DevOps Transformation End-to-End DevOps Lifecycle SDLC & Application Lifecycle Management, Agile, Waterfall, Continuous Release and Deployment Operations Optimization Infrastructure Best Practices ITIL, CMMI, Scaled Agile Framework (SAFe), Lean, and Six Sigma Best Practices Data Strategy Quality Assurance Best Practices and Test Automation Cloud Computing Infrastructure as Code (IaC) Security, Regulatory, Governance and Controls Risk, Security, and Compliance Security Governance Review Enterprise Risk Assessment & Security Posture Services Data Criticality Assessment Vulnerability Assessments Technical Security Architecture Review HIPAA/HITECH & MU Assessment PCI Assessment Security Policy Services Employee Security Awareness SIEM/MSSP Assessment Executive Security Consulting Services Penetration Testing Social Engineering Forensics Code Risk Assessments Business Continuity & IT/DR BC & IT/DR Current State Assessment Business Impact Assessment (BIA & µbia) Emergency Preparedness Action Planning Architecture Standards for Continuity & Recovery Declaration Process Plan Tabletop Exercise Facilitation IT/DR Exercise Planning & Coordination BC Program Awareness Consulting Incident Response Planning Enterprise Communication Planning Family Support Reponses Program www.siriuscom.com 8/18/2017 6

Sirius Security Capabilities

Sirius Security Principles and Approach Vendor neutral and consultative Primary focus is to understand/develop customer requirements including via assessment if necessary. Understand current client environment Understand security drivers (high risk data, privacy, compliance, incidents, etc.) Jointly develop an approach to meeting requirements May include People, Policy, Process, Governance, and Technology Solution/Remediation plan or may not include Sirius capabilities if best fit for client is something we don t offer As a systems integration company, the full Sirius engineering team stands behind the ITC to assist with security implementation services and remediation, including a large number of partner brand skills and services most competitors can t offer the breadth of internal resources and partnerships that Sirius brings to the table for implementation and remediation services. www.siriuscom.com 8/18/2017 8

Sirius Security Architecture Review (SAR) www.siriuscom.com 8/18/2017 9

Sirius Security Consulting Services Compliance PCI DSS, NIST, FISMA, HIPAA, ISO, etc. Assessments Penetration Testing, Network Vulnerability, Web App Vulnerability System Security Configuration Reviews Information Criticality Workshop Governance Third Party Vendor Management, Program Development, Security Awareness Incident Response Physical, Technical, Plan Development, Retainer Digital Forensics Imaging, Extraction, Analysis, Preparation for Counsel, Expert Testimony Executive Security Consulting Services Presales Consulting Security Architecture Review (SAR) Workshop Security Solution Development www.siriuscom.com 8/18/2017 10

Security Solutions Vulnerability Management Patch/System Management Traditional Endpoint Security Next Generation Endpoint Security Next Generation Firewall Network Access Control Content Filtering/Proxy Email Security Security Incident Event Management IPS/IDS Application Protection Identity and Access Management Database Security Remote Access Multi-Factor Authentication Web Application Firewall Endpoint Incident Response Cloud Security Privileged Identity Management Managed Security Services GRC Platforms Data Loss Prevention Network Management and Audit Network Taps SSL Decryption Mobile Device Management Unstructured Data Security Encryption Data Center Segmentation www.siriuscom.com 8/18/2017 11

Sirius Security Solutions and Services Partners and more www.siriuscom.com 8/18/2017 12

Sirius Security Solutions NIST Cyber Defense Matrix View Identify Protect Detect Respond Recover Devices Applications Networks Data Users Degree of Dependency Technology Process People www.siriuscom.com 8/18/2017 13

Client Security Roadmap and Initiatives

Next Steps

THANK YOU www.siriuscom.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback