Introductions How we got here: Referral from Ted Schlein Call Participants: Joseph Loomis Former founder & CEO of Net Enforcers [Online Brand Protection] Sold Net Enforcers, debt-fee and very profitable. Formally licensed Private Investigator Cooperative member with the FBI & DEA’s divisions on Cybercrime. Customers included Sony, Pfizer, Eli Lilly, Apple, MSFT, Novartis, etc. Spyro Malaspinas IBM, VeriSign, Symantec & Protiviti PCI-DSS and forensic breaches, remediation and security and compliance consulting Routinely responds to high profile financial services and credit card incidents Methodically positioned new security and compliance programs
Who is CyberSponse? Joseph Loomis, CEO & Co-Founder • Former CEO & Founder, Net Enforcers Paul Janisko, CTO & Co-Founder • Founder of Rendered Source, LLC Spyro Malaspinas, CSO & Co-Founder • IBM, Symantec, VeriSign, Protiviti Stephen Grutzius, CMO • Emil Herich, General Counsel • Matt LaVelle, General Counsel •
The Problem: The state of incident response in most organizations: - Comes in the form of a word document - Is rarely if ever tested - Was established to meet a regulatory requirement, or legal agreement - Was copied and pasted from another organization, not catered to the organization - Does not include any contingency planning, e.g. whom do I call if we are over our head/ill prepared - Does not include mechanics for communicating securely internally or externally regarding the incident - Does not lend itself to process improvement, utilizing archaic systems to triage very stressful events that can include many unknowns - Is very manual - Does not provide any need to know boundaries around sensitive information - Medium sized businesses, and those without a dedicated security team are left with little direction
The Solution The CyberSponse IMS (Incident Management System) is a cloud and • appliance based technology offering incident management workflow, secure collaboration, and planning tools for security incident preparation and remediation. A business to business directory linking clients to organizations that • can assist in bolstering security capabilities, perform forensic/incident response services, security auditing, managed services, and product based security and compliance solutions. Numerous compliance requirements and security best practices include • the need for a well-developed and annually tested incident response process. PCI, SOX & ISO 27001 and each require a formal incident • response program that must include a process, procedure, and annual testing.
The IMS System Includes: Secure Message Delivery System with Mobile Integration • Tried and true, Customizable Incident Response Frameworks • Semi-automated Incident Response management workflows • Business to Business directory services • Incident Response Security Policy and Procedure Templates • Triage Process Flow Charting & System Illustrations • Integrated Privacy Law and Regulations Database by state/country • Security Focused Content & Task Management Console • Task Assignment Design System with reminders on performance reporting • Executive Management Reporting Console • Visual Architecture Interfacing during attack • Incident Response Simulation Testing • Secure Collaboration based upon RBAC; internal and external communication • Customizable User Rights Management Console • Evidence/classified Communications based upon role and responsibility • Secure repository for security documents and sensitive communication •
Industry Changes… Using IMS Speed to Mitigation of a Breach • Efficiently address breach reporting requirements • Working Incident Response frameworks • Realization of Risks associated with Cyber Connectivity • Consolidated Communication medium for Cooperative Organizations • Less Downtime for Customers • Shift to Pro-active Customer Thinking • Improvement in Cross Vendor Communications • A New Standard of Secure Communication •
Synergy with Strategic Partners… Direct link to: • Mandiant Professional Services Mandiant Incident Management Product Offerings Web integration: • Mandiant PS to utilize platform for forensic investigations and IR Mandiant to integrate CyberSponse workflows into existing MCIRT and Mandiant Intelligent Response Comprehensive IR solution • Allows organizations to perform more self serve operations • Creates efficiencies in trusted communication • Allows Mandiant to service more organizations and breaches •
Discussions & Next Steps
Recommend
More recommend