Presentation is loading. Please wait.

Presentation is loading. Please wait.

INFORMATION SECURITY DISCUSSION © 2015 Trojan Horse Security Inc., all rights reserved1.

Published byAlexandra Ross Modified over 9 years ago

Similar presentations

Presentation on theme: "INFORMATION SECURITY DISCUSSION © 2015 Trojan Horse Security Inc., all rights reserved1."— Presentation transcript:

1 INFORMATION SECURITY DISCUSSION © 2015 Trojan Horse Security Inc., all rights reserved1

2 What Keeps Our Clients Up at Night? Security tops every major CIO priority survey © 2015 Trojan Horse Security Inc., all rights reserved 2 Biggest Concerns: Are you worried about a headline-making breach involving sensitive customer data? Are you concerned with government requirements around protection of personal data? Will you meet compliance requirements? Do you have sufficient security IT resources and partners to manage your security and compliance needs? Have you included security in your latest hosting, recovery, and cloud initiatives? Have you validated your security gaps and do you have a plan to correct and mitigate vulnerabilities? Are your web applications secure? How do you manage intrusion detection and alerting, capture and store log data, employee web usage among other technology needs? Are you cyber resilient?

3 Why Trojan Horse Security Inc. for Security? THS had a team of the best information security consultants in the business. THS offers a full spectrum of information security services. THS consultants are experts at building infiltration and have infiltrated top, high security facilities. THS specializes in corporate security and prides itself in only employing the worlds top information security consultants. All THS consultants have over 10 years experience and are industry leaders. They have all, at one point in time, worked for a major consultancy in a senior role. THS is consultant owned and as such are able to give the most dedicated service and still out bid any other consultancy – guaranteed. © 2015 Trojan Horse Security Inc., all rights reserved3

4 Security Elevator Pitch & Proof Points Trojan Horse Security is built on 3 pillars: Quality Senior level consultants with a minimum of 10 years experience each Industry leaders with global experience Credentialed employees (CISSP, QSA, CEH, etc.) Physical security services conducted by former Secret Service Presidential Detail, Black-Ops and Seal Team Six. Media coverage Value Low overhead means flexible consulting rates Ability to offer low introductory rates High Quality to Price ratio = Value Service Responsive communications Old fashioned “customer is always right” attitude Custom tailoring according to individual client needs © 2015 Trojan Horse Security Inc., all rights reserved4

5 Security Consulting Offering (Line Item View) © 2015 Trojan Horse Security Inc., all rights reserved5 Remediation  Security PMO ► Security Staff Augmentation ► Continuous Advisory Assistance ► Process/Policy Development Staff Augmentation ► Incident Handling & Forensics ► Implementations ► Training ► Architecture Segmentation ► Breach Detection Project-Based Engagements Controls-Based Assessments ► PCI Assessment ► Formal Report On Compliance ► ASV Scanning ► Remediation Services ► PCI Design Assistance ► Audit Prep ► Continuous QSA PCI ► HIPAA Assessment ► Design and Remediation Services ► PII Scanning HIPAA ► Enterprise Assessment ► Security Framework Roadmap ► Baseline Assessment Lite ISO 27002:2013 NIST 800-53 Technical-Based Assessments Services ► Internal Testing ► External Testing Penetration Testing Vulnerability Assessments ► Web Application Assessment “Black Box” Business Logic ► Web Services Assessment Web Application Testing ► Application Code Review “White Box” Tests internal structures of application Code Reviews ► Vulnerability Assessment ► Internal Testing ► External Testing Strategy ► Virtual CISO ► Security Roadmaps ► Security Policy Development Strategy ► Business Process Integration ► Security Frameworks Design Data Governance ► Security Risk Assessment ► Targeted Readiness Assessment Risk Assessment ► Program Management and Design Program Assistance 5

6 Cyber Resilience Program Cyber security strategy review Incident management assessment and exercise On-call forensic response retainer Breach indicator vulnerability assessment Vendor management and sampling evaluation © 2015 Trojan Horse Security Inc., all rights reserved6 Trojan Horse Security develops and enhances cyber security capabilities to provide better assurance against security breaches and vulnerabilities and provide real-time expertise in the event of an actual breach or attack  Cybersecurity strategy review. Assess organizational information security program against NIST cybersecurity framework and align to ISO 27002 standard with an output consisting of a milestone-based roadmap to be leveraged as the cybersecurity strategy moving forward.  Incident management assessment and exercise. Assess overall cyber ability to respond to threats and incidents with focus on communications, existing and consistent processes, organizational flow, and required to-be state.  On-call forensic response support and retainer. Incident response support as necessary based on client alerts and declarations to provide real-time support to breaches.  Breach indicator vulnerability assessment and penetration testing. Quarterly onsite review of client IT landscape for vulnerabilities, malware, incident residue, persistent threats, and other unseemly activities and reoccurring penetration testing.  Third party / vendor risk assessments. Provides an independent perspective that addresses management or board level concerns. Identifies areas of risk relative to individual 3rd parties that can be evaluated internally for subsequent action.

7 What can you do about security challenges? Client’s guide to a secure organization ► Conduct compliance “gap analysis” to identify security needs ► Develop an overarching information security program ► Focus on prescriptive standards like PCI DSS ► Perform periodic compliance validation ► Utilize MSSP or SaaS solutions supported by 24x7 security experts to augment current resources ► Leverage a trusted managed services provider to handle the difficult security operations tasks: Patching Antivirus SOC DDOS Prevention © 2015 Trojan Horse Security Inc., all rights reserved7

8 Penetration Testing Methodology © 2015 Trojan Horse Security Inc., all rights reserved8

9 To learn more visit: www.TrojanHorseSecurity.com or call us on (202)-507-5773 Trojan Horse Security Inc. 2200 Pennsylvania Avenue NW 4 TH Floor East Washington, DC 20037 © 2015 Trojan Horse Security Inc., all rights reserved9

10 Confidentiality Statement & Disclaimer This document contains Trojan Horse Security confidential or proprietary information. By accepting this document, you agree that: (A)(1) if a pre-existing contract containing disclosure and use restrictions exists between your company and Trojan Horse Security, you and your company will use this information subject to the terms of the pre-existing contract; or (2) if no such pre-existing contract exists, you and your Company agree to protect this information and not reproduce or disclose the information in any way; and (B) Trojan Horse Security makes no warranties, express or implied, in this document, and Trojan Horse Security shall not be liable for damages of any kind arising out of use of this document. © Trojan Horse Security Inc. 2015. All rights reserved. No parts of this document may be reproduced, transmitted or stored electronically without Trojan Horse Security Inc. prior written permission. © 2015 Trojan Horse Security Inc., all rights reserved10

Download ppt "INFORMATION SECURITY DISCUSSION © 2015 Trojan Horse Security Inc., all rights reserved1."

Similar presentations

Navigating Compliance Requirements DCM 6.2 Regs and Codes linford & co llp.

Navigating Compliance Requirements DCM 6.2 Regs and Codes linford & co llp.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is.
© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.

© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
Hands-On Ethical Hacking and Network Defense

Hands-On Ethical Hacking and Network Defense
Security Controls – What Works

Security Controls – What Works
The Information Systems Audit Process

The Information Systems Audit Process
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
© 2003 by Carnegie Mellon University page 1 Information Security Risk Evaluation for Colleges and Universities Carol Woody Senior Technical Staff Software.

© 2003 by Carnegie Mellon University page 1 Information Security Risk Evaluation for Colleges and Universities Carol Woody Senior Technical Staff Software.
Www.encase.com Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
© 2014 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2014 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.

Financial Advisory & Litigation Consulting Services Risk Management 2006 September 14-15, 2006 The Metropolitan Club, New York, NY Workshop B: Information.
NUAGA May 22, 2014.  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.

Similar presentations

Ads by Google