si infosecmiddleeastlr0516

Security | Engineering | Technology

INFORMATION SECURITY MANAGED SECURITY SERVICES

PROFESSIONAL SECURITY SERVICESCOMPLIANCE CONSULTING

CONTENTS

Solutions & Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Managed Security Services . . . . . . . . . . . . . . . . . . . . . . . . . 2

Managed Firewall & Managed SIEM . . . . . . . . . . . . . . . . . 4

SOC-in-a-Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Assisted SOC Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Customer dashboards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

White Labeled Managed Services . . . . . . . . . . . . . . . . . .12

Advanced Threat Protection and Malware Detection . .14

Managed Honeypot Active Defense . . . . . . . . . . . . . . . .16

Managed SCADA Security . . . . . . . . . . . . . . . . . . . . . . . . .17

Continuous Threat Defense Service

Machine Learnt Behavioural Anomalytics . . . . . . . . . . . .18

Benefits of Engaging an MSS Provider . . . . . . . . . . . . . .20

Si CSIRT Teams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22

Professional Security Services . . . . . . . . . . . . . . . . . . . . . .24

Vulnerability Assessments . . . . . . . . . . . . . . . . . . . . . . . . .26

Penetration Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

Web Application Security Testing . . . . . . . . . . . . . . . . . . .28

Network Risk Assessments . . . . . . . . . . . . . . . . . . . . . . . . .29

Firewall Migration Services . . . . . . . . . . . . . . . . . . . . . . . .30

Network Architecture Review . . . . . . . . . . . . . . . . . . . . . . 31

BYOD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32

Compliance Consulting . . . . . . . . . . . . . . . . . . . . . . . . . . .34

ISMS - ISO 27001 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36

BCP & Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37

PCI Compliance & PCIS . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

Compliance & Security Skills Training . . . . . . . . . . . . . . .39

Contact Us . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40

OBJECTIVE

Born out of a common vision... “we deliver to our clients the very best security services by using innovation, professionalism and our depth of expertise.“

We deliver on our promise to enhance our clients’ information security posture, lower their total cost of ownership and

demonstrate compliance through our managed security and professional services, day in, day out 24 x 7.

Managed Services• Managed IDS & IPS

• Firewall management

• Managed application firewall

• Log monitoring

• Log retention

• SIEM as a service

• CSIRT (Computer Security Incident Response)

Professional Services• Vulnerability management & testing

• Penetration testing

• Web application security

• Network risk assessment

• Device configuration & mitigation reviews

• Cyber forensics

• BYOD

Compliance• PCI consulting

• PCI scanning

• ISO 27001

• Polices & procedures

• ITIL readiness & training

• Business continuity planning

ABOuT uS

Si is driven by a desire to offer our clients the highest degree of protection against todays cyber threats . We do this by delivering

the most customizable approach to security managed services available and by providing a highly tailored and responsive

approach for each client . We protect all IT assets including virtual assets, cloud and traditional infrastructure using our team of

over 150 dedicated security experts from our Security Operations Centres in London, New York, Dubai and Mumbai .

Established in 2003 with over a decade in Security and Cyber Security consulting and management services, our objective is

to place the power of our SOC team into our clients’ hands to provide complete visibility of security events and threats within

their environments . Our aim is to become an extension of our clients’ internal teams as a trusted partner .

Why us?• Dedicated security specialist

• Global SOC’s across 4 continents

• Powered by industry best technology

• Powered by industry experts and analysts

Solutions & Services

Si provides Managed Security and Professional Security Consulting services to thousands of end customers . Our delivery

model utilizes a cloud based information security and compliance solution, which requires no capital expenditure from our

clients and is accessible via a secure and innovative customer platform .

“Establish a monitoring strategy and develop supporting policies,

taking into account previous security incidents and attacks, and

your organisation’s incident management policies. Continuously

monitor inbound and outbound network traffic to identify unusual

activity or trends that could indicate attacks and the compromise

of data”

Extract from the “10 Steps to Cyber Security”, CESG information security arm of GCHQ

We provide the following Managed Security Services: • Design of security operations centres (SOCs)

• Onsite operation of our clients’ SOCs

• White labeled MSSP solutions

• A cloud based managed firewall + SIEM service

• On demand Security Incident Response Teams (SIRT)

Si enhances the operational efficiency of our clients’ information systems with our Managed Security Services . By optimizing

IT asset utilization, risk management and compliance we improve uptime and availability .

We design, build and operate security operation centres either onsite at our customers’ locations or in the cloud through our

network of security operation centres .

We have built and we operate security operation centres across London, New York, Dubai and Mumbai . This gives us a

proactive 360o view of global threats .

We are dedicated to serving a range of customers across

verticals such as financial services, telecoms, retail and

healthcare with 80% of our global clients comprising

blue-chip Fortune 500 and Government organisations .

Services Description

Managed Firewall24x7 monitoring and managing of customers security devices (FW, IPS, UTM, WAF and more)

Managed SIEM24x7 monitoring of customer assets and event correlation (network, servers, apps, databases, FW, IPS)

Advanced Threat Protection and Malware Detection Supply & management of advance next generation FW’s, IPS’s and malware detection probes with advanced correlation

Managed SCADA Security Supply and management of SCADA firewalls for critical infra, oil & gas

Advanced Threat Management Supply and correlation of commercial threat feeds (e .g Norse) .

Managed Vulnerability Management Vulnerability Management

Honeypot Active DefenseActive defense utilising honeypot infrastructure correlated with SIEM for proactive management

Managed Web Application FirewallSupply & management of web application firewalls utilising Citrix Netscaler for defense of web environments

Continuous Threat DefenseAdvanced behaviour analysis using cyberflow anormalytics to detect malicious activity

SOC-in-a-Box + 24X7 MonitoringSupply & management of SOC infrastructure onto a customer site including the 24 x 7 monitoring of all event sources

SOC Staffing Outsource - OnsiteOnsite provision of staffing to monitor, administer and manage customer deployed and owned SOC infrastructure and event sources

SOC Staffing Outsource - OffsiteOffsite provision of staffing to monitor customer deployed and owned SOC infrastructure and event sources

INFORMATION SECURITY | CAPABILITY STATEMENT | 5

MAnAgED FIrEWAll & MAnAgED SIEM

Managing and monitoring security devices is a highly skilled operation that can be a time consuming and resource intensive

process . Our managed security services allow our clients to focus on their core business while we concentrate on providing

secured networks and systems .

The service we offer is 24x7 and is scalable, compliant and cost effective. This service is designed for banking, government and

enterprise clients that wish to outsource SIEM services against strict SLA’s and compliance requirements .

With over 20,000 devices under management, our cloud based service is secured across our redundant global SOCs and offers

a resilient and dependable service .

Summary Features

MANAGED FIREWALL & MANAGED SIEM

24 X 7 Security Monitoring In Country Log Retention Real Time Incident ResponseAdvanced Event Correlation

Event Storage For Forensic Analysis

ISO 270001, SANS 20 Compliance Reports

15 Minute SLA Response Time

SIEM Powered By LogRhythm

Web Based Customer Dashboards

Policy & Signature Configuration Changes

Weekly Reports Performance, Availability & Threat Management

What do we manage?

Servers & System OS, Applications & Databases

Core Network Equipment Network Security Equipment

Security Managed Servers (Windows, Linux, Unix, ESX)

Network Routers / Switches Managed Firewalls

Applications Network Wireless LAN Managed Network IDS or IPS

Databases Network Load-Balancers / Accelerators Managed Network VPN Routers

Email Servers Managed Network AntiSpam / Proxys

Managed UTMs

Firewall / IDS / IPS / network Devices / Server

Security Services Feature Set Monitor Manage

Threat Management

24x7 Proactive Security Incident Monitoring, Detection & Notification

SIEM & Correlation

Security Policy Consultation

Incident Management

Configuration ManagementMaintain Device Inventory Database

Backup of Device Configuration

Fault Management

Availability Monitoring

Fault Detection & Notification

Fault Diagnosis & Resolution

Vendor Management

Change Management

Maintain Documentation

Policy & Signature Configuration Changes

OS Updates, Patches & Signatures

Maintain CMDB

Operating System Upgrades

ReportingBasic Reporting

Advanced Reporting

Web PortalWeb Based Portal

Access to Threat Feeds

Log Retention120 days online log retention 12 months archival (Customisable)

VPN SECURE

Customer Network

Managed firewall /UTM / IDS

Managed server

Business application monitoring

Managed switch / router

Global Security Operations Center.

VPN SECURE

SOCCo-location center

TIER 3 D.CAll logs stay in country

INFORMATION SECURITY | CAPABILITY STATEMENT | 7SOC-IN-A-BOX

SOC-In-A-BOx

Si recognises that many clients have a business demand to locate our Security Operations Centre on their premises / data centres . We offer a rapid deployment solution to enable our clients to become operational in a matter of days including people, processes and technology components . At the heart of the SOC lies an industry leading SIEM (LogRhythm Security Analytics Platform) that is closely coupled with additional modules which may be added at the customer request to include full SOC functionality .

Technology Elements

Our SOC-in-a-Box deployment represents an agnostic approach to the component architecture and provides the choice of vendor to our customers from the following matrix .

People (Staffing) Elements

The heart of an effective SOC operation is the quality of staffing together with

robust and tested SOC policies and processes . In all cases, a 24x7 SOC operation

is required to ensure a continuous level of monitoring and defence and whilst

this can be cost prohibitive for many organisations we offer three options to

achieve this objective .

Options: Staffing

Option 1: Remote 24x7 monitoring from our Global Security Operations Centre .

Option 2: Onsite 24x7 monitoring at our customer’s site location

Option 3: Hybrid – Onsite (8x5) team, offsite (evening shift, weekends and public holidays)

In all cases we ensure that all security logs stay onsite at the customers SOC infrastructure .

SOC Component Technology

Core Component: LogRhythm Security Analytics Platform

Module 1: Incident Response Workflow Handling Request Tracker

Module 2: Vulnerability Management Rapid7, Nessus or Qualys

Module 3: Advanced Threat DefencePalo Alto, Cisco Sorcefire or ThreatTrack

Module 4: Advanced Threat Intelligence Norse

Module 5: Honey Pot Active defence Honeypot Infrastructure - HoneyDrive

Module 6: Web Application Defence LogRhythm Web Application Defense Suite + Third party WAF (Optional)

Module 7: Continuous Threat Defence CyberFlow Anormalytics Suite - Anomaly Detection system

SOC and Incident response Processes

Si’s team has been designing, operating and consulting on SOC deployments globally for over 10 years and a particular

strength is our ability to develop and optimise SOC and Incident Response processes . Whilst this element is often overlooked

we believe this is the single most important ingredient to consistent successes and predictable results . Our clients will benefit

from this experience when they partner with Si to deliver our SOC-in-a-Box offering .

Service Delivery Architecture

STEP 1Select Technology

OPTIOn 1:LogRhythm Onsite – Buy

24x7 Outsource Onsite Team

Si Soc Processes

Customer Soc Processes24x7 Remote Monitoring Offsite Team

24x7 Hybrid Team Day shift - Onsite Team Night Shift - Remote Offsite

OPTIOn 2:LogRhythm Onsite – Lease

OPTIOn 3:Soc in a box

STEP 2Select Staffing

STEP 3Select Processes


ASSISTED SOC SErVICES

Empowered SIEM

Technology itself is not enough; an efficient SOC team requires a critical balance of people, process and technology . Si partners with LogRhythm to empower our customers to leverage their existing SIEM investments by providing a 24 x 7 Monitoring service offering .

The Operational Challenge

SOC ops require highly skilled security professionals to investigate security incidents, perform incident response and forensics and help keep an organization afloat amid a data breach .

An enterprise looking to operate a SOC needs to evaluate whether it has the expertise in-house to deliver effective monitoring . The option is to transfer the risk to a specialist SOC operator and we provide services to support these challenges .

ASSISTED SOC SERVICES

Key Questions

Does outsourcing make sense? It does when expertise is not available in-house, or when budget does not allow for investment needed to employ, house, and train a 24 x 7 SOC team .

Can building a self-contained, well-staffed SOC become cost-prohibitive for many? The answer is yes primarily due to the resource cost of providing a 24x7 team, after all cyber never sleeps! However if budget does not allow for an onsite team then a remote service to deliver log analysis and event monitoring can be an economical option .

Service level Assurance All services are backed by an SLA: Incidents - 15 minute response Availability - 99 .999 Uptime Change Management - 4 hr MTTR

Security Services Feature Set Monitor

Threat Management

24x7 Proactive Security Incident Monitoring, Detection & Notification

SIEM Event Management & Correlation

Security Policy Consultation

Configuration ManagementMaintain Device Inventory Database

Backup of Device Configuration

Fault ManagementAvailability Monitoring

Fault Detection & Notification

Change Management Maintain Documentation

Reporting Reporting

Web PortalWeb Based Portal

Access to Threat Feeds

Log Retention Log Management and Archival

SLA15 Minute Response Time Service Credit Backing

Dedicated Account Manager Dedicated technical account manager

Benefits – Cost & Performance

The adoption of “Assisted SOC” is motivated by three key messages: “Less Cost”, “Increased Performance” and “Service

Assurance (SLA)” . We demonstrate to our customers that we deliver SOC monitoring services better and for less than the cost

of an in-house service .

Sample use Case – Customer x

A customer requires a 24x7 monitoring service to support their LogRhythm Security Intelligence platform with an average

MPS throughput of 1,000 MPS .

Cost Assumptions

The following cost assumptions are used for the cost benefit assessment .

Options

We recognize that not all businesses are the same and so we support the following deployment models:

• Onsite SOC Teams

• Offsite Remote SOC Team (Remote Monitoring)

• Hybrid – Day Shift Onsite / Nightshift Offsite

SOC Operator (l1)Salary ($50,000/yr): $4,166 / mth

Overhead (20% Salary): $818 / mth

Desk Space $921 / mth

Others $767 / mth

Total Cost to Employ $6,672 / mthNote that a 24x7 operation requires a 5 shift model and a

minimum of 5 dedicated SOC operators .

What is Included?

Cost /mth of 24x7 monitoring team

Performance + Skills level

SlA response

Customer x: In house team

5 X $6,672 = $33,360

Difficult to achieve with

in house team

? Difficult to track and

manage

result: Expensive, no service

guarantee + performance risk + staff risks

Si remote outsource team

$7,000

Si dedicated security

professionals

15 minute response

result: Less cost + better service

assurance


CuSTOMEr DAShBOArDS

Si’s customer dashboards offer end-to-end support to the operations of SOCs and Managed Security Service Providers (MSSP) .

It has unique features to help Service Providers setup their operations in minimum time .

Unified Interface for Operations

Si provides a unified interface for the monitoring &

management of one or more networks for multiple aspects .

The portal is able to collate & analyse customer logs & data

and integrates security intelligence tapped from global

sources with analytical tools .

Customer specific information:

• Customer account information

• Security incidents & events

• Availability of critical hosts and services

• Performance of vital systems and network interfaces

• Vulnerabilities on critical systems and applications

• Incident & change management

High Scalability & Technology Agnostic

Si’s customer dashboards are highly scalable and can

integrate with almost any Java, ASP or Web based

application:

• Technology agnostic interface to normalized

information

• Improved operational efficiency through ease of

analysis & automation

• Enhanced Web 2 .0 features for user collaboration

• Flexibility to integrate with other security & network

products and appliances

Vulnerability Posture Dashboard

A high level view of the security posture across an enterprise based on scans performed on

the infrastructure, patch level, miss configurations and categorisation of vulnerability .

Service Management

Management and tracking of performance against service level agreements .

Knowledge Base

Database of over 100,000 vulnerabilities and 15,000 signatures, with in-built correlation

engine to assist incident management and forensics .

Security News Feeds Current security trends and news feeds validated in real-time through various sources and

security advisory organizations .

Security Incident Management

Complete tracking of incident handling through a triage of identification, prioritization

and remediation .

Customizable Dashboard

The customizable dashboard presents an overview of security incidents across the

enterprise . Key statistics of infrastructure areas that either require more attention or events

that provide a larger picture .

Service Centre Service centre for opening, tracking and drill downs from incident details to resolution .

Single portal for change management .

Security Threat Analysis The Dashboard provides a high level summary of how incidents are categorized based on

their severity and the location that needs more attention .

CUSTOMER DASHBOARDS

Non-customer specific information:• Integrated analytical tools for forensic analysis

• Access to reliable security intelligence

• Geographical information


WhITE lABElED MAnAgED SErVICES

We provide a service that allows our Partners to re-sell our managed security services as a white labled service . Our process

& technology allow our Partners to deliver ‘in the cloud’ IT services, with no capital investment, to provide a world class, 24x7

managed security service . Si takes care of the technology and the expertise using our global operations centres allowing our

partners to take care of their customers’ security needs .

Customised with our end customer’s logo

Customer Platform

Our partners benefit from our innovative Customer Platform that enables complete account management for reporting,

ticketing, fault management, threat & vulnerability management, customized dashboards, news and knowledge base .

Our web user interface sets the benchmark globally for customer interfacing and allows both partners & end customers a live

360o view of their assets, service fulfilment and SLA performance .

News, dashboards & knowledge base

Reliant & proactive analytics & reports

Complete SLA management & incident workflows

Customised with our partner’s logos and colours

Drag and drop dashboard builderEasily customisable dashboards...

Customisable dashboards

global Security Operation Centres

Easy change request workflows

Customised Platform

Our clients’ end customers benefit from our unique multi-

service delivery platform that can customize the services

they like to offer, define the look and feel and set up their

SLA support and escalation procedures .

Our MSSP partners are traditionally telecoms operators

and security hardware vendors who seek to offer managed

services to their existing client base .

MSSP Services

We can facilitate our partners to provide their end customers with:

• Managed firewall• Managed UTM and IDS• Managed switch and router• Application management• Vulnerability management• Threat management• Fault management

One click management reports

WHITE LABELED MANAGED SERVICES


ADVAnCED ThrEAT PrOTECTIOn AnD MAlWArE DETECTIOn

Si defends our customer networks against threats by using a market leading Next Generation Intrusion Prevention System and deep integration into our SIEM platform (Powered by LogRhythm) to provide multi-dimensional behavioural analytics, extended visibility and continuous monitoring for real-time threat detection & response .

The Next Generation Firewalls which we support or supply include: • Palo Alto

• Cisco Sourcefire

• ThreatTrack

• Fortinet

Summary Features

The feature set summary is provided as follows: • 24 x 7 monitoring & management

• Real time incident response system

• Advanced malware protection & next generation IPS

• Packet level forensics and sandboxing

• Network behaviour analysis

• Integration with our next Gen SIEM for behavioural analytics

• Behavioural whitelisting

• Statistical baselining

• Real-time threat management

• Continuous Compliance

• Host & network forensics

• Real-time contextual awareness

Use case &

LogRhythm incorporates Next Gen FW security and advanced malware protection via the secure eStreamer API and correlates it against other security device and machine logs to deliver multi-dimensional behavioural analytics, extended visibility and continuous monitoring for real-time threat detection & response .

The integration provides: • Deeper visibility and contextual awareness into network events with advanced correlation to deliver enterprise-wide

threat detection

• Threat intelligence to help detect advanced malware attacks and realize the extent of the outbreak for fast

remediation

• Automated action against advanced persistent threats (APT) and zero-day attacks

• Unparalleled expertise through Si SOC Team, LogRhythm LabsTM and Sourcefire’s Vulnerability Research Team (VRT)

Service benefits:• No Capex investment required

• Detect advanced malware and realize outbreak

extents for fast remediation

• Automated and immediate action against

threats such as APT and zero-day attacks

• Multi-dimensional behavioural analytics

• 24 x 7 monitoring + real time event

contextualization

Service Architecture

Si partners with leading Next Generation Firewall vendors (Palo Alto, Sourcefire or ThreatTrack) to incorporate their advanced threat detection technology and sandboxing with our SIEM platform (Powered by LogRhythm) and correlates it against other security devices and machine data throughout the IT environment .

ADVANCED THREAT PROTECTION AND MALWARE DETECTION


MAnAgED hOnEyPOT ACTIVE DEFEnSE

A honeypot is a security resource deliberately designed to be probed, attacked and compromised, for the purpose of gathering

intelligence around an attacker . By using honeypots to create better context around threats, we are able to provide a more

proactive defence posture . Our automated and integrated approach to honeypots eliminates the need for the manual review

and maintenance associated with traditional honeypot deployments .

MAnAgED SCADA SECurITy

Today, remotely deployed field devices and SCADA systems are increasingly brought into the IT environment and communicate

over IP . This convergence of Operational Technology (OT) and Information Technology (IT) has opened up new points of attack

or “threat vectors” for hackers .

Si has countered this threat by providing SCADA firewall technology which is integrated into our SIEM (Powered by

LogRhythm) for 24x7 monitoring, threat and incident detection .

The service is delivered using Palo Alto Networks SCADA Firewall, which is one of the only Layer 7 firewalls available for

SCADA-based environments .

Service Features

• Secure critical infrastructure, power grids, oil/gas pipelines, industrial plant

• Supports - DNP3, Modbus/TCP, Ethernet IP, IEC 61850, PROFINET and BACnet

• Layer 7 application protection and analysis for Industrial Control systems language and traffic

• Strong policy enforcement for more granular control over industrial data inputs

• Uniform secure access from control networks to sensors

• Translation of SCADA data formats into IP protocols

• SIEM integration and robust event logging

• All security logs remain in country

• Real time incident response system

• Real time events from the Firewall

• Store the events for forensic analysis

• Customisable event correlation

how It Works

Si deploys honeypot infrastructure into customer DMZ environments to analyse malicious events by continuously monitoring honeypot event activity utilising our SIEM platform (Powered by LogRhythm).

We perform real-time, advanced analytics on all activity captured in the honeypot, including successful logins, observed successful attacks and attempted/successful malware activity on the host and use this data to create a defensive posture.

Deploy Honeypot specific to customer requirement

SIEM (Powered by LogRhtythm) tracks the attacker’s actions

Analyse the honeypot data to create profiles of behavioural patterns and attack methods

Apply defensive posture for detected profiles and signatures

The honeypot Security Analytics Suite delivers:

• Continuous monitoring of honeypot data• Customized threat research for

strategic defence• Automated breach prevention and response• Dynamic security intelligence• Real time monitoring• Low cost approach for customer

specific signatures • Fault management

Service benefits:• Secure critical infrastructure, power grids, oil/

gas pipelines, industrial plant• No Capex investment required• 24 x 7 Monitoring • Secure SCADA Networks• Minimise business risk of security breaches• Achieve compliance requirements• Strict SLA response

The customer will interface with the MSSP SOC team via the customer portal where he will have customer access to:

• SLA Tracking

• Ticketing & troubleshooting

• Threat Management Dashboards

• Knowledge Based for Incident Response and analytics

MANAGED HONEYPOT ACTIVE DEFENSE | MANAGED SCADA SECURITY


COnTInuOuS ThrEAT DEFEnSE SErVICE MAChInE lEArnT BEhAVIOurAl AnOMAlyTICS

Si partners with Cyberflow AnalyticsTM to provide a service that detects operational anomalies within packet communication

behaviour to determine high risk activities and threats . The system is the only system that can provide “Anomalytics”, a

real-time, streaming, machine-learning, behavioural analytics solution, which can instantly detect and alert operational and

security practitioners of anomalous and suspicious activities within their organizations .

This system and service uses Anomalytics to provide real-time cyber-security threat detection at scale and in situations where

traditional security products are failing to adequately identify and detect advanced polymorphic attacks and other anomalous

lateral behaviour within their organizations .

how it Works• Collects raw packet meta data• Machine learns normal packet communication

behaviour of clients, servers, protocols and visualizes anomalous high risk threats

• Finds operational anomalies such as SNMP event storms, odd port/app activity and changes in IoT sensor communications

• Automation of clustered breach activity tracks Advanced Persistent Threats (APTs)

• Uses a SPAN port configuration to collect data• Operates within VMs on any customer

virtualized infrastructure (lightweight data footprint)

Service Benefits:• It is able to monitor traffic effectively over

the entire network, as opposed to traditional

security products which monitor only

segments of a network

• The service can detect APTs which other

analytics methods cannot capture

• Cost effective and scalable

• Real time monitoring

• Integrated with SIEM

1. Deploy a virtual machine network, app and device sensors that monitor systems to feed the “Anomalytics Fusion Engine”.

2. Execute multiple, real-time analytical models to construct self-organizing maps which present high risk behaviour.

3. Cross-correlate the maps against a behavioural policy framework.

4. We correlate the real-time anomaly threat detection and alerts through our SIEM to drive rapid incident response and forensics.

Service Architecture

Dashboards

The following image represents a dashboard identifying the high risk traffic occurring within the network utilising

port level analytics .

“Anomalytics Fusion Engine”

CONTINUOUS THREAT DEFENSE SERVICE | MACHINE LEARNT BEHAVIOURAL ANOMALYTICS


BEnEFITS OF EngAgIng An MSS PrOVIDEr

Cost

“The cost of a managed security service is typically less

than hiring in-house, full-time security experts .”

(Wilbanks, 2001) .

Staffing

“A shortage of qualified information security personnel

puts tremendous pressure on IT departments to recruit,

train, compensate, and retain critical staff .” (Hulme, 2001)

An MSSP transfers this responsibility . In addition, “if a

client organization can outsource repetitive security

monitoring and protection functions, then they can focus

internal resources on more critical business initiatives”

(Pescatore 2001) .

Skills

“MSSPs have insight into security situations based on

extensive experience, dealing with hundreds or thousands

of potentially threatening situations every day, and are

some of the most aggressive and strenuous users of

security software .” (Navarro 2001 & DeJesus 2001)

“In-house staff members who only deal with security on a

part-time basis may only see a limited number of security

incidents .” (Hulme, 2001)

Facilities

“MSSPs can also enhance security simply because of the

facilities they offer .” (DeJesus, 2001) . These are physically

hardened sites with state-of-the-art infrastructure

managed by trained personnel .

Objectivity and Independence

An MSSP can provide an independent and objective

perspective on the security posture of an organization . An

in-house team often can not be objective and certainly is

not independent .

Security Awareness

“It is difficult for an in-house team to track and address

all potential threats and vulnerabilities as well as attack

patterns, intruder tools, and best security practices .” (Alner

2001, Navarro 2001)

Whereas … .

An MSSP is often able to obtain advance warning of new

vulnerabilities and gain early access to information on

countermeasures .

Service Performance

The MSSP service can report near real-time results,

24 hours a day, 7 days a week, and 365 days a year,

guaranteed against an SLA . This is a large contrast with

an in-house service that may only operate during normal

business hours .

Service Security and Technology

“Service security solutions and technologies such as

firewalls, intrusion detection systems (IDSs), virtual private

networks (VPNs) and vulnerability assessment tools are far

more effective because they are managed and monitored

by skilled security professionals .” (Wilbanks, 2001)

BENEFITS OF ENGAGING AN MSS PROVIDER

Cost

Staffing

SkillsFacilities

Independence

SecurityAwareness

Service

27%Recurring

Annual Save

200+ DedicatedSecurity

Professionals

360O ViewOf Global Threats

We AreBuilt For Big

Data

20% Technology

But 80% Interpretation

94%Initial Cost

Savings

SLA15 MinuteAlert-High

Priority events

MSSP Benefits

The Business Case forManaged Security Services


98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13

Crc comm

s over

standard IRC portctc com

ms over non

standard IRC portsCrc com

ms over

HTP & HTTPS

ctc using Social

Media, Twitter & FB

Crc comm

s over

p2p-usins auto DDOS0-Day threats

now comm

on place

Fast flux DNS

now wide spreadNew wave of DLL

Hijack

First major cyber

warfare attack

Mydoom & SasserRecord forMost damage!

The rise in nationstate Malware!

Flame - the mostsophisticatedMalware yet!

Mal

war

e So

phist

icat

ion

CSIRT skills & experience

Si follows the best industry standards and guidelines for

incident response .

The increasing sophistication and impact of malware

attacks emphasises the need for companies to retain the

services of a professional CSIRT team .

Our CSIRT engineers are highly experienced and maintain a

tool kit of skills including: • Vulnerability management

• Penetration testing

• Botnets

• Sandbox

• Honeypot

• Forensic analysis

Why hire a professional CSIRT?

The inability of companies to prepare for possible cyber-attacks from incredibly resourceful criminals is one of the most

pressing issues facing global chief executives . The increasing sophistication of attacks, which render even the most technology

savvy organizations vulnerable, mean that few organizations have the means to employ staff with the ability to respond

effectively . We offer an incident response service that allows our customers’ organizations to benefit from our skills and

experience .

Malware Sophistication Vs Time

Rapid Response CSIRT Services

Incident Response

Reverse Engineering/Analysis

Advanced Threat Alerting

Forensics

Malware Analysis

Assessments & Audits

Script Development

Remediation and Recovery

SI CSIrT TEAMS

Si has been running a Computer Security Incident Response Team (CSIRT) for many years . Through the development of our

own SOC and our clients’ SOCs our staff are some of the most qualified and experienced incident response engineers in the

market place .

Si CSIRT LAB

Through the development of our own SOC, our CSIRT lab

comprises an extensive library of incident case files that

are key for supporting analysis and mitigation measures .

The very fact that Si has SOCs around the world, gives our

CSIRT teams a unique insight into a wide range of threats

and risks, enabling us to react faster to such incidents . Each

member of the team has access not only to the labs, but to

this global resource .

CSIRT Services

We offer our professional services to enterprise, telecom

and government organisations on a cost effective basis .

The available options for procuring these services include:

• Staff secondment

• Retainer leased rapid response teams

• Remote CSIRT teams

The security incident management team activities include:

SI CSIRT TEAMS

Email InformationRequest

VulnerabilityReportHotline/Helpdesk

Call Center

Figure 5: CERT/CC Incident Handling Life Cycle

Triage

IncidentReport

Analyze ResolutionObtain ContactInformation

Coordinateinformation& Response

Provide TechnicalAssistance

Other

IDS

CSIRT Incident Handling Life Cycle

“Eighty percent of the intrusions of your networks today can be

handled by patches, anti-virus and user actions. We spend 90

percent of our time on the 80 percent of the issues that could be

handled by good hygiene.”

Brigadier General Paul Nakasone, Deputy Commander, U.S. Army Cyber Command

Si’s Professional Security Services provides enterprise-wide assessments, design and deployment services to build secure and

resilient IT infrastructures .

Our delivery model is based on industry best practices and technologies that are aligned to our clients’ IT infrastructure and

business processes . Our services create a foundation that enables our clients to address key risk management and compliance

challenges .

Vulnerability Assessments

Penetration Testing

Web Application Security Testing

Network Risk Assessments

Network Architecture Reviews

Device Configuration And Migration Reviews

Cyber Forensics

According to Davos World Economic Forum, 2013, (the

Global Agenda Survey), “Cyber Risks” were ranked as the

3rd largest underestimated risk to world development

ahead of sovereign debt, education and protectionism .


INFORMATIONGATHERING

Active & PassiveReconnaissance

TARGETDISCOVERYFinalizingThe Scope

SCANNING &FINGER PRINTING

IdentifyingUnderlying

Technology &Service

LOCALSEGREGATIONOF TARGETS

GroupingTargets Based onAttack Vectors

APPLICATIONSWeb Servers,

Database Servers,Mail Servers,

SSH, FTP

OPERATINGSYSTEMS

Windows, Linux,Unix & Solaris

WEB BASEDAPPLICATIONSE-Commerce,B2B, CustomWebsites &Appliances

PERIMETERDEVICESNetwork

& SecurityAppliances

VULNERABILITYIDENTIFICATIONLocating Known

& UnknownVulnerabilities

VULNERABILITYANALYSISFiltering &Confirming

Attack Methods

PENETRATIONEXPLOITATION

Confirmingof Existing

Vulnerabilities

IMPACTANALYSISExtent of

Business impactdue to Vulnerability

Exploitation

REPORTSDetailedFindings,

ManagementReport Executive

Summary

DATACORRELATIONMITIGATIONSTRATEGIES

A robust policy template to enable securityconfiguration compliance

Compliance-based reports(PCI, HIPPA, GLBA, FISMA and SOX)

Customisable, multi-view reports that make the mostof existing security investments

Audit-read reporting and certified technical support teams

Internal and external vulnerability scans

Best practices (ITIL, OSSTMM and ISO 27001 security standard)

Instant access to Secure-I security intelligence and research

Executive summaries (jargon-free, true executive-level summaries)

Priority matrixes, indicating remediation priorities and risks

Detailed impact analysis of the identified vulnerabilities

Findings and recommendations to improve security postures

Knowledge transfer to client’s IT teams

VulnErABIlITy ASSESSMEnTS

Si’s Vulnerability Assessment (VA) service provides our clients with the ability to identify and mitigate security gaps associated

with their IT assets, thereby enhancing their overall security posture .

Our assessments meet the mandatory compliance requirements and provide a proactive measure to stay one step ahead of

threats .

PEnETrATIOn TESTIng

Interconnected corporate networks of partners, clients, remote offices, wireless LANs, vendors and the Internet have created

multiple avenues for an attacker to target companies . Organisations face greater risks to customer data, intellectual property

and financial records .

CIOs and CFOs must have a clear understanding of risks and vulnerabilities to protect their organizations from external

attacks .

Our Vulnerability Assessment provides:• On-demand proactive vulnerability management for

organisations

• Visibility, awareness and consistency of our clients’

organisations

• Tracks asset ownership, pinpoints rogue devices and

views detailed asset discovery and profile reporting

• Reduces investment in tools and technology

• Comprehensive remediation solutions

• Complete remediation procedures to mitigate

identified vulnerabilities

Our Penetration Testing services enable our clients to:

• Identify existing and potential vulnerabilities and

risks from external attacks

• Utilise experienced security analysts with the

specialized skills and tools needed to mitigate client

risk

• Conduct testing in a safe and controlled environment

without compromising routine business activities

• Reduce investment associated with employing full

time security analysts, tools and technologies

• Integrate with an overall risk management solution

to address the audit requirements of policy and

compliance frameworks such as ISO 27001, SOX,

HIPPA, PCI etc

Features include:

Features include:

VULNERABILITY ASSESSMENTS | PENETRATION TESTING


Comprehensive documentation andpresentation of findings

A prioritised list of remediation steps

Practical recommendations focusing on both the riskand cost associated with it

Action plan – short and long term to achievecompliance and business objectives

Identification of technical and logical vulnerabilitiessuch as SQL injection, cross-site scripting, I/O datavalidation, exception management etc.

Ability to determine remediation stepsand counter-measures

Detailed technical information report covering thenature of the defect, the code locations, impact ofdefect and the remediation solutions

WEB APPlICATIOn SECurITy TESTIng

IT applications allow our clients to directly access personal and confidential information, encouraging a self-driven model and

decreasing costs .

Critical business functions are dependent on the successful functioning of IT applications . There is an exponential increase in

vulnerabilities found in Web Applications creating a significant impact on our clients’ enterprises and the privacy of the end

users . Business losses can include loss of data, public image and loss of confidence .

nETWOrK rISK ASSESSMEnTS

A thorough evaluation of network security posture is mandatory to enable our clients to answer the following fundamental

questions:

Our Web Application Security Testing allows our clients to:

• Get instant feedback and catch hidden bugs before

launch

• Create higher quality applications as they are tested

by certified QA experts

• Deploy applications faster by testing throughout the

development process

• Use global testing coverage by testing across

operating systems, browsers, languages and more

• Allow our clients to gain a better understanding of

potential website vulnerabilities that may be visible

from the Internet

• What is their enterprise security strategy? And what

can be done to protect it in a better way?

• Where are the weaknesses in their security policies

and architecture?

• How can they make security data actionable and

get timely compliance reports to address audit

requirements?

• How much does an effective risk management

solution cost?

Features include:

Our Network Risk Assessment includes:• A Security Policy Audit – evaluating security policies

based on availability, business continuity and

compliance requirements; it also establishes key risk

factors and security metrics

• A Technical Security Evaluation – analyzing the

security architecture in the context of security

policies and control objectives to uncover

vulnerabilities

• A Threat Management Assessment – examining

threat identification, investigation and incident

response processes

• Disaster Recovery & Business Continuity Planning

– to ensure that plans for returning systems to

operational standards are in place

Features include:

WEB APPLICATION SECURITY TESTING | NETWORK RISK ASSESSMENTS

Black Box Testing Grey Box Testing White Box Testing

We perform attack testing assuming the identity of an external attacker/hacker.

With no inside informationabout the application..

We receive basic information aboutdesign & function of the Web app.

We receive complete information,coding, infra, architecture.

Grey Box testing is a fusion ofblack & white box testing.

Full Source code & infrastructure review


Step 1:

Current state assessment

FIREWALL MIGRATION SERVICES | NETWORK ARCHITECTURE REVIEW

FIrEWAll MIgrATIOn SErVICES

Firewall technology longevity typically spans from between 5-7 years and upgrades are often initiated by growing

organizations and changing security requirements . A firewall is an item of critical network security infrastructure and any

change in technology is fraught with risks to business continuity .

Si’s professional services team can assist organizations from applying a standard methodology to executing a firewall

migration . Each migration project deployed is unique and represents a different set of challenges, the key to our success is to

treat each case with the same level of care and professionalism .

What did we learn?

The client recovered the cost of the firewall migration project through lower cost of operations, reduced security risks, more

efficient administrative and maintenance processes, and ultimately a more satisfied customer base .

Baseline Assessment Requirements Planning

Step 1

FW ArchitectureAssessment

Step 2

FW Health Check& Performance Review

Step 3

FW Policy &Compliance Review

Step 4

FW Module & ProtectionLevel Assessment

Step 5

Migration Config& Validate

Step 6

Migration Cut Over& Monitoring

Migrate

Analysis of: - Firewall logs- VPN’s- Installed software / patch level- Bugs fixed in new versions- Utilisation of hardware components

Review of: - Hard disk capacity and usage and CPU memory usage- Network interface…

• ..throughput• ..capacity• ..availability

- Analysis of logs, errors and syslog- Firewall config

Review violation of:- Corporate policy,- Industry standards and best practices - FW Rules & Optimisation

Review of the protection level achievable with current Architecture.

Recommend upgrades and additional modules

Lab Based Configuration & Validation. prior to roll out and cut over.

On site:- Tra�c migrated from old to new- Troubleshoot- Monitor- Handover & training

Firewall Migration Road Map

• We determine security strategies and support our clients’ business objectives

• We implement policies where required and we establish new policies should they be required

• We put in place effective risk mitigation and regulatory compliance

• We analyse, manage and report

• We review existing policies and frameworks and make recommendations where necessary

• We audit existing policies for example ISO 27001/PCI to ensure compliance

• Our aim is to set out a road map detailing short, medium and long term goals

nETWOrK ArChITECTurE rEVIEW

Si utilises its vast experience and knowledge to act as professional assessors with respect to the security architecture of our

clients’ networks .

Our consultants analyze every key aspect of the architecture including:• Logical and physical design

• Security technology inventory

• Asset inventory

• Outbound and inbound connectivity

• Security procedures and processes

• Network topology

• Network and host access controls

• Log-in procedures and authentication requirements

• Business continuity plans

• Containment and incident response procedures

• Health of security controls

For each key area, and for the infrastructure as a whole, Si consultants identify and document the following 4 Steps:

Step 2:

A vision for a future state

Step 3:

A Gap analysis

Step 4:

Recommendations for closing gaps

What are the facts?• $1 .1 Million firewall migration project for this client

generates fast payback for customer

• The client is an IT managed services provider serving

over 11,000 community-based banks, credit unions,

and insurance agencies . This engagement calls for

migrating 45 McAfee Sidewinder firewalls to Cisco

ASA firewalls

The client decided to change their technology following a

history of frequent McAfee Sidewinder platform crashes

that negatively impacted their end customer satisfaction . Si

began by performing a proof-of-concept project to migrate

one firewall in our lab before the full scale roll out .

Case Study: Firewall Migration – Fortune 500 Financial Services Institution (2012)


System wipeThe "bullet". Your IT department needs to be able to wipe the system if it believes its security has been compromised.

App securitySome applications could compromise the security of your business data, so you'll need an application control system in place to prevent blacklisted apps being downloaded once the device is hooked up to your network.

ManagementThe IT department needs to select a mobile device management system. Look out for one that o�ers simple user interfaces as well as the security features you need.

IdentificationIf a wide range of users and devices are to be allowed access to the network, it is critical to identify and authenticate each device and user.

SecurityWith sensitive information being transmitted, security is top of the list. Allowing BYOD doesn't mean sacrificing security. IT must establish WiFi security, VPN access and ideally add-on software to protect against malware.

Data waiverPersonal and business data can be easily mixed on personal devices, so employers need to protect themselves if it goes wrong. If the device is lost or stolen, employers may need to destroy all data – employees should sign a waiver agreeing to this before being allowed to use their own device.

BrIng yOur OWn DEVICE (ByOD)

When an organization is considering implementing a BYOD policy they will generally be asking; what sort of Mobile Device

Management will need to be implemented? What systems must employees have mobile access to? What level of security will

need to be implemented?

Si provides consulting services to deliver the right solution to enable our clients to manage and secure both their networks

and also how to control the use of mobile applications on personal devices across their network .

BRING YOUR OWN DEVICE (BYOD)

Secure & Manage Mobile Devices with

Si partners with MobileIron who offer the platform to

manage mobile apps for business users . The MobileIron

platform provides both the tightest security and best

end-user experience for the distribution, delivery and

management of mobile applications, docs and devices for

global organizations .

Manage the Network

Step 1

High PerformanceNetwork Infra

Step 2

Security

Step 3

Acccess

Step 4

Acceptable UsePolicy

Step 5

Manage the Apps

Step 6

Manage the Data

Manage the Mobile Device

Your network needs to be able to cope with the

influx of personal devices connecting to it.

Support the secure connection of devices,

whether they are connecting from inside or

outside the o�ce.

Set policies around what devices to connect to the

network, and what network areas they have

access to.

Develop specific stipulations to govern the

use of the new technologies such as

smartphones and tablets.

Control access to the camera, application

stores, Internet browser, YouTube, and explicit

content.

Control access to documents and data

shared over the mobile device.

Secure & Manage the Network with ISE

Si has pioneered the implementation of BYOD management

through collaboration with Cisco ISE and are selected as

1 of only 10 worldwide delivery partners . The technology

allows:

• Consistent enforcement of context-based policies

across wired and wireless networks

• System-wide visibility showing who and what is on

the network - wired, wireless, or VPN

• Accurate device identification using ISE-based

probes, embedded device sensors, active endpoint

scanning

• Greater visibility and control of the endpoint with

Mobile Device Management solution integration*

It took was a small number of employee log-in details to be

compromised for hackers to obtain the entire customer database. As

a result 128 million people – equivalent to twice the population of

Britain – had to change their passwords!

The eBay Hack, May 2014

Si offers a range of compliance services based on industry best practices . Our lead compliance advisors/auditors are leaders in

their field and in certain instances are sector specialists such us banking, finance and government .

Services include:• Compliance consulting, implementation and

management

• Compliance certification readiness audits

• Business continuity planning (BCP)

• Security awareness and ITIL training

• Compliance services covering:

- ISO 27001:2005

- ISO 2000

- BS 25999

- ITIL

- COBIT

- HIPAA

- PCI DSS

- SAS 70

- SOX


InFOrMATIOn SECurITy MAnAgEMEnT SySTEM - ISO 27001

What is ISO 27001?

ISO 27001 is a set of ‘best practice’ controls for the

management of systems that enable our clients’

organizations to demonstrate that ‘best practices’ are

implemented and ‘continually’ improved .

Information Security Management System

The Information Security Management System (ISMS)

provides a control framework to protect information

assets . This combines management controls, technical

controls, procedural controls & personnel controls to

name a few . The controls combine preventive, detective,

restorative, maintenance and monitoring controls .

The Approach for Successful Certification?

We typically apply four phases to the successful delivery of

an ISMS process and we can demonstrate proven success

with some of the most successful organizations in the

Fortune 500 index .

What is Business Continuity Planning (BCP) & Management?

Business Continuity Planning & Management “identifies

an organization’s exposure to internal & external threats

& synthesizes hard & soft assets to provide effective

prevention & recovery for the organization, while

maintaining competitive advantage & value system

integrity” (Elliot, Swartz & Herbane, 1999)

Our Approach to BCP Compliance

BS 25999 is BSI’s standard in the field of Business

Continuity Management (BCM) and can be applied to any

organization in any location globally . Si are specialists at

applying this standard which includes guidance on the

processes, principles and technology recommended for

BCM and the specification of a set of requirements for

implementing, operating and improving a BCM System

(BCMS) .

4 Key Benefits of ISO 27001 Implementation

1. Compliance ISO 27001 can provide the methodology to enable an

efficient way to comply with regulations regarding data

protection, security & IT governance .

2. Marketing edge

ISO 27001 can be a unique selling point, especially if

handling clients’ sensitive information .

3. Lowering the expenses Information security is usually considered as a cost with no

obvious financial gain . However, there is financial gain if

you lower your expenses caused by incidents .

4. Putting your business in order ISO 27001 is particularly good for putting businesses in

order – it forces organizations to very precisely define both

responsibilities and duties, and therefore strengthens the

internal organization .

BuSInESS COnTInuITy PlAnnIng (BCP) & MAnAgEMEnT

INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001 | BUSINESS CONTINUITY PLANNING & MANAGEMENT

The ISO 27001 standard is divided into management system controls comprising 11 domains which in turn have a further 133 detailed controls:

• Security policy• Organization of information security• Asset management• Human resources security• Physical and environmental security• Communications and operations management• Access control• Information systems acquisition, development

& maintenance• Information security incident management• Business continuity management• Compliance

What are we planning for?• Random failure of mission-critical systems• Epidemic• Earthquake• Fire• Flood• Cyber attack• Sabotage (insider or external threat)• Hurricane or other major storm• Utility outage• Terrorism/Piracy• War/civil disorder• Theft (insider or external threat)

Objectives & policies

Gap analysis

Risk assessment

Risk treatment plan

Implement controls

Training & awareness

Monitor, review & refine

Management review

Documentation

Verification

Certification

Phase IPlanning

Phase IIImplementation

Phase III Phase IVCertification

Training Business Process Test Process RefreshRecovery Requirement

Analysis

Business Impact Analysis (BIA) Disaster Recovery Design Crisis Command Team call-out

Solution Design Testing Maintenance

Threat & Risk Analysis (TRA)Crisis Management -

Command Structure

IT Failover Plan

Technical Swing Test

IT Applications Test

Verify - Tech solutions

Verify – Recovery ProceduresImpact Assessment

COMPlIAnCE & SECurITy SKIllS TrAInIng

To enhance our compliance consulting services in the field of ISO 27001, Business continuity Management (BS 25999) and ITIL

we offer courses to enable our clients to take ownership of their compliance needs .

Our courses are delivered with a combination of inhouse trainers and experienced consultants from the UK .

Course Owner

Si & Partner

Si & Partner

Si & Partner

Si & Partner

Si & Partner

Si & Partner

Si & Partner

Si & Partner

Si & Partner

Si & Partner

Si & Partner

Si & Partner

Si & Partner

Course Name

1 . Implementation and Audit – ISMS-ISO 27001

2 . Implementation and Audit – ITSM-ISO 20000

3 . Implementation and Audit – BCMS- ISO 22301

4 . Internal Auditor - ISO 27001

5 . Business Impact Analysis

6 . ISO 27005

7 . Network Security Assessment

8 . Application Security Assessment

9 . Business Continuity Management

10 . PCI – DSS

11 . An Integrated Management System

12 . Security Operation Centre Design & Delivery

13 . SOC & SIRT Optimization

Duration

2 Days

2 Days

2 Days

2 Days

2 Days

2 Days

2 Days

2 Days

2 Days

2 Days

2 Days

2 Days

2 Days


PCI COMPlIAnCE & PAyMEnT CArD InDuSTry SECurITy

Si offers a full range of PCI Compliance Consulting services to satisfy the requirements of the Payment Card Industry Data

Security Standards (PCI DSS) compliance . Si is a PCI Approved Scanning Vendor (ASV) .

What is PCI DSS?

The PCI Data Security Standard (DSS) was developed by

the PCI Security Standards Council, and is enforced by the

payment card issuers . It is designed to protect consumers

and businesses, and to encourage the global adoption of

consistent data security measures . The PCI DSS comprises

12 broad requirements which organizations must meet to

maintain compliance .

PCI DSS compliance requires any organization that

transmits, processes, or stores data that contains payment

card information to protect the privacy and confidentiality

of that data . In addition to retailers, the PCI DSS standards

affect financial institutions, healthcare providers,

transportation service providers, the food and hospitality

industry, and payment service providers, among many

others .

Information Security Programme

In itself PCI does not address an organization’s information

security and as such we recommend in addition to the

requirements of PCI compliance a strong framework should

be established to provide a strong information security

environment . By focusing on a broader security program,

organizations can mitigate potential data security breaches

and cyber security attacks, which will lead to better service

to customers and increased profitability .

PCI DSS Trends

Several trends have accelerated the need for PCI DSS

compliance and payment security . While the payment

card brands have been actively enforcing PCI compliance

for Level 1 merchants the past few years, they are now

enforcing compliance for Level 2 - 4 merchants as well .

Merchants that are non-compliant can face substantial

fines and the threat of having payment card privileges

revoked .

PCI COMPLIANCE & PAYMENT CARD INDUSTRY SECURITY | COMPLIANCE & SECURITY SKILLS TRAINING


INDIA

305/310 Owner’s Industrial Estate

Gabriel Road, Mahim,

Mumbai, India 400016

T: +91 22 2445 4725

UK

1st Floor

6 Bevis Marks

London

EC3A 7BA

T: +44 (0)7481 804622

COnTACT uS glOBAl SECurITy OPErATIOn CEnTrES

California, USA

USA Co-Location Data Centre

New Jersey, USA

Dubai, UAEPune, India Global Soc

[email protected]

UAE

Al Barsha Business Point

Office 501, Al Barsha One

P .O . Box 283996

Dubai, UAE

T: +971 4 354 9535

F: +971 4 354 9536

London, UK

CONTACT US | GLOBAL SECURITY OPERATION CENTRES

New York

2137 Route-35

1st Floor Holmdel,

NJ 07733

United States

T: +1 732 444 4404

Si’s Multi-disciplinary Capabilities:

• Information Security• Security Consulting• ICT Consulting• Building Technology• Engineering & Integration Management

si infosecmiddleeastlr0516

Documents