Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security Services CIO Council Update

Published byCharlotte Thompson Modified over 6 years ago

Similar presentations

Presentation on theme: "Information Security Services CIO Council Update"— Presentation transcript:

1 Information Security Services CIO Council Update
Nov. 27, 2017 Monday 2:10 – 2:40 Smith 561

2 Purpose and Intended Outcome
To brief the CIO Council on the HUIT Security updated service catalog, including the availability of managed security services (MSS) Intended Outcome Receive feedback from the CIO Council on service catalog updates and guidance on whether the MSS is of broader interest

3 Background Services in the Information Security catalog have not been reviewed since they were established 6 years ago We have heard that our customers like working with us, but that they are not always clear on the set of services we offer or their scope Our current expansion into managed security services and our desire to leverage the service model further necessitated a revamping of our catalog Going forward, we would like to leverage the service model as a significant part of our planning and roadmap development

4 Mapping of Existing to Proposed Services – available to all schools
Service Offering (existing) Service Offering (proposed) Security Awareness Security Training Security Architecture, Engineering, and Risk Assessment Risk Assessment Vulnerability Assessment * Source Code Analysis Security Operations and Response Security Incident Response * Network Security Monitoring and Alerting Endpoint Security Monitoring and Alerting * Security Compliance DMCA/HEOA Compliance Security Consulting (newly defined) Information Security Governance (newly defined) Individual Risk Mitigation (under development) Threat Feed Service (under development) Authentication Management and Security Services “Shifting left” * Includes a second tier as part of the managed security service (MSS)

5 Managed Security Services (MSS)
Launched in response to schools who approached HUIT Security about exploring ways to staff up their security practice Chose to go the route of expanding services for an additional cost instead of hiring dedicated staff Leverages shared expertise in HUIT Security instead of trying to find one person who can meet the diverse security needs in a school In no way intended as a means of reducing existing services Starting with three managed service offerings to meet initial demands, looking to expand during the remainder of this year Endpoint Security Monitoring and Alerting (CrowdStrike) Vulnerability Assessment (Tenable/Nessus) Security Incident Response and additional capabilities Finalizing cost for FY19 – proposed model is 70% of the loaded midpoint salary of a grade 58 staff member (currently calculates to $95K/year)

6 Endpoint Security Monitoring and Alerting
Core Offering MSS Offering Alert Management notification of alerts Review of Critical and High priority alerts on a daily basis Best effort deeper analysis on request Containment for critical alerts Review of all alerts Remove false positives Deeper analysis when applicable File review and analysis Containment as defined by school Agent Management License management and expense Deployment on standard schedule (3-5 days post release by CrowdStrike) Latest agent version supported on the OS Standard prevention policy Custom deployment groups/schedule Custom prevention policies Metrics Develop metrics as requested by school. Possibilities include: Number of hosts installed/updated Percentage of hosts installed/updated Frequent alerts Users/groups with higher than average alerts

7 Vulnerability Management
Core Offering MSS Offering Agent Deployment Management License management and expense Updated Agents and Portal Develop automation for installation Agent monitoring Scan Management Best effort scanning/alerting based upon newly discovered critical vulnerabilities Deploy scanners per environment Develop Custom Scans Prioritization for remediation Understand impact/likelihood Provide clear steps to remediation/compensating controls Review/Classification of systems (based upon data security levels) Metrics Develop metrics as requested by school Integration with other data sources Splunk Access control devices

8 Security Incident Response and additional capabilities
Core Offering MSS Offering Incident Response Notification to SSO of externally notified incidents Engagement/surge support in cases involving significant intrusion or possible HRCI access/exfiltration Review of and feedback on documentation of environment as it pertains to HUIT ability to engage during incident response Analysis in cooperation with SSO of externally notified incidents Engagement/surge support during moderate severity incidents Assistance in developing appropriate documentation to enable HUIT to effectively understand the environment during incident analysis and response Work with school to understand local security management systems (e.g., log collection, firewalls, etc.) Annual tabletop review/exercise Process Improvement & Automation Activities Will deliver developed process improvements/automation activities in an ongoing fashion Will work with school to prioritize HUIT process improvement/automation activities that meet identified analytic needs Metrics Develop metrics as requested by school Will attempt to integrate HUIT systems with school based data sources

9 Current Status Launched at start of the fiscal year
Two schools signed up Slowly ramping up Building some useful tools and capabilities Already realized benefits

10 Questions for CIO Council
Does the new service catalog align better with your understanding of what HUIT Security provides? Does the MSS meet a need within the schools? What services should be the targets for enhancement under the MSS?

Download ppt "Information Security Services CIO Council Update"

Similar presentations

Roadmap for Sourcing Decision Review Board (DRB)

Roadmap for Sourcing Decision Review Board (DRB)
BENEFITS OF SUCCESSFUL IT MODERNIZATION

BENEFITS OF SUCCESSFUL IT MODERNIZATION
Page 1 Innovation Working Group Dan Montgomery, Chair, Innovation Working Group Agenda Item 8-A IAASB Meeting, September 15-19, 2014 New York, USA.

Page 1 Innovation Working Group Dan Montgomery, Chair, Innovation Working Group Agenda Item 8-A IAASB Meeting, September 15-19, 2014 New York, USA.
Computer Security: Principles and Practice

Computer Security: Principles and Practice
GLOCO – Integrated Corporate Portal Final Presentation Presented by Team 3 1 Team 3 Members: Joyce Torres Kenneth Kittredge Pamela Fisher Ruzhena Saltisky.

GLOCO – Integrated Corporate Portal Final Presentation Presented by Team 3 1 Team 3 Members: Joyce Torres Kenneth Kittredge Pamela Fisher Ruzhena Saltisky.
Network security policy: best practices

Network security policy: best practices
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
IModus User Group 18 th September. Welcome Group Introductions Brand Update Mobilising iModus Introducing the new range Discussion - Mobilising your business.

IModus User Group 18 th September. Welcome Group Introductions Brand Update Mobilising iModus Introducing the new range Discussion - Mobilising your business.
Lean and (Prepared for) Mean: Application Security Program Essentials Philip J. Beyer - Texas Education Agency John B. Dickson.

Lean and (Prepared for) Mean: Application Security Program Essentials Philip J. Beyer - Texas Education Agency John B. Dickson.
QAD's Customer Engagement Dan Blake Consultancy Development Director, QAD QAD Explore 2012.

QAD's Customer Engagement Dan Blake Consultancy Development Director, QAD QAD Explore 2012.
XA R7.8 Upgrade Process and Technical Overview Ruth Anne Pharr Sr. IT Consultant, CISTECH Inc.

XA R7.8 Upgrade Process and Technical Overview Ruth Anne Pharr Sr. IT Consultant, CISTECH Inc.
Information Security Issues at Casinos and eGaming

Information Security Issues at Casinos and eGaming
Training on ManageEngine Desktop Central

Training on ManageEngine Desktop Central
OSF/ISD Project Portfolio Management Framework January 17, 2011.

OSF/ISD Project Portfolio Management Framework January 17, 2011.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Quality Assurance. Identified Benefits that the Core Skills Programme is expected to Deliver 1.Increased efficiency in the delivery of Core Skills Training.

Quality Assurance. Identified Benefits that the Core Skills Programme is expected to Deliver 1.Increased efficiency in the delivery of Core Skills Training.
MD Digital Government Summit, June 26, 2006 1 Maryland Project Management Oversight & System Development Life Cycle (SDLC) Robert Krauss MD Digital Government.

MD Digital Government Summit, June 26, Maryland Project Management Oversight & System Development Life Cycle (SDLC) Robert Krauss MD Digital Government.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.

Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.
What Can Go Wrong During a Pen-test? Effectively Engaging and Managing a Pen-test.

What Can Go Wrong During a Pen-test? Effectively Engaging and Managing a Pen-test.

Similar presentations

Ads by Google