Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
The cyber security profession has successfully established explicit guidance for practitioners to implement effective cyber security programs via the NIST Cyber Security Framework (CSF). The CSF provides both a roadmap and a measuring stick for effective cyber security. Application of the CSF within cyber is nothing new, but the resurgence of Enterprise Security Risk Management and Security Convergence highlight opportunities for expanded application for cyber, physical, and personnel security risks. This NIST CSF can help practitioners build a cross-pollenated understanding of holistic risk.
Main points covered:
• Understand the purpose, value, and application of the NIST CSF in familiar non-technical terms.
• Understand how the Functions and Categories of the NIST CSF (the CSF “Core”) and an organization's “current” and “target” profiles are relevant and valuable in a variety of sectors and environments.
• Understand how an organization’s physical and cyber security resources and stakeholders can align with the NIST CSF as a tool to achieve holistic security risk management.
Presenters:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Recorded webinar: https://youtu.be/hxpuYtMQgf0
Threat intelligence is information that informs enterprise defenders of adversarial elements to stop them.
It is information that is relevant to the organization, has business value, and is actionable.
If you having all data and feeds then data alone isn’t intelligence.
#Threat #Intelligence #Forensics #ELK #Forensics #VAPT #SOC #SIEM #Incident #D3pak
6 Steps for Operationalizing Threat IntelligenceSirius
The best form of defense against cyber attacks and those who perpetrate them is to know about them. Collaborative defense has become critical to IT security, and sharing threat intelligence is a force multiplier. But for many organizations, good quality intelligence is hard to come by.
Commercial threat intelligence technology and services can help enterprises arm themselves with the strategic, tactical and operational insights they need to identify and respond to global threat activity, and integrate intelligence into their security programs.
Threat intelligence sources have varying levels of relevance and context, and there are concerns about data quality and redundancy, shelf life, public/private data sharing, and threat intelligence standards. However, if processed and applied properly, threat intelligence provides a way for organizations to get the insight they need into attackers’ plans, prioritize and respond to threats, shorten the time between attack and detection, and focus staff efforts and decision-making.
View to learn:
--The difference between threat information and threat intelligence.
--Available sources of intelligence and how to determine if they apply to your business.
--Key steps for preparing to ingest threat information and turn it into intelligence.
--How to derive useful data that helps you achieve your business goals.
--Tools that are available to make collaboration easier.
Introduction to Risk Management via the NIST Cyber Security FrameworkPECB
The cyber security profession has successfully established explicit guidance for practitioners to implement effective cyber security programs via the NIST Cyber Security Framework (CSF). The CSF provides both a roadmap and a measuring stick for effective cyber security. Application of the CSF within cyber is nothing new, but the resurgence of Enterprise Security Risk Management and Security Convergence highlight opportunities for expanded application for cyber, physical, and personnel security risks. This NIST CSF can help practitioners build a cross-pollenated understanding of holistic risk.
Main points covered:
• Understand the purpose, value, and application of the NIST CSF in familiar non-technical terms.
• Understand how the Functions and Categories of the NIST CSF (the CSF “Core”) and an organization's “current” and “target” profiles are relevant and valuable in a variety of sectors and environments.
• Understand how an organization’s physical and cyber security resources and stakeholders can align with the NIST CSF as a tool to achieve holistic security risk management.
Presenters:
David Feeney, CPP, PMP has 17 years of security industry experience assisting organizations with risk management matters specific to physical, personnel, and cyber security. He has 9 years of experience with service providers and 8 years of experience within enterprise security organizations. David has worked with industry leaders in the energy, technology, healthcare, and real estate sectors. Areas of specialization include Security Operations Center design and management, Security Systems design and implementation, and Enterprise Risk Management. David holds leadership positions in ASIS International and is also a member of the InfraGard FBI program. David holds Certification Protection Professional (CPP) and Project Management Professional (PMP) certifications.
Andrea LeStarge, MS has over ten years of experience in program management, risk analysis and curriculum development. Being specialized in Homeland Security, Andrea leverages her experience in formerly managing projects to support various Federal Government entities in identifying, detecting and responding to man-made, natural and cyber incidents. She has an established track record in recognizing security gaps and corrective risk mitigation options, while effectively communicating findings to stakeholders, private sector owners and operators, and first-responder personnel within tactical, operational and strategic levels. Overall, Andrea encompasses analytical tradecraft and demonstrates consistent, repeatable and defensible methodologies pertaining to risk and the elements of threat, vulnerability and consequence.
Recorded webinar: https://youtu.be/hxpuYtMQgf0
Threat intelligence is information that informs enterprise defenders of adversarial elements to stop them.
It is information that is relevant to the organization, has business value, and is actionable.
If you having all data and feeds then data alone isn’t intelligence.
#Threat #Intelligence #Forensics #ELK #Forensics #VAPT #SOC #SIEM #Incident #D3pak
6 Steps for Operationalizing Threat IntelligenceSirius
The best form of defense against cyber attacks and those who perpetrate them is to know about them. Collaborative defense has become critical to IT security, and sharing threat intelligence is a force multiplier. But for many organizations, good quality intelligence is hard to come by.
Commercial threat intelligence technology and services can help enterprises arm themselves with the strategic, tactical and operational insights they need to identify and respond to global threat activity, and integrate intelligence into their security programs.
Threat intelligence sources have varying levels of relevance and context, and there are concerns about data quality and redundancy, shelf life, public/private data sharing, and threat intelligence standards. However, if processed and applied properly, threat intelligence provides a way for organizations to get the insight they need into attackers’ plans, prioritize and respond to threats, shorten the time between attack and detection, and focus staff efforts and decision-making.
View to learn:
--The difference between threat information and threat intelligence.
--Available sources of intelligence and how to determine if they apply to your business.
--Key steps for preparing to ingest threat information and turn it into intelligence.
--How to derive useful data that helps you achieve your business goals.
--Tools that are available to make collaboration easier.
Insight is one of the best security operation center that influences all the necessary things that reduce the advanced threats and security risk all over your company and protects your network infrastructure across the organization. https://insightmsp.co.in/soc-as-service.php
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
In order to effectively defend your organization, you must think about the offensive strategy as well. But before we get ahead of ourselves let’s talk briefly about the building blocks of a good offense. First is an architecture that is built around a security policy that is aligned with the business risk. Risk must be understood and a cookie cutter approach must be avoided here because again every organization is different and so are their risks.
Cyber Security Trends
Business Concerns
Cyber Threats
The Solutions
Security Operation Center
requirement
SOC Architecture model
SOC Implementation
SOC & NOC
SOC & CSIRT
SIEM & Correlation
-----------------------------------------------------------
Definition
Gartner defines a SOC as both a team, often operating in shifts around the clock, and a facility dedicated to and organized to prevent, detect, assess and respond to cybersecurity threats and incidents, and to fulfill and assess regulatory compliance. The term "cybersecurity operation center "is often used synonymously for SOC.
A network operations center (NOC) is not a SOC, which focuses on network device management rather than detecting and responding to cybersecurity incidents. Coordination between the two is common, however.
A managed security service is not the same as having a SOC — although a service provider may offer services from a SOC. A managed service is a shared resource and not solely dedicated to a single organization or entity. Similarly, there is no such thing as a managed SOC.
Most of the technologies, processes and best practices that are used in a SOC are not specific to a SOC. Incident response or vulnerability management remain the same, whether delivered from a SOC or not. It is a meta-topic, involving many security domains and disciplines, and depending on the services and functions that are delivered by the SOC.
Services that often reside in a SOC are:
• Cyber security incident response
• Malware analysis
• Forensic analysis
• Threat intelligence analysis
• Risk analytics and attack path modeling
• Countermeasure implementation
• Vulnerability assessment
• Vulnerability analysis
• Penetration testing
• Remediation prioritization and coordination
• Security intelligence collection and fusion
• Security architecture design
• Security consulting
• Security awareness training
• Security audit data collection and distribution
Alternative names for SOC :
Security defense center (SDC)
Security intelligence center
Cyber security center
Threat defense center
security intelligence and operations center (SIOC)
Infrastructure Protection Centre (IPC)
مرکز عملیات امنیت
Talking about Next-Gen Security Operation Center for IDNIC+APJII as representative from IDSECCONF. People-Centric SOC requires lot of investment on human in terms of quantity and quality, unfortunately, (good) IT security people are getting rare these days. Organisation need to put their investments more on technology, as in Industry 4.0, machines are getting more advanced to support Human on doing continuous and repetitive task.
Moving from “traditional” to next-gen SOC require proper plan, thats what this talk was about.
Recently, NTT published the Global Threat Intelligence Report 2016 (GTIR). This year’s report focused both on the changes in threat trends and on how security organizations around the world can use the kill chain to help defend the enterprise.
Turning threat intelligence data from multiple sources into actionable, contextual information is a challenge faced by many organizations today. The Global Threat Intelligence Platform provides increased efficiency, reduces risks and focuses on global coverage with accurate and up-to-date threat intelligence.
This presentation was given at Carnegie Mellon University by Kenji Takahashi, VP of Product Management, Security at NTT Innovation Institute.
Falcon OverWatch Experts Hunt 24/7 To Stop Incidents Before They Become Breaches
Is your IT security team suffering from alert fatigue? For many organizations, chasing down every security alert can tax an already overburdened IT department, often resulting in a breach that might have been avoided. Adding to this challenge is an increase in sophisticated threats that strike so fast and frequently, traditional methods of investigation and response can’t offer adequate protection.
A new webcast from CrowdStrike, “Proactive Threat Hunting: Game-Changing Endpoint Protection Above and Beyond Alerting,” discusses why so many organizations are vulnerable to unseen threats and alert fatigue, and why having an approach that is both reactive and proactive is key. You’ll also learn about Falcon OverWatch™, CrowdStrike’s proactive threat hunting service that investigates and responds to threats immediately, dramatically increasing your ability to react before a damaging breach occurs.
Download the webcast slides to learn:
--How constantly reacting to alerts prevents you from getting ahead of the potentially damaging threats designed to bypass standard endpoint security
--Why an approach that includes proactive threat hunting, sometimes called Managed Detection and Response, is key to increasing protection against new and advanced threats
--How CrowdStrike Falcon OverWatch can provide 24/7 managed threat hunting, augmenting your security efforts with a team of cyber intrusion detection analysts and investigators who proactively identify and prioritize incidents before they become damaging breaches
Cyber risk isn't new, but the stakes grow higher every day. An incident is no longer likely to be an isolated event, but a sustained and persistent campaign. There is no single solution that will offer protection from an attack, but a Cyber Resilience strategy can provide a multi-layered approach that encompasses people, processes and technology. Pete's presentation talks about eliminating the gap between IT and the business to present a united front against threats. This is a paradigm shift that uses security intelligence to guide decisions and support agility.
Cyber threat intelligence: maturity and metricsMark Arena
From SANS Cyber Threat Intelligence Summit 2016. What are the characteristics of a mature cyber threat intelligence program, and how do you develop meaningful metrics? Traditionally, intelligence has been about providing decision
support to executives whilst the field of cyber threat intelligence supports this customer, and network defenders, who have different requirements. By using the intelligence cycle, this talk will
seek to help attendees understand how they can identify what a mature intelligence program looks like and the steps to take their program to the next level.
CrowdCasts Monthly: You Have an Adversary ProblemCrowdStrike
You Have an Adversary Problem. Who's Targeting You and Why?
Nation-States, Hacktivists, Industrial Spies, and Organized Criminal Groups are attacking your enterprise on a daily basis. Their goals range from espionage for technology advancement and disruption of critical infrastructure to for-profit theft of trade secrets and supporting a political agenda. You no longer have a malware problem, you have an adversary problem, and you must incorporate an intelligence-driven approach to your security strategy.
During this CrowdCast, you will learn how to:
Incorporate Actionable Intelligence into your existing enterprise security infrastructure
Quickly understand the capabilities and artifacts of targeted attacked tradecraft
Gain insight into the motivations and intentions of targeted attackers
Make informed decisions based off of specific threat intelligence
In our webinar “What is Threat Hunting and why do you need it?" we discussed the folowing key points:
1. What Threat hunting is.
2. Why it is becoming so popular and what kinds of attacks are making it necessary.
3. What the challenges are.
4. Threat Hunting and Investigation services for attacks.
5. Case studies.
Find out more on https://www.pandasecurity.com/business/adaptive-defense/?utm_source=slideshare&utm_medium=social&utm_content=SM_EN_WEB_adaptive_defense&track=180715
Insight is one of the best security operation center that influences all the necessary things that reduce the advanced threats and security risk all over your company and protects your network infrastructure across the organization. https://insightmsp.co.in/soc-as-service.php
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
In order to effectively defend your organization, you must think about the offensive strategy as well. But before we get ahead of ourselves let’s talk briefly about the building blocks of a good offense. First is an architecture that is built around a security policy that is aligned with the business risk. Risk must be understood and a cookie cutter approach must be avoided here because again every organization is different and so are their risks.
Cyber Security Trends
Business Concerns
Cyber Threats
The Solutions
Security Operation Center
requirement
SOC Architecture model
SOC Implementation
SOC & NOC
SOC & CSIRT
SIEM & Correlation
-----------------------------------------------------------
Definition
Gartner defines a SOC as both a team, often operating in shifts around the clock, and a facility dedicated to and organized to prevent, detect, assess and respond to cybersecurity threats and incidents, and to fulfill and assess regulatory compliance. The term "cybersecurity operation center "is often used synonymously for SOC.
A network operations center (NOC) is not a SOC, which focuses on network device management rather than detecting and responding to cybersecurity incidents. Coordination between the two is common, however.
A managed security service is not the same as having a SOC — although a service provider may offer services from a SOC. A managed service is a shared resource and not solely dedicated to a single organization or entity. Similarly, there is no such thing as a managed SOC.
Most of the technologies, processes and best practices that are used in a SOC are not specific to a SOC. Incident response or vulnerability management remain the same, whether delivered from a SOC or not. It is a meta-topic, involving many security domains and disciplines, and depending on the services and functions that are delivered by the SOC.
Services that often reside in a SOC are:
• Cyber security incident response
• Malware analysis
• Forensic analysis
• Threat intelligence analysis
• Risk analytics and attack path modeling
• Countermeasure implementation
• Vulnerability assessment
• Vulnerability analysis
• Penetration testing
• Remediation prioritization and coordination
• Security intelligence collection and fusion
• Security architecture design
• Security consulting
• Security awareness training
• Security audit data collection and distribution
Alternative names for SOC :
Security defense center (SDC)
Security intelligence center
Cyber security center
Threat defense center
security intelligence and operations center (SIOC)
Infrastructure Protection Centre (IPC)
مرکز عملیات امنیت
Talking about Next-Gen Security Operation Center for IDNIC+APJII as representative from IDSECCONF. People-Centric SOC requires lot of investment on human in terms of quantity and quality, unfortunately, (good) IT security people are getting rare these days. Organisation need to put their investments more on technology, as in Industry 4.0, machines are getting more advanced to support Human on doing continuous and repetitive task.
Moving from “traditional” to next-gen SOC require proper plan, thats what this talk was about.
Recently, NTT published the Global Threat Intelligence Report 2016 (GTIR). This year’s report focused both on the changes in threat trends and on how security organizations around the world can use the kill chain to help defend the enterprise.
Turning threat intelligence data from multiple sources into actionable, contextual information is a challenge faced by many organizations today. The Global Threat Intelligence Platform provides increased efficiency, reduces risks and focuses on global coverage with accurate and up-to-date threat intelligence.
This presentation was given at Carnegie Mellon University by Kenji Takahashi, VP of Product Management, Security at NTT Innovation Institute.
Falcon OverWatch Experts Hunt 24/7 To Stop Incidents Before They Become Breaches
Is your IT security team suffering from alert fatigue? For many organizations, chasing down every security alert can tax an already overburdened IT department, often resulting in a breach that might have been avoided. Adding to this challenge is an increase in sophisticated threats that strike so fast and frequently, traditional methods of investigation and response can’t offer adequate protection.
A new webcast from CrowdStrike, “Proactive Threat Hunting: Game-Changing Endpoint Protection Above and Beyond Alerting,” discusses why so many organizations are vulnerable to unseen threats and alert fatigue, and why having an approach that is both reactive and proactive is key. You’ll also learn about Falcon OverWatch™, CrowdStrike’s proactive threat hunting service that investigates and responds to threats immediately, dramatically increasing your ability to react before a damaging breach occurs.
Download the webcast slides to learn:
--How constantly reacting to alerts prevents you from getting ahead of the potentially damaging threats designed to bypass standard endpoint security
--Why an approach that includes proactive threat hunting, sometimes called Managed Detection and Response, is key to increasing protection against new and advanced threats
--How CrowdStrike Falcon OverWatch can provide 24/7 managed threat hunting, augmenting your security efforts with a team of cyber intrusion detection analysts and investigators who proactively identify and prioritize incidents before they become damaging breaches
Cyber risk isn't new, but the stakes grow higher every day. An incident is no longer likely to be an isolated event, but a sustained and persistent campaign. There is no single solution that will offer protection from an attack, but a Cyber Resilience strategy can provide a multi-layered approach that encompasses people, processes and technology. Pete's presentation talks about eliminating the gap between IT and the business to present a united front against threats. This is a paradigm shift that uses security intelligence to guide decisions and support agility.
Cyber threat intelligence: maturity and metricsMark Arena
From SANS Cyber Threat Intelligence Summit 2016. What are the characteristics of a mature cyber threat intelligence program, and how do you develop meaningful metrics? Traditionally, intelligence has been about providing decision
support to executives whilst the field of cyber threat intelligence supports this customer, and network defenders, who have different requirements. By using the intelligence cycle, this talk will
seek to help attendees understand how they can identify what a mature intelligence program looks like and the steps to take their program to the next level.
CrowdCasts Monthly: You Have an Adversary ProblemCrowdStrike
You Have an Adversary Problem. Who's Targeting You and Why?
Nation-States, Hacktivists, Industrial Spies, and Organized Criminal Groups are attacking your enterprise on a daily basis. Their goals range from espionage for technology advancement and disruption of critical infrastructure to for-profit theft of trade secrets and supporting a political agenda. You no longer have a malware problem, you have an adversary problem, and you must incorporate an intelligence-driven approach to your security strategy.
During this CrowdCast, you will learn how to:
Incorporate Actionable Intelligence into your existing enterprise security infrastructure
Quickly understand the capabilities and artifacts of targeted attacked tradecraft
Gain insight into the motivations and intentions of targeted attackers
Make informed decisions based off of specific threat intelligence
In our webinar “What is Threat Hunting and why do you need it?" we discussed the folowing key points:
1. What Threat hunting is.
2. Why it is becoming so popular and what kinds of attacks are making it necessary.
3. What the challenges are.
4. Threat Hunting and Investigation services for attacks.
5. Case studies.
Find out more on https://www.pandasecurity.com/business/adaptive-defense/?utm_source=slideshare&utm_medium=social&utm_content=SM_EN_WEB_adaptive_defense&track=180715
Often the most powerful and successful efforts start with a few people coming together to solve a problem. In the past 5 years a number of “compliance communities” have sprung up across North America. Panelists give their individual takes on how they are using these communities to keep up on current industry-specific security regulatory developments and how they are sharing this information with the forums they represent. The panel will discuss the challenges of providing relevant information to their constituencies, communication strategies, community-driven solutions and the power of group dynamics as it relates to addressing security regulation as well as their thoughts on the importance of participating in community-based programs.
Welcome to the World of the BPS Security PracticeEdwin Soares
BPS World Cyber and Information Security Practice afford over six years’ experience working with End Users, Consultancies, Systems Integrators, Mainstream Security
Contractors and Government Agencies
Avalance Global Solutions is a multinational information technology and outsourcing company headquartered in Vadodara, India and Mountain View, California.
Join us next Wednesday (register at http://clearedjobs.net/jobfair-information/83) at the Baltimore Convention Center to meet with 22 of the MidAtlantic's leading cyber employers. Cyber Job Fair attendance is FREE.
The Job Seeker Handbook contains a listing of all employers and the cleared jobs they will be seeking to fill at the Cyber Job Fair. Cybersecurity experience or degree required.
The Cyber Job Fair is for both cleared and non-cleared cyber professionals.
Current Automation Status and BenefitsSr. No. Automation Module Test cases / release Manual Testing Efforts Automation Efforts Savings1 Group Market Web proposal Software 5000 15 Manual testers for 10 days 1 user running the scripts on 15 vdi for less than 5 days 145 person days per release - 972 JAH32 5000 15 Manual testers for 10 days 1 user running the scripts on 15 vdi for less than 5 days 145 person days per release - 973 Self Funded Quote 1000 5 Manual testers for 6 days 1 user running the scripts on 15 vdi for 3 days 27 person days - 904 DSC 4 1 day per user 1 hour for a user 7 hours 885 HUGG ( GM to EASE) 3500 10 Manual testers for 12 days 1 user running the scripts on 15 vdi for 5 days 115 person days 966 ACES 16 (daily) 1 expert user person day Novice user can also finish in 1 hour 7 hours 887 GRASS 16 (daily) 1 expert user manday Novice user can also finish in 1 hour 7 hours 8822Other Automation AchievementsDSC AutomationProof of concepts using Rational FunctionalTesterMICROSOFT CRM Automation using RationalFunctional Tester32bit Software Automation from ScratchBuilding the TAF for JAH 32 bit SoftwareRegression for June ReleaseOrganization of Assurant TCoEBuilding the Human Resources for Assurant TestingActivities(Both Manual AutomatedResources)Efficient Effective Utilization of resourcesFulfilling the Testing needs of Assurant Health23SOA test Automation Case Study An Insurancecompany in UKProject Overviewe-Commerce application implemented on SOAarchitectureThe testing was done manually using VBapplications , which was cumbersome and timeconsuming .Rushcode is chosen as strategic partner toconduct the SOA testing using SOAP UI Pro toolScopeWeb services functional testing and regressiontestingAsynchronous services residing on MQsTotal test cases 20StandardsWS-I standardsXMLSOAPMQHTTP/HTTPSChallengesManage data entry for multiple payload requestapprox. 1000 requestsIdentifying the Use cases and integrates servicesby chaining themService oriented architecture is based onimplementation of asynchronous messagesRushcodes SolutionEvaluation of different tools and selecting thebest fitDevelopment and implementation of the data drivenframeworkUse of Rushcodes SOAP UI Pro LicensesBenefitsReduction in execution time -approximately 80Due to modular and data driven framework,maintainability increased by 5024Automation Framework Solution for SOA testingMultiple Testing Environment manipulationEndpointsTest Case FlowAlternating test case Logic controlTest Data controlled multiple IterationsTest Validation Points - dynamic AssertionsTest Data Reusable Test assets25Value-added servicesPlugin DevelopmentWe are in a phase to develop a Plug-in which willinteract with Desktop applications.We are majorly focusing on MFC applications.26Our SolutionsEnd to end testingFramework designing re-engineering offrameworksUser acceptance testingTest data managementApplication qualit
DEPL Consulting is an IT audit and advisory firm based in Lagos Nigeria. We provide a high-quality information technology consulting services that cut across governance and risk management, cybersecurity, compliance program, audit and assurance services.
CottGroup is the one stop shop provider of Consultancy, Outsourcing, Technology and Training in Istanbul. We are one of the first providers to offer multi-process services.
CottGroup operates with the boundless professional knowledge and expert competencies of its management. CottGroup’s expertise focuses on assistance in all specific aspects of making business such as business development, human resource management, accounting, and technology based solutions.
Our organization envisions itself as becoming the most admired and preferred partner on holistic back-end solutions for different areas of the industry and worldwide businesses.
Customers can count on our global knowledge and local eperience to deliver the best solutions for their needs.
We are able to provide service to any industry. Our customers cover a broad range of industries including IT, banking/finance, insurance, education, energy, government, retail, manufacturing and healthcare.
We serve clients from Fortune 500 to mid-size companies across Turkey.
2. Content
Background
Your requirements
Our Promise
About Afrik Santa Cruz
Our differentiating factors
Our key clients
Team experiences
Quality assured
Clear and continuous communication
Our team and affiliates
Contact details
Annexure I – Our methodology
Annexure II – Why you need cybersecurity
Annexure III – Service Catalogue
3. Afrik Santa Cruz is an indigenous engineering
service company with affiliates in Africa, Americas
and Asia. It offers wide range of services in the
petroleum, housing and IT sectors.
It is managed by highly experienced professionals
focused on tailored engineering solutions for
optimum customer satisfaction.
About us
Highly practical and advanced hybrid delivery
model.
Strong delivery capability to take on any complex
project as far as it is cybersecurity related.
We prefer holding hands to shaking hands.
Cybersecurity solution is our main focus.
Theory of change
We are a true local company but with our global
reach, we offer a very high level practical
experience, know-how, contacts, and
confidentiality.
Reasonably priced fees commensurate with high
quality delivery.
Professional delivery as would be expected of a
large multinational.
Value proposition
Our goal is to change the engineering landscape in
the Sub-Region by bringing, well-thought-out,
innovative and expert driven solutions to our
clients.
ASC aims to be an emerging market leader in
engineering services. This is evident in its strategic
alliance with top firms like, Alphabet Energy
International and WaterFX, Tectonas Softsolutions
etc.
Mission
Background… know us better…
4. Your requirements
You require a firm with not only demonstrable skills and experience in your sector,
but also the ability to deliver seamless information security system and business
support services that match your development plans;
You also want a solution provider that operates on a professional and personal level
resulting in solutions tailored to your needs. While we operate in an environment
that demands honed technical ability and a degree of formality, arising from the
professional standards we observe, we regard ourselves as a flexible and responsive
team that has client relationships at its heart; and
You need cybersecurity solution relevant for tomorrow's environment
You want experts who know their trade/specialty and are sincere about projects that
do not fall within the bounds of their capabilities.
5. Our Promise
Our professionalism is demonstrated in our;
Commitment; our management and staff are absolutely committed to client
satisfaction. We are dedicated to the provision of unique, quality and distinguished
client services. We do this by channeling our best resources to meet clients’ needs.
Understanding; our approach to services is driven largely by our ability to obtain a
clear understanding of our clients’ specific needs. Our philosophy is to provide only
services beneficial to our clients.
Support; our unique strength lies in drawing on a pool of specialists worldwide to
supplement skills unavailable at specific locations to ensure total client satisfaction.
Efficiency; we provide services by riding on efficiency in a co-operative environment.
6. About Afrik Santa Cruz Ltd (ASC)
ASC is a Ghanaian company that provides expert services by localizing international engineering solutions…
To make life easier, it is a well-documented fact that humans are altering the usual ways of communicating
at all scales and unprecedented rate. For this reason, everyone is a major stakeholder in the cyberspace.
Enterprises rely on IT infrastructure to expand operations and enhance productivity. The increasing reliance
on IT systems brings about many challenges from sophisticated IT support system requirement to
increasing IT spending. To tackle these problems ASC adopts an innovative and no-nonsense engineering
centered approach to solving problems.
IT security can be defined as data breach/loss or reduced information system workflow that can adversely
affect the achievement of organisation’s objectives.
IT security issue can be both internally and externally generated. Unlike time past, security issues these days
are fueled by economic reasons. When greed overtakes need, it spells trouble. These can stem from corrupt
employees to shady investors seeking ways to exploit information systems for their advantage.
7. About Afrik Santa Cruz (cont…)
Increased dependence on IT will only enhance the risks of doing business. In today’s world, IT security
risks are not few. The reason companies so often fail to systematically manage these risks is rooted in the
way they define and manage them.
ASC has strong alliance with companies in the US and India to meet IT infrastructure problems. Together
with its affiliate partners, ASC has a team of more than 130 dedicated and highly trained systems
engineers who work on Kernel level modules, Mini Filter drivers, File Systems Drivers, Network drivers to
deliver easy to use and highly secure systems.
We are staffed with qualified professionals viz. BSc, CA, ACCA, CS, CISCO, CISSP, CISA, CRISC, and MSc etc.
8. About Afrik Santa Cruz (cont…)
Products & Services
Our product portfolio encompasses the following broad services;
Under the above broad services, we proffer more than 25 specific cyber security related services. These
explicit solutions are tailored suit clients’ environments.
Our comprehensive service catalogue which spells out service deliverables is available upon request
(Refer to appendix II for the abridged version).
• Secure Remote
Management
• Data Leak Protection
• Forensic and Security
• Patch Management
• Vulnerability assessment
• IT Infrastructure
Management
• Desktop Monitoring
• Asset Management
• Change Management
• Green Management
• Firewall
• IPS
• Anti-Virus
• Content Filtering
• Surveillance System
Management
9. Our Differentiating Factors
• Value for Money
• Strengths in relation to Business Model and Objectives – Track Record of Ethical Practice
• Unique combination of international, senior, hands on industry experience, across all areas of
requirement
• Building enduring relationships with all our clients as trusted business partner
• Strengths in relations to requirements – Track Record in geographical, Professional and Business
areas
• Adding value to client and protection their business is paramount
• Strength in relation to Implementation Plan – Track Record in geographical, Professional areas
Our highly analytical team will help:
• Protect applications implemented on your IT systems
• Protect your data or system’s ability to function
• Enable safe collection and usage of data
• Safeguard technology assets in use
12. Quality Assurance
Quality control and quality management is of paramount importance
Our team is sufficiently resourced through our rigorous ethical values to develop and deliver quality
services to our clients. Criminal background checks are conducted on employees by the Criminal
Investigation Department of Ghana Police Service.
Personnel adhere to standards of Integrity, Independence, Confidentiality and Objectivity.
Our professionals are required to attend business specific continuing education courses, internal and
external industry trainings.
CONTINUOUS IMPROVEMENT
Quality
culture
Analysis
&
Planning
Our operating policies are based upon and are fully
compliant with International Standards.
In addition, there is a Quality Review Programme which
ensures that our review process is in compliance with
documented policies and procedures.
Quality performance reviews are an integral component
of our system of quality control.
Delivery
Measure
Results
HRM
Processes
Order
13. Clear Continuous Communication
We are well aware of your confidentiality requirements hence we are committed to maintaining strict
code of confidentiality.
Our firm policy requires that affairs of clients be confidentially kept at all times.
At ASC, open and honest communication is a Core Value. Our experience leaves us in no doubt that a
successful relationship is based on trust and candid, proactive communication.
Regular and open two-way communication is fundamental to all aspects of our services. As an initial
priority, we will agree with you the Communication Plan for all our key meetings. This will help ensure
there are formal and informal opportunities for all key stakeholders to be kept informed on issues of
importance.
14. Our Team Credentials
BradleyPate
International Director – Afrik Santa Cruz
Accomplished Petroleum Engineer and a businessman.
More than 33 years Project Management and Petroleum Engineering
More than 25 international experience in every continent except Australia and Asia.
Led Projects with budget exceeding US$700 million
JohnSelorm
Principal – Afrik Santa Cruz
Accomplished Chartered Accountant.
Strong IT background and worked with top accounting firms in the world on client systems.
Worked with clients in a wide variety of industries including trading, retail and consumer goods, NGO,
manufacturing and banking and finance. Major clients include banks, investment companies,
manufacturing organizations etc
15. Our Team Credentials
CharlesKane
Chief Information Officer – Afrik Santa Cruz
Highly experienced IT professional
Over 13 years in IT resource management experience
Managed Information System’s projects on oil fields in Ghana, Cote D’Ivoire, Sierra Leonne etc.
Harvard college trained with diverse IT skills and professional qualification including; CISA, Red hat os/mail,
web, satellite operation and installation, Cisco CCNA etc.
PerryGreene
Principal Consultant – Santa Cruz Energy
Highly accomplished IT security professional with experience across various industries in USA.
More than 11 years information security and compliance experience
Strong in vendor audits on ISO27001 and 27002 control and other compliance frameworks like COSO,
COBIT, NIST, ISO etc.
Professional trainings include; six sigma, Cisco CCNA, CISSP, CISA, VMWare, Qualys, Archer, Qradar, CRISC,
MCP, Arcserv, SAP PCI HIPAA SOX etc.
16. Our Team Credentials
ShrutiPundalik
Chief Consultant – Santa Cruz Energy
Accomplished IT security professional with experience in India and USA across various industries.
Designed and implemented effective and efficient projects similar to Uber booking systems
Conducted architecture and interface design on the admission system for University of Baltimore, Maryland
and other projects such as Bitcoin.
Professional trainings include; Matlab, Keil Uvision, Verilog, Khazama, CodeVisionAVR, C++, C, PL/SQL, Eagle
5.6, Multisim etc.
ManaChuri
Chief Consultant – Santa Cruz Energy
Highly experienced IT security specialist with experience in India and USA across many industries.
Worked with Dell on security system projects including managing and mentoring different teams.
Worked as an engineer at CISC Source responsible for remote on-site engineers etc.
Professional skills include; Kerberos, SSL, IPSec, IDS, IPS, Firewalls, Application Proxy, Wireless Security,
Cisco CCNA, CCNP Routing & Switching, DHCP, DNS, Cisco CCNA, CCNP Routing & Switching, DHCP, DNS,
C++, C, Python etc.
17. Partners Credentials
JoachimNessere
Chief Consultant – Afrik Santa Cruz
Highly skilled IT security trainer and consultant.
Served as the IT security training consultant for GIMPA, IPMC, Zentech Ghana etc.
Designed and implemented advanced server infrastructure across different systems
Professional accreditations include: Novell Certified Linux Administrator , Net IQ Identity, security etc.
expert, MSPRP member, IAMCT Member etc.
RajeshTripathy
CEO/COO – Tectonas Softsolution
Accomplished IT security engineer and a businessman.
Established and run IT security company in India for the past 17 years
Executed large IT security infrastructure solutions across Asia, Africa and the United States.
Developed IT security software across key industries in India, Asia etc.
18. Contacts
Afrik Santa Cruz
2nd Fl00r Chataeu Dieu,
Adenta, Estate
Accra, Ghana
Phone: +233 208 703 344
john.selorm@afriksantacruz.com
Santa Cruz Energy
124 Dickens Dr
Coppell, Texas 75019-2104
United States
Phone: +128 170 019 139
Bradley.pate@santacruzenergy.com
Afrik Santa Cruz
Abidjan, Cote d’Ivoire
Phone: +255 045 728 04
Charles.kane@afriksantacruz.com
info@afriksantacruz.com
www.afriksantacruz.com
THANKS
20. Our Methodology
Our methodology is comprehensive and systematic which focuses on meeting
clients’ organisational objectives. We fully recognise the need to provide
assurance on your system stability.
The key benefits of our approach are:
o Comprehensive & systematic;
o Focus on areas considered as potentially & most likely to lead to breach in
data or system malfunction;
o Our procedures are based on project planning techniques, including the use
of automated processes and document templates, and the agreement of
objectives, timetables, responsibilities and careful resource planning;
o The focus of our reports are to generate constructive and value added
advice; and
o Identifies performance improvement and cost reduction opportunities
Understanding
Your Business
Risk
Assessment
Planning
Field Work
Critical Issues
Reporting/
Implementation
21. Our Methodology (Cont..)
UNDERSTANDING THE BUSINESS
Our top-down risk-based approach ensures that the focus is on the issues that are of greatest importance
to you and that we are in the most appropriate position to respond to them. Our system audit starts with
a detailed understanding of your industry and business.
Our approach is based on a top-down examination of the key drivers and system workflow of your
business. The output is a balanced picture of how the company interacts with customers and external
industry forces. We consider the implications of this analysis and use it to identify significant risks.
We use industry specific business models to gain information on:
• industry background including major players, regulatory changes and trends,
• risks and drivers,
• geographic issues,
• descriptions of business processes,
• benchmarks and best practice and
• system risks.
22. Our Methodology (Cont..)
RISK ASSESSMENT
In order to run your business, you develop processes in IT systems to manage the factors that drive performance and
help meet your objectives. We focus on those processes and systems to help yield meaningful results. This phase of
our work enables us to obtain information on the processes supporting the achievement of the company’s goals.
STRATEGY AND PLANNING
Based on the understanding of a client’s business we devise a strategy. We then develop detailed programs to
improve and guard your systems.
FIELD WORK
The work flows from strategic planning and risk assessment. The key element is to review and test the high level
controls embedded in your processes, as significant weaknesses in your key processes could cost, both in terms of
data loss and reputational damage.
REPORTING AND IMPLEMENTATION
We identify and discuss all critical issues with management. We then determine whether the Company’s system
stability meet our expectations. We provide report and any other deliverables to management.
23. Our Methodology (Cont..)
Our focused IT audit methodologies and tools also help to evaluate and test whether the Company’s
information systems are configured for data integrity, are secure and are effectively managing the
business needs. Our highly skilled business and IT personnel help identify aspects of IT that pose the
highest risk to the Company.
We then conduct a systematic, detailed review of those areas in which we:
o identify appropriate IT control objectives that map to key business processes;
o identify relevant IT policies and procedures and/or industry IT standards; and
o evaluate the design of controls and test whether they are in place and operating effectively.
24. Our Methodology (Cont..)
METHODOLOGIES
• Continuity management
• System capabilities & availability
• Back and recovery
• Data storage
• Network penetration testing
• Information security assessment
• Enterprise security architecture &
integration
• Ongoing monitoring
• Process documentation
• Control risk analysis
• Control & design implementation
• Project risk assessment
• Quality assurance
• Project management methodology
• Programme management processes
25. Our Methodology (Cont..)
INTELLIGENT USE OF TECHNOLOGY
Technology is only one component of an integrated approach that combines methodology, knowledge and
technology into our tailored service to you. We deliver our system audit services using a fully automated
audit software. This software is designed specifically to integrate knowledge management into the audit
process. Technology can never be a substitute for face-to-face communications and we continue to rely on
meetings with management to identify, resolve and communicate issues.
Technology
Knowledge
Methodology
27. Why you need cybersecurity
In today’s global, digital world, data rule. Many of our daily activities involves data paths. Safeguarding
intellectual property, financial information, and your company’s reputation is a crucial part of business
strategy.
Cybercrime has become a big business. Cybercrime is costing the global economy up to $450 billion
annually and it is expected to exceed 1 Trillion by 2020 (Report by Hamilton Place Strategies).
The report also warns that “if you’re in business today, it’s nearly a guarantee you’ll be hacked at some
point over the next couple of years”, which makes these findings all the more significant.
The TRUTH IS, YOUR DATA HAS PROBABLY BEEN BREACHED WITHOUT YOUR KNOWLEDGE…you will only
be confronted with the consequences in the future.
IT security is about defense in depth. Providing such a security involves physical security as well as a well-
designed network, control over the users and processes on the host itself, and regular maintenance.
28. Why you need cybersecurity (Cont..)
Some cyber threats your organisation maybe exposed to without cybersecurity include:
Categories of Threat Examples
Deliberate software attacks Viruses, worms, macros, denial-of-service
Technical software failures or errors Bugs, code problems, unknown loopholes
Technological obsolescence Antiquated or outdated technologies
Deliberate acts of information extortion Blackmail of information disclosure
Deliberate acts of espionage or trespass Unauthorised access or data collection
Compromises of intellectual property Piracy, copyright infringement
Acts of human error or failure Accidents, employee mistakes
Forces of nature Fire, flood, earthquake, lightning
Deliberate acts of sabotage Destruction of system or information
Deliberate acts of theft Illegal confiscation of equipment or information
29. Why you need cybersecurity (Cont..)
Some attack replication vectors your organisation maybe exposed to without cybersecurity include:
Vector Description
Web browsing If an infected system has write access to any web page, it makes all web content files
(.html, .asp, .cgi, etc.) infectious, so that users who browse to those pages become
infected.
Simple Network
Management Protocol
Attacking program gaining control of a device due to widely known and common
password employed in early version of protocols.
Virus Infection through common executable files through virus code
Mass mail If an infected email runs through an address book, infected machine infects many
users. Subsequently, mail-reading programs also automatically run the program and
infect other systems.
Unprotected shares Using vulnerabilities in file systems and the way organisations share configure them,
the infected machine copies the viral component to all locations it can reach
IP scan and attack The infected system scans random or local range of IP addresses and targets any of
several vulnerabilities known to hacker from previous exploits such as Code Red,
Back Orifice, or PoizonBox.
31. Service Description When to be Proposed to
Customer/Client
Activity
Incident Tracking and Audit Customer has had a major cyber-security
incident where they may have had data
loss, data corruption or systems not
being available to the
users/customers/partners
Investigate incident and provide
Survey Reports for; affected
users and systems
Cyber Security Audit
Customer wants to implement Cyber
Security Policy as per their defined
Policies in the organization.
Survey of;
• End Points (PCs),
• Servers
• Network Equipment
• BOYD Patterns
• Shadow IT
• User Behaviour
Service catalogue
32. Service Description When to be Proposed to
Customer/Client
Activity
Cyber Security Policy Rollout Customer wants to implement Cyber
Security Policy as per their defined Policies
in the organization.
• IT Systems Survey
• End User Training
• Delivery of Audit Systems
Cyber Security Policy Creation
Customer has no Cyber Security Policy and
wants to start new.
• Detailed Survey of IT Systems
• Identify IT & User Control Points
• Identify Compliance Check
Points
Forensic Audit Customer has no idea of their current
Cyber Security Posture or if they are
compromised or not compromised.
• Log Analysis
• ID Presence of internal/external
malicious agents
• Forensic analysis to assess if IT
systems are compromised or IT
system availability analysis
Service catalogue (Cont…)
33. Service Description When to be Proposed to
Customer/Client
Activity
Cyber Defence Integration Customer has many cyber defense
systems like anti-virus, firewalls etc. And,
these systems are not working in an
integrated manner.
• Integrate disparate systems to single
Dashboard
• Identify Cyber Security Chock Points.
Firewall Induction.
Client does not have a firewall and wants
to implement a firewall.
• Identify make and model of Firewall that best
suits the Clients needs. Acquire, install and
commission the firewall.
Firewall Review and
Configuration
Client has an existing firewall and has
performance and security issues.
• Capacity/Performance of the firewall.
• Check firewall addresses i.e. security +
performance needs of the client.
• Upgrade, changes and recommission the
firewall.
Service catalogue (Cont…)
34. Service Description When to be Proposed to
Customer/Client
Activity
Intrusion Prevention
System (IPS) Induction.
Client does not have a IPS and wants to
implement a IPS.
• Identify make and model of IPS that best
suits the Clients needs. Acquire, install and
commission the IPS.
IPS Review and
Configuration.
Client has an existing IPS and has
performance and security issues.
• Identify make and model of Firewall that best
suits the Clients needs. Acquire, install and
commission the firewall.
Firewall Review and
Configuration
Client has an existing firewall and has
performance and security issues.
• Do a capacity + performance of the IPS, and
check whether the same IPS addresses the
security + performance needs of the client. If
yes, identify changes to IPS configuration.
Upgrade the changes and recommission the
IPS.
Service catalogue (Cont…)
35. Service Description When to be Proposed to
Customer/Client
Activity
Patch Management
Induction.
Client does not have a Patch
Management and wants to implement a
Patch Management.
• Identify make and model of Patch
Management that best suits the Clients
needs. Acquire, install and commission the
Patch Management.
Patch Management
Review and Configuration.
Client has an existing Patch Management
and has performance and security issues.
• Do a capacity + performance of the Patch
Management, and check whether the same
Patch Management addresses the security +
performance needs of the client. If yes,
identify changes to Patch Management
configuration. Upgrade the changes and
recommission the Patch Management.
Proxy Induction. Client does not have a Proxy and wants
to implement a Proxy.
• Identify make and model of Proxy that best
suits the Clients needs. Acquire, install and
commission the Proxy.
Service catalogue (Cont…)
36. Service Description When to be Proposed to
Customer/Client
Activity
Proxy Review and
Configuration
Client has an existing Proxy and has
performance and security issues.
• Do a capacity + performance of the Proxy,
and check whether the same Proxy addresses
the security + performance needs of the
client. If yes, identify changes to Proxy
configuration. Upgrade the changes and
recommission the Proxy.
Singly Sign-on (SSO)
Induction.
Client does not have a SSO and wants to
implement a SSO.
• Identify make and model of SSO that best
suits the Clients needs. Acquire, install and
commission the SSO.
SSO Review and
Configuration.
Client has an existing SSO and has
performance and security issues.
• Do a capacity + performance of the SSO, and
check whether the same SSO addresses the
security + performance needs of the client. If
yes, identify changes to SSO configuration.
Upgrade the changes and recommission the
SSO.
Service catalogue (Cont…)
37. Service Description When to be Proposed to
Customer/Client
Activity
Anti-Virus Induction. Client does not have a Anti-Virus and
wants to implement a Anti-Virus.
• Identify make and model of Anti-Virus that
best suits the Clients needs. Acquire, install
and commission the Anti-Virus.
Anti-Virus Review and
Configuration
Client has an existing Anti-Virus and has
performance and security issues.
• Do a capacity + performance of the Anti-
Virus, and check whether the same Anti-Virus
addresses the security + performance needs
of the client. If yes, identify changes to Anti-
Virus configuration. Upgrade the changes
and recommission the Anti-Virus.
Data Loss Prevention
(DLP) Induction.
Client does not have a DLP and wants to
implement a DLP.
• Identify make and model of DLP that best
suits the Clients needs. Acquire, install and
commission the DLP.
Service catalogue (Cont…)
38. Service Description When to be Proposed to
Customer/Client
Activity
Data Loss Prevention
(DLP) Review and
Configuration
Client has an existing DLP and has
performance and security issues.
• Do a capacity + performance of the DLP, and
check whether the same DLP addresses the
security + performance needs of the client. If
yes, identify changes to DLP configuration.
Upgrade the changes and recommission the
DLP.
Threat Intelligence
System.
Client has existing Security Policy and
Audit Framework and wants pro-active
Cyber Security Threat Information.
• Security Posture Study of the Organization
and Business Vertical.
• Complete capability assessment of Key Cyber
Security Team.
Ransomware Mitigation Client perceives that they can be
targeted or other peer organizations of
the client have been targeted using
Ransomware.
• IT Systems Survey
• User IT usage profile
• User Critical Data/Process Survey
Service catalogue (Cont…)
39. Service Description When to be Proposed to
Customer/Client
Activity
Vulnerability Assessment
and Penetration Testing
Client wants to have a regular
Vulnerability Assessment and Penetration
Testing done of their IT Infra-structure..
• IT Systems Survey.
• Network Survey
Service catalogue (Cont…)
Thanks