SlideShare une entreprise Scribd logo

Kmicro Cybersecurity Offerings 2020

Manuel Guillen
Manuel Guillen

KMicro Tech Managed Services and Capabilities

Technologie
1  sur  11
Télécharger pour lire hors ligne
Cybersecurity Offerings Owner: KMicro Tech, March 2020
Table of Contents Summary of Offerings .........................................................................................................3 Cyber Security Consultancy & Advisory Services ................................................................3 Compliance and Governance .................................................................................3 Business Continuity Planning (BCP)........................................................................6 Cybersecurity Assurance & Secure Infrastructure ..............................................................7 Azure/Office 365 Security ......................................................................................7 Data Protection Assessments.................................................................................7 Firewalls (UTMs, NGFWs, etc.)...............................................................................8 Network Intrusion Detection Systems & Host Intrusion Detection Systems.........8 Virtual Private Networks ........................................................................................8 Security Event Management (SIEM).......................................................................9 System Hardening ..................................................................................................9 Identity access management (IAM)........................................................................9 Wireless Security....................................................................................................9 User Security Awareness & Training ......................................................................9 Penetration Testing............................................................................................. 10 Managed Security Services............................................................................................... 11 Incident Response ............................................................................................... 11
Summary of Offerings Kmicro partners with organizations to create and establish effective cybersecurity programs. From our state-of-the-art Security Operations Center (SOC), we help protect data, and critical IT infrastructure while ensuring compliance with industry and government regulations. With our expert security assessments that provide insight into weak points and compromises on your network. We support organizations to develop tailored security programs backed by on-call expertise and continuous monitoring. We work to attain visibility into our clients Cybersecurity programs and protection assurance controls across the entire attack surface including IT services, connected devices, assets in the cloud and through security focused third-party and vendor management. Security Solutions • Data Protection & Data Leakage Prevention (DLP) • Cybersecurity Framework & InfoSec Development • Vulnerability Scanning & Penetration Testing Cloud Security Assurance • Office 365 & Azure Security Benchmarking • Identity & Access Management • Secure Cloud Data Management Managed Security Services • Security Information & Event Management (SIEM) • Advanced Threat Protection • Mobile Device Management Governance & Compliance • Risk Analysis and Management (CIS/NIST/PCI/HIPAA/HITECH) • Compliance and Audit Preparedness • Incident & Privacy Breach Response Cyber Security Consultancy & Advisory Services The products and services to be included within KMicro’s Cybersecurity offering are described in greater detail below. Compliance and Governance Many organizations facing the current cybersecurity environment are overwhelmed by what we call the “Fog of More”—a constant stream of new information and problems. They are challenged by competing expert opinions, a noisy and fast-changing marketplace of potential solutions, and unclear or overwhelming regulatory and compliance requirements. KMicro works with clients to establish both CIS & NIST Cybersecurity Frameworks and Controls. The CIS Controls are a prioritized set of actions to defend against pervasive cyber threats and is the framework we propose to small to medium sized business to help establish Cybersecurity Program within their organization. The CIS Controls are developed by a global expert community
based on their first-hand experience of the threat environment to identify the most high-value practices to secure networks. Their in-depth understanding of the current threat landscape drives the priority order and focus of the CIS Controls. Further, CIS routinely incorporates feedback from the user community and ensures the best practices are vendor-neutral. Trusted by security leaders in both the private and public sector, the CIS Controls: • Leverage the battle-tested expertise of the global IT community to defeat over 85% of common attacks that focuses on proven best practices, not on any one vendor’s solution • Offer the perfect on-ramp to execute compliance programs with mappings to PCI, NIST, ISO, and HIPAA Phased implementations helps ensure that organizations receive the most significant benefits by implementing the highest priority controls first. Cybersecurity Maturity Assessment KMicro will help define the fundamental parts of an organization’s Information Security program, develop better “security situational awareness,” and create a solid foundation for program development. • Assess Current Conditions - We perform a thorough evaluation of the current state of controls and gain an understanding of the organizational risk appetite and business objectives. • Analyze Gaps – Industry best practices will be compared to an organization’s current controls and changes will identified to build a relevant, actionable, and sustainable security program.
Corporate Security Policy Developing a proper Information Security Policies for your organization is the first step in the development of a comprehensive security strategy. KMicro works with organizations to deal with all three parameters that are required for enabling a robust cybersecurity program including the people, the technology and processes. Information security policies have to address electronic business application security, enterprise security & business continuity, remote access & Internet Security, and infrastructure security management. Information Security Policy Development Depending on the requirements of the organization, there are requirements for varying policies, processes, and standards to be generated or updated. Each position paper will describe in detail the policies for a specific domain and if required, define the procedures for implementing those policies. Each defined policy could have the following subsections: policy number, name of the policy, description, audience, owner and any other related policy number. Information Security standards can be based on the various domains as defined by ISO27001, NIST or other established standards and frameworks. However, any additional domains can also be incorporated, if required. Some common domains that have its own policies in a corporate environment are • Information Security Planning Policy • Risk Management Policy • Information Security Awareness Policy • Communications & Outreach Policy • Performance Management Policy • Information Classification Policy • Asset Inventory Policy • Asset Categorization Policy • Physical and Environment Security Policy • Sanitization Policy • Equipment Movement Policy • Operating Procedures Policy • Separation of Duties Policy • Business Continuity Management Policy • Third Party Policy • Capacity Management • Anti-Virus Policy • Backup Policy • Interconnection Policy • Media Management Policy • Information Exchange Policy • Data Management Security • Security Monitoring and Logging • Monitoring Policy • Patch Management Policy • Identity and Access Management • User Access Management Policy • Password Policy • Lockout Policy • Roles & Responsibilities • Clear Desk Policy • Network Security Policy • Network DMZ Policy • Mobile Computing Policy • Information Security Analysis Policy • Data Validation Policy • Encryption Policy • Testing Policy • Source Code Library • Change Management Policy • System Acceptance Policy • Software Installation Policy • Vulnerability Scanning Policy • Incident Management Policy
Risk Assessment Based on the Goals set out in the Corporate Security Policy, a Gap Analysis will be carried out in accordance with security standards and frameworks such ISO 27001, CIS & NIST Cybersecurity Frameworks. In order to perform an evaluation, KMicro has devised an approach that is both effective and efficient. In summary, our overall methodology consists of the following: 1. Understand the organization’s Business Objectives and Daily Operations Workflow 2. Design and Implement a Risk Management Framework (Strategic and Technical) 3. Devise a Risk Treatment Plan • Step 1 – Identify Threats and Vulnerabilities • Step 2 – Identify Existing Controls and Determine Likelihood • Step 3 – Determine Impact • Step 4 – Determine Risk Scoring Business Continuity Planning (BCP) With a methodology used to create a plan for how an organization will resume partially or completely interrupted critical function(s) within a predetermined time after a disaster or disruption, KMicro works with organizations to develop Business Continuity Plans. BCP may be a part of a larger organizational effort to reduce operational risk associated with poor information security controls, and thus has a number of overlaps with the practice of risk management. Business Continuity Management A complete BCM focuses on ensuring the expedient response, recovery and restoration of critical business processes due to unplanned business interruptions. A completed BCP cycle results in a formal printed manual available for reference before, during, and after disruptions have occurred. For such a comprehensive BCP, the term disaster can represent a natural disaster, man-made disaster, and disruptions. BCM Benefits Organizations which implement a robust business continuity management process will benefit from: • Increased resilience to key threats • Greater awareness of risk exposures • Ability to respond rapidly to minimize costly interruptions • A workable, accountable approach that can be reviewed • A marketing advantage with key customers • A process which can be part of corporate governance • An enhanced insurance profile
Cybersecurity Assurance & Secure Infrastructure Architecture development is essential for secure and stable operational IT environments. With the emphasis on IT assets in most organizations today, proper design and development of secure infrastructure becomes a necessity. Our consultants enable the development of comprehensive design and implementation for various technologies used for security enhancement. Azure/Office 365 Security • Implement and manage identity and access • Implement and manage threat protection • Implement and manage information protection • Manage governance and compliance features in Office 365 • Enterprise Mobile Security Data Protection Assessments The assessment and development of a Data Protection Program (DPP) follows an incremental approach that builds on existing organizational structures, processes and controls and allow for adherence to regulations such as GDPR and CCPA. DPP projects will work to preserve existing sensitive data and data privacy efforts already undertaken by organizations and work towards implementation of a Data Protection Program (DPP) specifically to plan, that effectively manages data protection within the organization. As a practical approach, KMicro will review existing data protection and privacy arrangements and will provide an understanding of the current state of controls, and a roadmap for what needs to be completed to ensure that the sensitive data and privacy of information is appropriately stewarded and preserved. KMicro will conduct a current state assessment of normal business processes, data flow and data content analysis that includes: 1. Review Data Classification policy including categories, description, integration with normal business processes. 2. Review current technology in place for data visibility and controls (data loss, encryption, classification, etc.). 3. Review current data classification & protection roles and supporting functions across IT Security, Compliance, Privacy. 4. Review a subset of specific data protection requirements from key business units. 5. Review current areas of data lifecycle: storage, data in motion, and data handling across the organizations IT infrastructure; Network review of egress points, endpoint environment (USB, web uploads, etc.), data at rest (Network shares/internal collaboration sites, SharePoint, etc.), and cloud and off-prem services/applications. 6. Analyze current processes in place that address data classification; Employee communication and awareness, enabling employees and data owners to manage data protections, and escalation processes.
7. Review current data protection roles and supporting functions across IT Security, Compliance, Privacy, and Investigations/Incident response teams. 8. Review and identify types of data, regulatory controls that may be mandated upon Client, data ownership, business processes dependencies (GDPR, PII, PHI/HIPPA, CCPA). 9. Conduct business process mapping and strategy sessions with key Lines of Business, Compliance, and Information Security teams to define and prioritize data protection requirements. 10. Conduct DLP Workshop Sessions to discuss Data Protection Impact Analysis that includes regulatory policy requirements with HR, Legal, Finance, and additional key business units for HIPAA, CCPA, GDPR. 11. Review current incident response functions within the organization and determine workflow for DLP and data privacy incident management & escalation. Firewalls (UTMs, NGFWs, etc.) Firewall is the principal tool for keeping unwanted intruders out of a specific network. A firewall usually sits between a trusted network, such as the Corporate LAN, and untrusted network, such as the Internet. Its main role is to restrict the traffic going into the trusted network while only allowing authorized traffic to go out to the untrusted network. This same device can also be used to protect more secure areas of the Intranet from the less secure areas. In addition, in today’s day of business-to-business communication, it can also be used at the perimeter to protect the Corporate Infrastructure from traffic originating from business partners. Network Intrusion Detection Systems & Host Intrusion Detection Systems Intrusion Detection is essential for Monitoring of the Corporate Infrastructure. After the completion of the design and then implementation of the security solution, there is a need to verify whether the solution is secure enough. Intrusion Detection is the technique to continuously monitor all the traffic coming into a specific network and/or the hosts systems to detect any malicious or harmful traffic. Upon detection, the intrusion detection system will generate an alert for the relevant security administrator. In addition, the IDS can also take specific action such as blocking the source of the harmful traffic. Virtual Private Networks A Virtual Private Network (VPN) is a private tunnel in the public network for connectivity between various corporate entities i.e. having corporate or private data passing through the Internet via a secure pipe. This is in comparison with the earlier model where point-to-point connectivity was used for corporate connectivity and connection to the public network was only allowed for Internet related activities. VPNs are playing a vital role in today’s connected infrastructure. They have led to significant cost savings and provide anytime anywhere connectivity for mobile users. However, security is one of the biggest concerns for such connectivity as the traffic passing through the VPN can contain critical corporate data such as payrolls or financial transactions.
Security Event Management (SIEM) The number of events from different security devices that need to be monitored and managed by a limited number of individuals in any operational environment has multiplied exponentially. These include syslogs from firewalls, alerts from IDS, logs from critical systems and networking equipment, all need to be monitored, especially during a security incident. Security Event Management tools enable normalization and correlation of all these events, which implies that a single console is used to monitor all these devices. This leads to less operational overhead and less false positives. System Hardening To ensure comprehensive end-to-end security, Operating Systems running critical services need to be properly hardened. This is done by applying the latest patches, turning off services that are not required and using products such as tripwire to ensure integrity of the data on the system. In addition, technologies such as SSH and SSL can be utilized for further enhancing the security of the systems. KMicro is a CIS SecureSuite Services Member https://www.cisecurity.org/partners-services/. CIS SecureSuite Membership provides KMicro access to multiple cybersecurity resources including our CIS-CAT Pro configuration assessment tool, build content, full-format CIS Benchmarks™, and more. Start secure and stay secure with integrated cybersecurity tools and best practice guidance for over 150 technologies. Identity access management (IAM) Identity Management has become one of the critical factors for many organizations providing remote access to its employees, partners and customers. By the combination of various methodologies, such as authentication, access control and user policies, a comprehensive Identity Management solution can be provided. Wireless Security With the proliferation of wireless networks in business environments, security has become of paramount importance. Many wireless networks deployed have little or no security and these networks with inherent vulnerabilities can easily be exploited to get access to core corporate systems. User Security Awareness & Training One of the best ways to decrease the security threat of any organization is to make its employees security aware. These are the people who would suffer the most from any security incident and these are the people who can make the organization’s security program successful through proper compliance. In Information Security, as in anything else in the world, awareness of a danger is the first step towards taking the necessary precautions. By enabling a step-by-step security awareness program, the management of the organization can significantly reduce the threat profile for the critical assets as well as the non-critical assets. • Security for Senior Management • Security Awareness Campaign for General Users • Security Awareness Quiz
Penetration Testing Whether internal or external, Network Penetration Testing is executed in four phases, with the goal of exploiting discovered vulnerabilities. Performing regular penetration tests will reveal emerging vulnerabilities against newly discovered threats. • Identify unknown flaws or vulnerabilities that can result in a breach or disclosure • Discover vulnerabilities that traditional control-based testing methodologies can potentially miss • Validate, understand, and prepare for known risks to your organization • Update and maintain regulatory or compliance controls • Avoid costly downtime as a result of a security breach • Develop a roadmap to remediate vulnerabilities and address risk • Manage risk on an ongoing basis, as you make changes to your business or network Penetration tests are offered in the following areas: • Web Applications • Network and infrastructure • Inside testing • Exterior testing • Wireless • Social Engineering • Phishing (Email setup) Other Information Security Assurance Offerings • Web content filtering • Endpoint protection Anti-Malware, • Anti-spam • Vulnerability scanning • Patch management • Data loss prevention (DLP) • Privileged access management (PAM) • Solution/tool research and requisition • Solution implementation • Management of security systems
Managed Security Services Managed Security Services (MSS) is defined as "the remote management or monitoring of IT security functions delivered via remote Security Operations Centers (SOCs), not through personnel on-site." Therefore, Managed Security Services do not include staff augmentation or any consulting or development and integration services. Managed Security Services include: • Monitored or managed firewalls or intrusion prevention systems (IPS) • Monitoring or managed intrusion detection systems (IDS) • Managed secure messaging gateways • Managed secure Web gateways • Managed endpoint protection • Security information & event management (SIEM) • Managed vulnerability scanning of networks, servers, databases or applications • Security vulnerability or threat notification services • Log management and analysis • Reporting associated with monitored/managed devices and incident response Incident Response Incident Handling Incident Response is the methodology used to handle an event that interrupts normal operating procedure in an Information Technology environment. These events can be anything from a Denial of Service (DoS) attack, a malicious intrusion or any other activity that is not authorized. However, every incident is characterized by intense pressure and constraints on time and resources. Therefore, there is a need to develop a formal strategy to provide a framework for handling of these incidents. • Incident Handling Policy • Computer Security Incident Response Team (CSIRT) • Incident Handling Procedures • Business Continuity Planning & Disaster Recovery Planning

Recommandé

Information security management (bel g. ragad)
Information security management (bel g. ragad)Information security management (bel g. ragad)
Information security management (bel g. ragad)Rois Solihin
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurestorm
 
Information Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsInformation Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsOxfordCambridge
 
IT Security & Governance Template
IT Security & Governance TemplateIT Security & Governance Template
IT Security & Governance TemplateFlevy.com Best Practices
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service PresentationWilliam McBorrough
 
information security management
information security managementinformation security management
information security managementGurpreetkaur838
 
Cyber Security Risk Management
Cyber Security Risk ManagementCyber Security Risk Management
Cyber Security Risk ManagementShaun Sloan
 
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...festival ICT 2016
 

Recommandé

Information security management (bel g. ragad)
Information security management (bel g. ragad)Information security management (bel g. ragad)
Information security management (bel g. ragad)Rois Solihin
 
Security Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurity Framework for Digital Risk Managment
Security Framework for Digital Risk ManagmentSecurestorm
 
Information Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsInformation Security Governance: Concepts, Security Management & Metrics
Information Security Governance: Concepts, Security Management & MetricsOxfordCambridge
 
IT Security & Governance Template
IT Security & Governance TemplateIT Security & Governance Template
IT Security & Governance TemplateFlevy.com Best Practices
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service PresentationWilliam McBorrough
 
information security management
information security managementinformation security management
information security managementGurpreetkaur838
 
Cyber Security Risk Management
Cyber Security Risk ManagementCyber Security Risk Management
Cyber Security Risk ManagementShaun Sloan
 
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...
Security Risk Management: ovvero come mitigare e gestire i rischi dei dati at...festival ICT 2016
 
Securing ever growing and complex business systems v1 1
Securing ever growing and complex business systems v1 1Securing ever growing and complex business systems v1 1
Securing ever growing and complex business systems v1 1Maganathin Veeraragaloo
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0Maganathin Veeraragaloo
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationWilliam McBorrough
 
What is expected from an organization under NCA ECC Compliance?
What is expected from an organization under NCA ECC Compliance?What is expected from an organization under NCA ECC Compliance?
What is expected from an organization under NCA ECC Compliance?VISTA InfoSec
 
develop security policy
develop security policydevelop security policy
develop security policyInfo-Tech Research Group
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governancenooralmousa
 
Simplifying Security for Cloud Adoption - Defining your game plan
Simplifying Security for Cloud Adoption - Defining your game planSimplifying Security for Cloud Adoption - Defining your game plan
Simplifying Security for Cloud Adoption - Defining your game planSecurestorm
 
Information Systems Policy
Information Systems PolicyInformation Systems Policy
Information Systems PolicyAli Sadhik Shaik
 
Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Avinash Ramineni
 
Enterprise Architecture and Information Security
Enterprise Architecture and Information SecurityEnterprise Architecture and Information Security
Enterprise Architecture and Information SecurityJohn Macasio
 
ISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkMaganathin Veeraragaloo
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsMaganathin Veeraragaloo
 
Business Continuity Management: How to get started
Business Continuity Management: How to get startedBusiness Continuity Management: How to get started
Business Continuity Management: How to get startedIT Governance Ltd
 
Information Security Intelligence
Information Security IntelligenceInformation Security Intelligence
Information Security Intelligenceguest08b1e6
 
Sec+ Organizational Security
Sec+ Organizational SecuritySec+ Organizational Security
Sec+ Organizational SecurityDavid Meltzer
 
Cissp notes
Cissp notesCissp notes
Cissp notesJagbir Singh
 
How to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHow to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHanaysha
 
Security services mind map
Security services mind mapSecurity services mind map
Security services mind mapDavid Kennedy
 
Improving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity FrameworkImproving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity FrameworkWilliam McBorrough
 
Cloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor RiskCloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor RiskHealth Catalyst
 
CompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptxCompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptxInfosectrain3
 

Contenu connexe

Tendances

Securing ever growing and complex business systems v1 1
Securing ever growing and complex business systems v1 1Securing ever growing and complex business systems v1 1
Securing ever growing and complex business systems v1 1Maganathin Veeraragaloo
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationWilliam McBorrough
 
What is expected from an organization under NCA ECC Compliance?
What is expected from an organization under NCA ECC Compliance?What is expected from an organization under NCA ECC Compliance?
What is expected from an organization under NCA ECC Compliance?VISTA InfoSec
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015Capgemini
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governancenooralmousa
 
Simplifying Security for Cloud Adoption - Defining your game plan
Simplifying Security for Cloud Adoption - Defining your game planSimplifying Security for Cloud Adoption - Defining your game plan
Simplifying Security for Cloud Adoption - Defining your game planSecurestorm
 
Information Systems Policy
Information Systems PolicyInformation Systems Policy
Information Systems PolicyAli Sadhik Shaik
 
Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Avinash Ramineni
 
Enterprise Architecture and Information Security
Enterprise Architecture and Information SecurityEnterprise Architecture and Information Security
Enterprise Architecture and Information SecurityJohn Macasio
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsMaganathin Veeraragaloo
 
Business Continuity Management: How to get started
Business Continuity Management: How to get startedBusiness Continuity Management: How to get started
Business Continuity Management: How to get startedIT Governance Ltd
 
Information Security Intelligence
Information Security IntelligenceInformation Security Intelligence
Information Security Intelligenceguest08b1e6
 
Sec+ Organizational Security
Sec+ Organizational SecuritySec+ Organizational Security
Sec+ Organizational SecurityDavid Meltzer
 
How to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHow to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHanaysha
 
Security services mind map
Security services mind mapSecurity services mind map
Security services mind mapDavid Kennedy
 
Improving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity FrameworkImproving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity FrameworkWilliam McBorrough
 

Tendances (20)

Securing ever growing and complex business systems v1 1
Securing ever growing and complex business systems v1 1Securing ever growing and complex business systems v1 1
Securing ever growing and complex business systems v1 1
 
TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0TOGAF 9 - Security Architecture Ver1 0
TOGAF 9 - Security Architecture Ver1 0
 
MCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service PresentationMCGlobalTech Consulting Service Presentation
MCGlobalTech Consulting Service Presentation
 
What is expected from an organization under NCA ECC Compliance?
What is expected from an organization under NCA ECC Compliance?What is expected from an organization under NCA ECC Compliance?
What is expected from an organization under NCA ECC Compliance?
 
develop security policy
develop security policydevelop security policy
develop security policy
 
Information Security Benchmarking 2015
Information Security Benchmarking 2015Information Security Benchmarking 2015
Information Security Benchmarking 2015
 
Fadi Mutlak - Information security governance
Fadi Mutlak - Information security governanceFadi Mutlak - Information security governance
Fadi Mutlak - Information security governance
 
Simplifying Security for Cloud Adoption - Defining your game plan
Simplifying Security for Cloud Adoption - Defining your game planSimplifying Security for Cloud Adoption - Defining your game plan
Simplifying Security for Cloud Adoption - Defining your game plan
 
Information Systems Policy
Information Systems PolicyInformation Systems Policy
Information Systems Policy
 
Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...Simplifying the data privacy governance quagmire building automated privacy ...
Simplifying the data privacy governance quagmire building automated privacy ...
 
Enterprise Architecture and Information Security
Enterprise Architecture and Information SecurityEnterprise Architecture and Information Security
Enterprise Architecture and Information Security
 
ISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust FrameworkISO 27005 - Digital Trust Framework
ISO 27005 - Digital Trust Framework
 
Digital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threatsDigital IQ in managing risk and cyber threats
Digital IQ in managing risk and cyber threats
 
Business Continuity Management: How to get started
Business Continuity Management: How to get startedBusiness Continuity Management: How to get started
Business Continuity Management: How to get started
 
Information Security Intelligence
Information Security IntelligenceInformation Security Intelligence
Information Security Intelligence
 
Sec+ Organizational Security
Sec+ Organizational SecuritySec+ Organizational Security
Sec+ Organizational Security
 
Cissp notes
Cissp notesCissp notes
Cissp notes
 
How to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq HanayshaHow to write an IT security policy guide - Tareq Hanaysha
How to write an IT security policy guide - Tareq Hanaysha
 
Security services mind map
Security services mind mapSecurity services mind map
Security services mind map
 
Improving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity FrameworkImproving Cyber Readiness with the NIST Cybersecurity Framework
Improving Cyber Readiness with the NIST Cybersecurity Framework
 

Similaire à Kmicro Cybersecurity Offerings 2020

Cloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor RiskCloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor RiskHealth Catalyst
 
CompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptxCompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptxInfosectrain3
 
New Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsNew Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsSkoda Minotti
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management FrameworkJoseph Wynn
 
Strategic Insights on IT & Cyber Risk Assessments.pdf
Strategic Insights on IT & Cyber Risk Assessments.pdfStrategic Insights on IT & Cyber Risk Assessments.pdf
Strategic Insights on IT & Cyber Risk Assessments.pdflilabroughton259
 
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurCybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurAlan Yau Ti Dun
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'aFahmi Albaheth
 
Risk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection PowerpointRisk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection Powerpointrandalje86
 
The Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentThe Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentBradley Susser
 
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...cyberprosocial
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001PECB
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCPECB
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guideSergey Erohin
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guideSergey Erohin
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
EUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPEUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPScott Baron
 

Similaire à Kmicro Cybersecurity Offerings 2020 (20)

Cloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor RiskCloud Cybersecurity: Strategies for Managing Vendor Risk
Cloud Cybersecurity: Strategies for Managing Vendor Risk
 
CompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptxCompTIA CySA Domain 5 Compliance and Assessment.pptx
CompTIA CySA Domain 5 Compliance and Assessment.pptx
 
NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101 NIST Cybersecurity Framework 101
NIST Cybersecurity Framework 101
 
New Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law RequirementsNew Ohio Cybersecurity Law Requirements
New Ohio Cybersecurity Law Requirements
 
Implementing a Security Management Framework
Implementing a Security Management FrameworkImplementing a Security Management Framework
Implementing a Security Management Framework
 
Strategic Insights on IT & Cyber Risk Assessments.pdf
Strategic Insights on IT & Cyber Risk Assessments.pdfStrategic Insights on IT & Cyber Risk Assessments.pdf
Strategic Insights on IT & Cyber Risk Assessments.pdf
 
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala LumpurCybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
 
New technologies - Amer Haza'a
New technologies - Amer Haza'aNew technologies - Amer Haza'a
New technologies - Amer Haza'a
 
Risk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection PowerpointRisk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection Powerpoint
 
The Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentThe Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk Assessment
 
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
Mastering Cybersecurity Risk Management: Strategies to Safeguard Your Digital...
 
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
Implementing of a Cyber Security Program Framework from ISO 27032 to ISO 55001
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
ISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRCISO/IEC 27001 as a Starting Point for GRC
ISO/IEC 27001 as a Starting Point for GRC
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guide
 
The security risk management guide
The security risk management guideThe security risk management guide
The security risk management guide
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 
EUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIPEUCI Mapping Cybersecurity to CIP
EUCI Mapping Cybersecurity to CIP
 

Dernier

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Dernier (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

Kmicro Cybersecurity Offerings 2020

  • 2. Table of Contents Summary of Offerings .........................................................................................................3 Cyber Security Consultancy & Advisory Services ................................................................3 Compliance and Governance .................................................................................3 Business Continuity Planning (BCP)........................................................................6 Cybersecurity Assurance & Secure Infrastructure ..............................................................7 Azure/Office 365 Security ......................................................................................7 Data Protection Assessments.................................................................................7 Firewalls (UTMs, NGFWs, etc.)...............................................................................8 Network Intrusion Detection Systems & Host Intrusion Detection Systems.........8 Virtual Private Networks ........................................................................................8 Security Event Management (SIEM).......................................................................9 System Hardening ..................................................................................................9 Identity access management (IAM)........................................................................9 Wireless Security....................................................................................................9 User Security Awareness & Training ......................................................................9 Penetration Testing............................................................................................. 10 Managed Security Services............................................................................................... 11 Incident Response ............................................................................................... 11
  • 3. Summary of Offerings Kmicro partners with organizations to create and establish effective cybersecurity programs. From our state-of-the-art Security Operations Center (SOC), we help protect data, and critical IT infrastructure while ensuring compliance with industry and government regulations. With our expert security assessments that provide insight into weak points and compromises on your network. We support organizations to develop tailored security programs backed by on-call expertise and continuous monitoring. We work to attain visibility into our clients Cybersecurity programs and protection assurance controls across the entire attack surface including IT services, connected devices, assets in the cloud and through security focused third-party and vendor management. Security Solutions • Data Protection & Data Leakage Prevention (DLP) • Cybersecurity Framework & InfoSec Development • Vulnerability Scanning & Penetration Testing Cloud Security Assurance • Office 365 & Azure Security Benchmarking • Identity & Access Management • Secure Cloud Data Management Managed Security Services • Security Information & Event Management (SIEM) • Advanced Threat Protection • Mobile Device Management Governance & Compliance • Risk Analysis and Management (CIS/NIST/PCI/HIPAA/HITECH) • Compliance and Audit Preparedness • Incident & Privacy Breach Response Cyber Security Consultancy & Advisory Services The products and services to be included within KMicro’s Cybersecurity offering are described in greater detail below. Compliance and Governance Many organizations facing the current cybersecurity environment are overwhelmed by what we call the “Fog of More”—a constant stream of new information and problems. They are challenged by competing expert opinions, a noisy and fast-changing marketplace of potential solutions, and unclear or overwhelming regulatory and compliance requirements. KMicro works with clients to establish both CIS & NIST Cybersecurity Frameworks and Controls. The CIS Controls are a prioritized set of actions to defend against pervasive cyber threats and is the framework we propose to small to medium sized business to help establish Cybersecurity Program within their organization. The CIS Controls are developed by a global expert community
  • 4. based on their first-hand experience of the threat environment to identify the most high-value practices to secure networks. Their in-depth understanding of the current threat landscape drives the priority order and focus of the CIS Controls. Further, CIS routinely incorporates feedback from the user community and ensures the best practices are vendor-neutral. Trusted by security leaders in both the private and public sector, the CIS Controls: • Leverage the battle-tested expertise of the global IT community to defeat over 85% of common attacks that focuses on proven best practices, not on any one vendor’s solution • Offer the perfect on-ramp to execute compliance programs with mappings to PCI, NIST, ISO, and HIPAA Phased implementations helps ensure that organizations receive the most significant benefits by implementing the highest priority controls first. Cybersecurity Maturity Assessment KMicro will help define the fundamental parts of an organization’s Information Security program, develop better “security situational awareness,” and create a solid foundation for program development. • Assess Current Conditions - We perform a thorough evaluation of the current state of controls and gain an understanding of the organizational risk appetite and business objectives. • Analyze Gaps – Industry best practices will be compared to an organization’s current controls and changes will identified to build a relevant, actionable, and sustainable security program.
  • 5. Corporate Security Policy Developing a proper Information Security Policies for your organization is the first step in the development of a comprehensive security strategy. KMicro works with organizations to deal with all three parameters that are required for enabling a robust cybersecurity program including the people, the technology and processes. Information security policies have to address electronic business application security, enterprise security & business continuity, remote access & Internet Security, and infrastructure security management. Information Security Policy Development Depending on the requirements of the organization, there are requirements for varying policies, processes, and standards to be generated or updated. Each position paper will describe in detail the policies for a specific domain and if required, define the procedures for implementing those policies. Each defined policy could have the following subsections: policy number, name of the policy, description, audience, owner and any other related policy number. Information Security standards can be based on the various domains as defined by ISO27001, NIST or other established standards and frameworks. However, any additional domains can also be incorporated, if required. Some common domains that have its own policies in a corporate environment are • Information Security Planning Policy • Risk Management Policy • Information Security Awareness Policy • Communications & Outreach Policy • Performance Management Policy • Information Classification Policy • Asset Inventory Policy • Asset Categorization Policy • Physical and Environment Security Policy • Sanitization Policy • Equipment Movement Policy • Operating Procedures Policy • Separation of Duties Policy • Business Continuity Management Policy • Third Party Policy • Capacity Management • Anti-Virus Policy • Backup Policy • Interconnection Policy • Media Management Policy • Information Exchange Policy • Data Management Security • Security Monitoring and Logging • Monitoring Policy • Patch Management Policy • Identity and Access Management • User Access Management Policy • Password Policy • Lockout Policy • Roles & Responsibilities • Clear Desk Policy • Network Security Policy • Network DMZ Policy • Mobile Computing Policy • Information Security Analysis Policy • Data Validation Policy • Encryption Policy • Testing Policy • Source Code Library • Change Management Policy • System Acceptance Policy • Software Installation Policy • Vulnerability Scanning Policy • Incident Management Policy
  • 6. Risk Assessment Based on the Goals set out in the Corporate Security Policy, a Gap Analysis will be carried out in accordance with security standards and frameworks such ISO 27001, CIS & NIST Cybersecurity Frameworks. In order to perform an evaluation, KMicro has devised an approach that is both effective and efficient. In summary, our overall methodology consists of the following: 1. Understand the organization’s Business Objectives and Daily Operations Workflow 2. Design and Implement a Risk Management Framework (Strategic and Technical) 3. Devise a Risk Treatment Plan • Step 1 – Identify Threats and Vulnerabilities • Step 2 – Identify Existing Controls and Determine Likelihood • Step 3 – Determine Impact • Step 4 – Determine Risk Scoring Business Continuity Planning (BCP) With a methodology used to create a plan for how an organization will resume partially or completely interrupted critical function(s) within a predetermined time after a disaster or disruption, KMicro works with organizations to develop Business Continuity Plans. BCP may be a part of a larger organizational effort to reduce operational risk associated with poor information security controls, and thus has a number of overlaps with the practice of risk management. Business Continuity Management A complete BCM focuses on ensuring the expedient response, recovery and restoration of critical business processes due to unplanned business interruptions. A completed BCP cycle results in a formal printed manual available for reference before, during, and after disruptions have occurred. For such a comprehensive BCP, the term disaster can represent a natural disaster, man-made disaster, and disruptions. BCM Benefits Organizations which implement a robust business continuity management process will benefit from: • Increased resilience to key threats • Greater awareness of risk exposures • Ability to respond rapidly to minimize costly interruptions • A workable, accountable approach that can be reviewed • A marketing advantage with key customers • A process which can be part of corporate governance • An enhanced insurance profile
  • 7. Cybersecurity Assurance & Secure Infrastructure Architecture development is essential for secure and stable operational IT environments. With the emphasis on IT assets in most organizations today, proper design and development of secure infrastructure becomes a necessity. Our consultants enable the development of comprehensive design and implementation for various technologies used for security enhancement. Azure/Office 365 Security • Implement and manage identity and access • Implement and manage threat protection • Implement and manage information protection • Manage governance and compliance features in Office 365 • Enterprise Mobile Security Data Protection Assessments The assessment and development of a Data Protection Program (DPP) follows an incremental approach that builds on existing organizational structures, processes and controls and allow for adherence to regulations such as GDPR and CCPA. DPP projects will work to preserve existing sensitive data and data privacy efforts already undertaken by organizations and work towards implementation of a Data Protection Program (DPP) specifically to plan, that effectively manages data protection within the organization. As a practical approach, KMicro will review existing data protection and privacy arrangements and will provide an understanding of the current state of controls, and a roadmap for what needs to be completed to ensure that the sensitive data and privacy of information is appropriately stewarded and preserved. KMicro will conduct a current state assessment of normal business processes, data flow and data content analysis that includes: 1. Review Data Classification policy including categories, description, integration with normal business processes. 2. Review current technology in place for data visibility and controls (data loss, encryption, classification, etc.). 3. Review current data classification & protection roles and supporting functions across IT Security, Compliance, Privacy. 4. Review a subset of specific data protection requirements from key business units. 5. Review current areas of data lifecycle: storage, data in motion, and data handling across the organizations IT infrastructure; Network review of egress points, endpoint environment (USB, web uploads, etc.), data at rest (Network shares/internal collaboration sites, SharePoint, etc.), and cloud and off-prem services/applications. 6. Analyze current processes in place that address data classification; Employee communication and awareness, enabling employees and data owners to manage data protections, and escalation processes.
  • 8. 7. Review current data protection roles and supporting functions across IT Security, Compliance, Privacy, and Investigations/Incident response teams. 8. Review and identify types of data, regulatory controls that may be mandated upon Client, data ownership, business processes dependencies (GDPR, PII, PHI/HIPPA, CCPA). 9. Conduct business process mapping and strategy sessions with key Lines of Business, Compliance, and Information Security teams to define and prioritize data protection requirements. 10. Conduct DLP Workshop Sessions to discuss Data Protection Impact Analysis that includes regulatory policy requirements with HR, Legal, Finance, and additional key business units for HIPAA, CCPA, GDPR. 11. Review current incident response functions within the organization and determine workflow for DLP and data privacy incident management & escalation. Firewalls (UTMs, NGFWs, etc.) Firewall is the principal tool for keeping unwanted intruders out of a specific network. A firewall usually sits between a trusted network, such as the Corporate LAN, and untrusted network, such as the Internet. Its main role is to restrict the traffic going into the trusted network while only allowing authorized traffic to go out to the untrusted network. This same device can also be used to protect more secure areas of the Intranet from the less secure areas. In addition, in today’s day of business-to-business communication, it can also be used at the perimeter to protect the Corporate Infrastructure from traffic originating from business partners. Network Intrusion Detection Systems & Host Intrusion Detection Systems Intrusion Detection is essential for Monitoring of the Corporate Infrastructure. After the completion of the design and then implementation of the security solution, there is a need to verify whether the solution is secure enough. Intrusion Detection is the technique to continuously monitor all the traffic coming into a specific network and/or the hosts systems to detect any malicious or harmful traffic. Upon detection, the intrusion detection system will generate an alert for the relevant security administrator. In addition, the IDS can also take specific action such as blocking the source of the harmful traffic. Virtual Private Networks A Virtual Private Network (VPN) is a private tunnel in the public network for connectivity between various corporate entities i.e. having corporate or private data passing through the Internet via a secure pipe. This is in comparison with the earlier model where point-to-point connectivity was used for corporate connectivity and connection to the public network was only allowed for Internet related activities. VPNs are playing a vital role in today’s connected infrastructure. They have led to significant cost savings and provide anytime anywhere connectivity for mobile users. However, security is one of the biggest concerns for such connectivity as the traffic passing through the VPN can contain critical corporate data such as payrolls or financial transactions.
  • 9. Security Event Management (SIEM) The number of events from different security devices that need to be monitored and managed by a limited number of individuals in any operational environment has multiplied exponentially. These include syslogs from firewalls, alerts from IDS, logs from critical systems and networking equipment, all need to be monitored, especially during a security incident. Security Event Management tools enable normalization and correlation of all these events, which implies that a single console is used to monitor all these devices. This leads to less operational overhead and less false positives. System Hardening To ensure comprehensive end-to-end security, Operating Systems running critical services need to be properly hardened. This is done by applying the latest patches, turning off services that are not required and using products such as tripwire to ensure integrity of the data on the system. In addition, technologies such as SSH and SSL can be utilized for further enhancing the security of the systems. KMicro is a CIS SecureSuite Services Member https://www.cisecurity.org/partners-services/. CIS SecureSuite Membership provides KMicro access to multiple cybersecurity resources including our CIS-CAT Pro configuration assessment tool, build content, full-format CIS Benchmarks™, and more. Start secure and stay secure with integrated cybersecurity tools and best practice guidance for over 150 technologies. Identity access management (IAM) Identity Management has become one of the critical factors for many organizations providing remote access to its employees, partners and customers. By the combination of various methodologies, such as authentication, access control and user policies, a comprehensive Identity Management solution can be provided. Wireless Security With the proliferation of wireless networks in business environments, security has become of paramount importance. Many wireless networks deployed have little or no security and these networks with inherent vulnerabilities can easily be exploited to get access to core corporate systems. User Security Awareness & Training One of the best ways to decrease the security threat of any organization is to make its employees security aware. These are the people who would suffer the most from any security incident and these are the people who can make the organization’s security program successful through proper compliance. In Information Security, as in anything else in the world, awareness of a danger is the first step towards taking the necessary precautions. By enabling a step-by-step security awareness program, the management of the organization can significantly reduce the threat profile for the critical assets as well as the non-critical assets. • Security for Senior Management • Security Awareness Campaign for General Users • Security Awareness Quiz
  • 10. Penetration Testing Whether internal or external, Network Penetration Testing is executed in four phases, with the goal of exploiting discovered vulnerabilities. Performing regular penetration tests will reveal emerging vulnerabilities against newly discovered threats. • Identify unknown flaws or vulnerabilities that can result in a breach or disclosure • Discover vulnerabilities that traditional control-based testing methodologies can potentially miss • Validate, understand, and prepare for known risks to your organization • Update and maintain regulatory or compliance controls • Avoid costly downtime as a result of a security breach • Develop a roadmap to remediate vulnerabilities and address risk • Manage risk on an ongoing basis, as you make changes to your business or network Penetration tests are offered in the following areas: • Web Applications • Network and infrastructure • Inside testing • Exterior testing • Wireless • Social Engineering • Phishing (Email setup) Other Information Security Assurance Offerings • Web content filtering • Endpoint protection Anti-Malware, • Anti-spam • Vulnerability scanning • Patch management • Data loss prevention (DLP) • Privileged access management (PAM) • Solution/tool research and requisition • Solution implementation • Management of security systems
  • 11. Managed Security Services Managed Security Services (MSS) is defined as "the remote management or monitoring of IT security functions delivered via remote Security Operations Centers (SOCs), not through personnel on-site." Therefore, Managed Security Services do not include staff augmentation or any consulting or development and integration services. Managed Security Services include: • Monitored or managed firewalls or intrusion prevention systems (IPS) • Monitoring or managed intrusion detection systems (IDS) • Managed secure messaging gateways • Managed secure Web gateways • Managed endpoint protection • Security information & event management (SIEM) • Managed vulnerability scanning of networks, servers, databases or applications • Security vulnerability or threat notification services • Log management and analysis • Reporting associated with monitored/managed devices and incident response Incident Response Incident Handling Incident Response is the methodology used to handle an event that interrupts normal operating procedure in an Information Technology environment. These events can be anything from a Denial of Service (DoS) attack, a malicious intrusion or any other activity that is not authorized. However, every incident is characterized by intense pressure and constraints on time and resources. Therefore, there is a need to develop a formal strategy to provide a framework for handling of these incidents. • Incident Handling Policy • Computer Security Incident Response Team (CSIRT) • Incident Handling Procedures • Business Continuity Planning & Disaster Recovery Planning