Eye on Security

CISO Partner

Have you established a safe computing environment? No enterprise network is free from threats, whether external or from within. The network includes servers, computers for staff, devices (within your network), software prevalent within your enterprise, access controls, and physical access to your enterprise.

The best posture comes from a strong defense: 1) have visibility of your network, 2) users are trained for cybersecurity awareness, 3) know what’s coming at you, 4) know when something happens, 5) who/what it happened to, 6) isolate/remediate, 7) recover and install countermeasures, 8) monitor for repeat offenders. Experience, academics, maturity, an ITIL framework, and keeping organized, delivers reliable enterprise security performance.

Block threats from exiting, permeating through, or re-entering your network; respond as quickly as the severity of the threat dictates with an incident response plan that includes the resources you have to contain the problem promptly; track threat incidents to your enterprise with a database to identify trends and respond better to repeat attacks.

CISO Partner Services

Down Arrow

  5 Pillars Information Security Governance
1. Governance Assess how IS governance policies protect enterprise
2. Risk Mgt & Compliance Risk Assessment, Security Audit, Risk Posture, Outline to shore-up gaps
3. Architecture & Implementation IS Program Architecture (e.g. policies, procedures, appliances, GPO, end-point assurance)
4. Program Mgt & Development Manage IS program, sharpen performance by maturing competencies, capabilities, delivery
5. Incident Response & Business Continuity Mgt Policies enforced, testing, procedures and activities adhered to; metrics track actions to maintain / improve

CSO’s Office

(Chief Security Officer)

 

IS Mgt Program (ISMP) governance, identify/manage risks to WAN, plan/establish/write policies, create employee awareness programs, prepare business cases to justify need for tools that monitor and defend WAN, develop the IR, DR and BC plans, conduct kaizen to improve delivery of ISMP.
ISM’s role

(Information Security Mgr)

 

Carry out CSO’s plans: recruiting, deploy policies, procedures, campaigns, tools, network monitoring, threat identification, containment, follow-up, compliance enforcement, performance metrics for kaizen.

My Reliable Business Process Strategic Planning  > Business case for initiatives  > Solve IT governance goals with certified technical knowledge  >
Apply 5 Core ITILv3 processes  > Project Management framework to realize deliverables  > Manage Program, Monitor Performance  > Apply PDCA for current and relevant performance

CISO Partner offers consulting, project management and staff augmentation services to organizations and hospitality providers that operate within the tri-state region (beginning at 30 nodes, from Philadelphia to Stamford) and for select projects across the continental US; expect depth-of-bench expertise from CISO Partner through our referral partners.  (Serving for-profit business, finance, retail, private education, health care and biotech verticals.) The minimum project is a 4 month contract (from 30 nodes), is scalable for project scope and size, and includes:

  • Assess your security status, present a strategic and tactical plan to execute from within 15 days of project start;
  • Provide an interactive cloud-based IT ticketing system to track incidents, alerts and run management reports
  • Execute plans from 90 days of project start;
  • Prepare a handoff to your staff or arrange a management agreement with us, completed within 15 days of project close.

Twelve (12) Essential Services Facilitate A Small Threat Surface

1 Analyze &   Assess Take inventory of assets, data, files

Categorize assets, data,files from most > least critical

2 Risk Mgt Assess risks to enterprise, prioritize risks, ID controls to mitigate to residual risk for management

Assign Server Admin (SA) to remediate scan results

3 Visibility Tool(s) give visibility of WAN to warn of impending events and IoC”s
4 Engineering Collaborate with network engineers to tune security appliances for desired visibility and blocking

Setup defense tools to protect movement of data and files, ensuring confidentiality and integrity

5 IRP Deploy approved procedure documents for response types, 24x7x365
6 Threat Analysis Identify incidents by exploit type and source

Recommend procedures to contain promptly

Collect / share threat intelligence from / with private & government portals regularly

7 Ticketing Identify and setup web-based ticketing system to document and track information security incidents
8 Containment IRP includes procedures to contain attacks; first responders are drilled / approved to respond
9 Response Logistics system to transport victimized devices for root cause analysis; document findings

Identify needs for additional controls or countermeasures to avoid re-occurrence

10 Remediate Device is cleaned / redeployed, or approved to decommission / retire
11 Reporting Weekly reports of activity express status of threat surface
12 Performance Setup automated, robust reporting

Performance of visibility and defense tools are extracted automatically into formatted reports

Strategic, Tactical and Operating Plans are tuned to realize small threat surface of WAN

Contact me today for a free 45 minute consultation in your office. Click Request a Consultation, at the base of this page, enter CISO Partner in subject line, fill in your email signature in message body, send.  I reply within 24 hours to schedule the consultation.

Versed with:

UTM – Unified Threat Management, Trustwave SWG McAfee UTM MalwareBytes, Eset UTM
Endpoint defense Software firewall BlueCoat K9 Browser
NIDS, NIPS / HIPS, Cisco Appliances, NextGen SECaaS provides formidable shield of safety around current network and resources (prem or cloud) Sandbox behavior detection Signature detection
Identity Access Management (IAM) + Priv Acct Mgt IBM Proventia NIDS / NIPS SIEM, Symantec MSS, FireEye, AlienVault, Rapid 7 InsightIDR
Defend mobile devices with Mobile Device Management (MDM) Triumfant IoC service Patch Management
Lumension & Patchlink Vulnerability Scans / PCI Compliance Assessor/ Scans; Qualys, Rapid 7 NexPose Protect your Credit/Debit Cards with SignalVault

(Affiliate Partner)

Referral Agent: Local information security management from NYC based PerimeterWatch. Global: Cygilant, Simnet, ConvergeOne; AlienVault (small -mid-tier), versed with Rapid 7 (mid-tier to large-cap)
Business Partners:

Trustwave_logo_RGB_150dpiCygilant AVSimNet