Welcome Information Security Office Services Available to Counties Security Operations Center Questions.

Slides:

Advertisements

Similar presentations

Incident Response Managing Security at Microsoft Published: April 2004.

Advertisements

1 Chapter 7 Intrusion Detection. 2 Objectives In this chapter, you will: Understand intrusion detection benefits and problems Learn about network intrusion.

© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.

August 9, 2005 UCCSC IT Security at the University of California A New Initiative Jacqueline Craig. Director of Policy Information Resources and.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

The Way Ahead for Information Systems Security: What You Don’t Know Can Hurt You Christopher Baum Research Vice President Global Government NYSCIO Conference.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Website Hardening HUIT IT Security | Sep

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Information Security Update CTC 18 March 2015 Julianne Tolson.

© TecSec® Incorporated 2003 Threat Notification Model for Federal, State and Local Authorities Threat Notification Model for Federal, State and Local Authorities.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Thursday, January 23, :00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.

Copyright Security-Assessment.com 2004 Vulnerability Management Explained By Peter Benson.

Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.

Knowing What You Missed Forensic Techniques for Investigating Network Traffic.

IT Security – Scanning / Vulnerability Assessment David Geick State of Connecticut IT Security.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.

HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

Agency Name Security Program FY 2009 John Q. Public Agency Director/CIO/ISO.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

Role Of Network IDS in Network Perimeter Defense.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Information Security tools for records managers Frank Rankin.

2© Copyright 2013 EMC Corporation. All rights reserved. Cyber Intelligence Fighting Cyber Crime Insert Event Date LEADERS EDGE.

Palindrome Technologies all rights reserved © 2016 – PG: Palindrome Technologies all rights reserved © 2016 – PG: 1 Peter Thermos President & CTO Tel:

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.

SIEM Rotem Mesika System security engineering

Your Partner for Superior Cybersecurity

EAST AFRICAN DATA HANDLERS DATA SECURITY/MOBILITY

OIT Security Operations

Information Security Program

Firmware threat Dhaval Chauhan MIS 534.

Cybersecurity - What’s Next? June 2017

Team 1 – Incident Response

Compliance with hardening standards

Active Cyber Security, OnDemand

Leverage What’s Out There

Cybersecurity Policies & Procedures ICA

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Joe, Larry, Josh, Susan, Mary, & Ken

Security Automation Standards Landscape

I have many checklists: how do I get started with cyber security?

IT Development Initiative: Status and Next Steps

Cyber Defense Matrix Cyber Defense Matrix

Intrusion Detection & Prevention

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Best Practices in Cyber Security Maggy Powell Senior Manager Real-Time Systems Security Exelon 21 March 2018.

IS4680 Security Auditing for Compliance

Shifting from “Incident” to “Continuous” Response

Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.

Chapter 4: Protecting the Organization

Risk Mitigation & Incident Response Week 12

Best Practices in Cyber Security Maggy Powell Senior Manager Real-Time Systems Security Exelon 26 September 2018.

Cyber Security in a Risk Management Framework

In the attack index…what number is your Company?

Cybriant Partner Partner Program White Label Materials

Presentation transcript:

Welcome Information Security Office Services Available to Counties Security Operations Center Questions

Information Security Office (ISO) Background Mission: Promote the secure use of information technology resources and effectively manage the associated risks. Office of the Chief Information Officer (OCIO) Bob von Wolffradt, Chief Information Officer (CIO) Jeff Franklin, Chief Information Security Officer (CISO) Information Security Office (ISO) Staff of 14 Employees Supported by all of OCIO Staff Open 7-5 Monday thru Friday Incident On-Call (24/7) Duty Manager Duty Officer Full Service Information Security Office

Page 3 The CIS Critical Security Controls for Effective Cyber Defense

Services Available to Counties Iowa Homeland Security Grant Vulnerability Management Patch Management Intrusion Detection (IDS) Anti-Malware Security Operations Center

Vulnerability Management – CSC 4, 1, 2 IP360 Device Profiler Scans for every device on your network Lists vulnerabilities by importance Vulnerability scores to help prioritize Reduces Risk Current Iowa County Participation Total: 46

Patch Management – CSC 4 Asset Discovery Third Party Patching Auditing and Remediation Helps Prioritize Your Risk Current Iowa County Participation Total: 6

Malware Detection – CSC 8 Asset Discovery Third Party Patching Auditing and Remediation Helps Prioritize Your Risk Current Iowa County Participation Total: 6

Intrusion Detection – CSC 12 New Service For Participating Counties Open Source Solution Talos Rule Set (SourceFire) Initial Rollout to 13 Counties Alert Monitoring and Reporting by ISO SOC

Configuration Management – CSC 3, 11 Discover and Audit Configurations. Agentless Scans Network for Compliance Apply Compliance and security standards Reduces Risk Currently in Pilot

Security Operations Center – CSC 19 Why a Security Operation Center? Real Time Monitoring Identifying Attacks (Alerting) Respond Faster (Investigate) Remediation Recover

Vulnerability Management- The cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities", especially in software and firmware. Patch Management - Systems management that involves acquiring, testing, and installing multiple patches (code changes) to an administered computer system FireEye – NX and HX provides automated threat forensics and dynamic malware protection against advanced cyber threats. Intrusion Detection System – Systems that monitor for malicious activities, policy violations and suspicious traffic on a network. Configuration Management – A process for establishing and maintaining consistency of a computer, server, mobile devices performance, functional, and physical attributes with its requirements, design, and operational information throughout its life. Security Operation Center (SOC) - Provides situational awareness through the detection, containment, and remediation of IT threats. The SOC manages incidents for the enterprise, ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. The SOC also monitors applications to identify a possible cyber- attack or intrusion (event) and determine if it is a real, malicious threat (incident), and if it could have a business impact. Information Security Office

Questions? Contact: Jeff Franklin Chief Information Security Officer (515) Contact: Dan Powers Manager, ISO (515)