cyber security needs and challenges
TRANSCRIPT
Happiest Minds
Cyber Security Services
Cyber Security Need and Challenges
88 percent of Fortune 500 companies have employees infected
with Zeus
-RSA Research0
Signature Based Technologies alone are not sufficient
Attacks are getting more focused and Advanced
Too many Point solutions working in Silos
Human factors can never be taken out of equation
Limited Intelligence sharing and intelligence utilization
Lack of real situation awareness, False Sense of Security
Constantly emerging new technologies <-> threat vectors
Botnets APTs
IDS/IPS AV Proxies SIEM
Awareness Social Eng.. Malicious Intent
Network Host Identity Data
Cloud Mobility
Zero Day Vuln. Attackers Patterns
Misconfiguration Metrics & KPI
Social
So
do
es
RS
A, S
on
y, TJMax….
Policies, Regulations (Acceptable Use, Risk mgmt)
Identity Management( Access, Role, Pwd)
Data Security(Encryption, DLP)
Applications/Databases(Security testing, WAF)
End Point Controls( Anti-Virus, FIM)
Network Security ( F/W, IDS/IPS, Proxy)
Physical Controls(Access, Cameras, locks)
Existing Security Controls and Evolving Threats
3
Today’s Enterprise Security LandscapeThreats & Multiple Point Solutions
ProcessVendor Security
Assessment
Security Policy
Management
Control
Automation
Risk
Management
Training &
Communication
Compliance
AdherenceMobile business
People
Privileged User
Password
Management
Roles &
Entitlements
User Access
Management /
Monitoring
Access
Reviews &
Attestations
Federation &
SSOIdentity Theft
Threat –
Insiders &
Outsiders
DataData Loss
Prevention
Information
Exchange (IRM)
Content
Security
End Point
Protection
Data Protection
Directives
Data Loss -
Social
Networking
Sensitive Data
Vaulting
Infrastructure
Host Intrusion
Detection and
Prevention
Network &
Perimeter
Security
Data Loss
Prevention
Intrusions
(viruses,
worms)
Production / Non
production Data
Masking
Security
Monitoring
Cyber threats /
warfare/APT’s
Cyber
Analytics
ApplicationsSecure Design
Review
Security Source
Code
Consulting
Pre Dev
Security
Assessment
Threat &
Vulnerability
Management
Malware
Re engineering
Application
Vulnerability
Testing
Security
Assurance
Secure SDLC
Training
Platforms /
Systems
Security Patch
Management
Antivirus/Anti-
Malware
Management
Endpoint
Security
Data Loss
PreventionEncryption
Professional
cybercrime
Malware
Engineering
EUC, Mobility &
Cloud
Communication
Interception
Network
Security
Antivirus/Anti-
Malware
Management
MDM / device
Loss and Theft
Application
Security
Assurance
SIP
Vulnerabilities
protection
Penetration &
Vulnerability
Testing
IP phone & PBX
protection
4
• Risk driven: To ensure
continuous awareness and
mitigation of existing and
emerging threats, risks
• Holistic: To cover all the layers
including infrastructure,
applications, data and users and
architectures
• Adaptable: To address new
business models and enables
emerging technology adoption
• Efficient: To support business
dynamics and maximize return
on investment
• IAM – Provisioning, federation,
access governance, Access
Mgmt, eSSO, MFA
• Data – Encryption, DLP, IRM,
Obfuscation, tokenization, File
protection
• Application – Code/design
review, penetration testing
• Network – APT, Anomalies,
Application level awareness,
complete visibility
• GRC – Risk Assessment,
Metrics & Reporting,
Compliance automation
• End Points – Heuristics,
Anomalies, Application controls
CHARACTERISTICS TECHNOLOGY ENABLERS
Need for Cyber Security- Integrated and Pervasive Security
Network
Servers/Endpoint
Applications
Data
Users
Governance, Risk, Compliance
Off P
remise
Any Device
Any Time
Any Where
On
Prem
ise
5
CIA
Happiest Minds Security service offeringsConsulting, Implementation and Management
6
Cyber and Infrastructure SecuritySolution and Service Portfolio
Assessment
Services
Transformation
Services
Managed Services
Host and End Point Security
Advanced Malware Protection
Datacenter and Perimeter Security
Security Monitoring Services
(SIEM and SOC)
Security Device Management Services
Proactive Network Risk Assessment Network Threat Modeling
Cloud and Virtualization Security
Vulnerability Management
Firewall Auditing
Configuration Management
Network APT Protection
Network Access Control
File Integrity Monitoring
Application Control
Next Gen F/W, IDS/IPS
VDI Security
Virtual Server Protection
Cloud Security Monitoring
SIEM Health Check
SOC Assessment
SIEM/SOC Setup
Next Gen SOC Setup
SOC Management/Monitoring
Cyber Vigil platform
24/7 Security Management and Operations
Network Forensics ServicesMalware Defense Strategy
Device Management
Mobility Security Strategy
7
Monitoring
• Monitor the Health and Availability of Security Devices
• Notifications and incident creation based on SOP
Manage
• Technology Management and basic provisioning
• Deployment enhancements
SOP based Services
• Standard Operating Procedure driven Incident management, trouble shooting
• Operational Reporting
Level 1
Maintain
• Remediation Support
• Performance and Capacity analysis
• Minor Upgrades
Troubleshoot
• Escalated incidents from Level 1
• Investigate repeat incidents
• Participate in Root Cause Analysis
Configure
• Policy Changes
• Configuration Audit
• Coordination for change management
Level 2
Manage
• Investigation and advanced troubleshooting
• Upgrades and RCAs
• Vendor / OEM coordination
Service Improvement
• Review the Trends and problems
• Build Service improve plans and enhance KPIS
• Service Reporting
Change
• Change Approval
• Technology review and Enhancements
• Automation
Level 3
Firewalls IDS/IPS AV/FIM/HIDS Proxy/Web Filtering Vulnerability Mgmt Risk Mgmt
Wireless Malware Protection Email Security Web applicationsDatabase Activity
MonitoringLM/SIEM
Managed Security-Service Delivery
8
Reactive Response
Proactive Defense • Threat and Risk Assessment
• Know your critical Assets
• Know your high risk Users
• Threat intelligence gathering
Historical Analysis
Real time and Predictive • Early Detection and response
• Attack Modeling and simulations
Signature basedBehavior Based • Baseline and deviation tracking
• Whitelist and track exceptions
• Advanced Analytics and Heuristics
• Anomaly detection technologies
Infrastructure contextBusiness Context • Address business needs
• Business Apps context
Alert AnalysisAlert + Data Analytics • Hidden intelligence from Noise
• Advanced Reporting and visualization
Targeted attacks are penetrating
standard levels of security
controls, and causing significant
business damage to enterprises
that do not evolve their security
controls,”
- Gartner.
Our Approach-Next Gen SecurityDefending against advanced Threats
9
Thank You