intelligent security for regulated industries...managed cybersecurity services intelligent security...
TRANSCRIPT
Managed Cybersecurity ServicesIntelligent Security for Regulated Industries
Intelligent Security for Regulated Industries | www.mycloudstar.com | PH 800.340.5780
• No Security Monitoring Tools • No Security Operations Center - SOC • No Incident Response Plan
of small financial services organizations have not implemented defense mechanisms95%
Furthermore…
65% of those companies would not be able to recover their mission-critical data if was maliciously destroyed.
Why would my Business be at Risk?
85% of targets of opportunity are small businesses
78% of intrusions are rated as low difficulty
75% of employees leave their computers unsecured
75% of breaches are driven by financial motives
- Hartford Financial Group
- National Cybersecurity Alliance
- National Cybersecurity Alliance
-- Cisco
Why such a grim picture?
The GovernanceLack of ownership and accountability
The Skill setsIT not focused or trained to meet todays threats
The CultureNot security focused
Companies Lack…
i
So what are you Actually Protecting?
PII – Personally Identifiable Information at Risk
Social Security Numbers
Credit Card Numbers
Medical Records
Corporate and Customer Information at Risk
Confidential Company Data
Banking and Trade Data
Vendor and Customer Data
How do I address Security?It’s so Complicated…
Network Security is a lot like Basic Home Security
Alarm System with 24/7 Monitoring
You must keep the doors and windows closed and Locked
Security Cameras to protect the perimeter
You need to protect all Entry Points and know when someone gets in!
Add Alarm System with 24/7 Monitoring
Keep the Doors and Windows closed and Locked
Add Security Cameras to protect the perimeter
Start with securing the Front Door
Add Security Cameras to protect the perimeter
Front Door “Presumed” Secure if..• Proper Rules and Policies are
setup and in place• Firmware is up to date• Log Files are being collected,
archived and reviewed
Modern Firewall or UTM Appliance
Add..
Secure all the Windows and Back Doors
Windows “Presumed” Secure if..• ALL Vital Services are in place• Software Patches and are up to date• ALL Devices have End-Point Protection• 100% of Network Attached Devices
are included• Password and Security Policies are in
place and Enforced• You can Report on it ALL
Keep the Doors and Windows closed and Locked
Software Patch Management
Antivirus / Malware Protection
Active Directory / Group Policy Management
Security Policies Firewall Analysis and Reporting
Add..
Detect when someone gets in… And take Action!
Add..
Add Alarm System with 24/7 Monitoring
Security Information & Event Management (SIEM) Platform Security Operations Center (SOC)
“Presumed” Useful if..• Complex Security Rules are setup
and in place• Log Files of Critical Infrastructure
are being collected, archived and reviewed in Real time by Security Experts
• Reporting is in Place• Security Event Response and
Remediation Services are in Place
Managed Cybersecurity Services Overview
Intelligent Security for Regulated Industries | www.mycloudstar.com | PH 800.340.5780
Our Comprehensive Security Stack
Managed Security Monitoring
Security Information & Event Management (SIEM) Platform
Security Operations Center (SOC)
Managed Security Services
Analysis, Management and Reporting
Software Patch
Analysis, Management and Reporting
Antivirus / Malware
Active Directory / Group PolicyAnalysis and Reporting
FirewallAnalysis, Management and Reporting
Security PolicyAnalysis, Development and Reporting
External Vulnerability Testing
Analysis and Reporting
Specifically designed to meet regulatory requirements for cybersecurity monitoring with PCI,SOX, ISO270001, HIPAA, GLBA, and other compliance mandates
Monitoring Only the Firewall Leaves a Black Hole
SIEM+SOC Solutions Look Beyond the Firewall
SIEM ingests and analyzes data from all critical devices
• Servers• Storage• Routers• Switches• Firewalls• UTM devices• WAPs• Only Method of Comprehensive
Cybersecurity Monitoring
Some SIEM Monitoring & Alerting Examples
• Unusual file transfer outside of home country• User account logged in from 2 different locations• Router configuration changed, but not saved• Admin user added to firewall or Active Directory• User logged in via VPN in violation of policy• Rogue Wireless Access Point• Server sending emails, but not an email server• Use of unsecure protocol (i.e. FTP)
Cloudstar SIEMSecurity Information & Event Management Platform as a Service
Managed Security Information & Event Management (SIEM) Platform• Fully Hosted, Redundant, and Managed
SIEM Platform• In-depth database security, availability and
anomalous activity monitoring• Real-time and historical threat cross-
correlation• Event log and network flow data
consolidation
Your Security Experts• Security Expert Review
and Analysis• Human intervention and
Escalation• Compliance Review and
Reporting • Incident Response• Remediates Issues
Managed Onsite Data Collector • Collect, Compress, Encrypt and
Transmit Log File Data
Cloudstar SIEM / SOCSecurity Information & Event Management Platform and Security Operations Center as a Service
Security Information & Event Management (SIEM) Platform• Fully Hosted, Redundant, and Managed
SIEM Platform• In-depth database security, availability and
anomalous activity monitoring• Real-time and historical threat cross-
correlation• Event log and network flow data
consolidation• Compliance and standards-based reports
Managed Onsite Data Collector • Collect, Compress, Encrypt
and Transmit Log File Data
24/7x365 Security Operations CenterItems Reviewed by Security Analysts:• Individual reports manually and escalate
anything suspicious or inaccurate information• SIEM system and collector health, verifying
proper operation and that events are correctly flowing from each device.
• All automated Notifications to confirm they were triggered, sent, and delivered
• All High, Medium, and Low Incidents to ensure proper categorization, look for suspicious trends, and determine if any Medium or Low Incidents should be escalated.
• Reviews performed once per day, 7 days per week, 365 days per year
• Incident Response Support
Your IT Department• Reviews Reports• Responds to incidents
Cloudstar Managed Security ServicesManaged Security Services and Reporting as a Service
• Fully Managed Services• Monthly Security Services
Reporting• Executive Level Review • Technical Detail• Month-Over-Month Performance
Analysis, Management and Reporting
Software Patch
Analysis, Management and Reporting
Antivirus / Malware
Active Directory / Group PolicyAnalysis and Reporting
FirewallAnalysis, Management and Reporting
Security PolicyAnalysis, Development and Reporting
External Vulnerability Testing
Analysis and Reporting
Monthly Analysis and Reporting
Firewall Analysis and Reporting
Antivirus / Malware Analysis
Software Patch Analysis
Security Policy Analysis
Performance and Capacity Analysis
Data Backup and Recovery Analysis (Optional)
Active Directory / Group Policy Analysis
External Vulnerability Testing
Cloudstar Cyber InsightsSecurity Reporting as a Service
• Monthly Security Services Reporting
• Executive Level Review • Technical Detail• Month-Over-Month Performance• Actionable Recommendations
Intelligent Security for Regulated Industries | www.mycloudstar.com | PH 800.540.1039
THE LEADER IN TECHNOLOGY SERVICES FOR REGULATED INDUSTRIES