Effective Cyber Security Monitoring & Compliance

by Ricardo ResnikMultiPoint Ltd.April 2014

Your Challenges• Threat identifycation?• Data Breach detection?• 24x7 Security Monitoring?• Compliance?

Threat Landscape• Advanced Persistent Threats target

every industry• Companies of all sizes are at risk• Attacks compromise valuable trade

secrets, financial & customer data

• Near impossible to discover without a finger on the pulse• 66% of breaches take months or

more to discover

Source: Verizon DBIR 2013

“ [This] isn't the first company to be breached after getting a clean bill of health for PCI compliance, and it won't be the last.”

Bank Info Security, February 2013

“Top three recent [healthcare] data breaches affected about 1.3 million people”

Health IT Security, July 2013

“A data breach investigations report from Verizon, released Tuesday, showed that small businesses continue to be the most victimized of all companies.”

CNN, April 2013

What is an effective security program?

• A set of processes and best practices developed and implemented– Based on industry standards

Process

Technology

• Immediate and comprehensive visibility into the “Threat”– Remove silos and connect the dots

People

• Trained, experienced Information Security professionals– Must be operational 24 x7

What EiQ’s SOCVue Delivers:

• SANS Critical Security Controls Automation– Continuously analyze your IT environment against Security best

practices– Identify weak Links in your security postureProcess

Technology

• EiQ SecureVue– Log Management & Security Monitoring– Correlation & Forensic Analysis – Compliance Reporting– Asset Discovery

People

• EiQ SOCVue Service– Certified Security & Product engineers – 24x7 Monitoring– Alert Notification and Remediation Guidance – On-Demand Investigation – Daily/Monthly Reporting

The Value of EiQ SOCVue

Timely Notification of

Security Incidents& Remediation

Guidance

Malware Attacks IP Spoofing Excessive traffic Unapproved traffic Behavior anomaly Policy violation Failed event

collection

Ongoing Critical Security Control

Assessment

No unknown assets No unapproved

software/ports/protocols Anti-malware in place Vulnerabilities are

addressed Proper logging in place

Security & Compliance

Reporting & On-Demand

Investigations

PCI HIPAA GLBA NIST

On-Demand Investigations

EiQ SOCVue®• A subscription based service that enables EiQ Security Analysts to

remotely manage the on-premise SecureVue® implementation. EiQ Security Analysts• EiQ SOC Team consists of security analysts who are certified

security & product engineers. • This team will continuously monitor and notify you of potential

issues.

The SOCVue Experience

7

• Service Includes– Events of Interest Monitoring & Incident Management– Daily Reporting– Daily Solution Health Snapshot– Monthly Summary Reporting of Security Concerns– Monthly Solution Health Review– Up to 2 Investigation Requests per Month– One-on-One Review Session Once a Month

Service Offering – Core Service Features

8

Summary

• We address all your challenges• Next Steps

– SOCVue Evaluation– Trial Date