CybersecurityGame Planning for Success

John Dolan & Derrick Helms, CISSP

AgendaDeveloping a strategy for success

#WBInsights15#WBInsights15

Overview

SecurityProven ProcessAssess

Plan and Design Implement

Detect

RemediateReport

Protect

#WBInsights15#WBInsights15

AssessPlan assessments based on needs• Risk• Compliance Requirements• Vulnerability Assessments• Policy• Current security controls

#WBInsights15#WBInsights15

Plan, Design and Implement

Plan and Design• Asset Patch Management• Written Information Security Policy• Security and Compliance/Incident Management Handbook • Multi-layer Approach • Roadmap

Implement• Phased roll-out• Test group before organization

#WBInsights15#WBInsights15

ProtectProtect in Layers based on Assets • Network Level• Host Level• User Level • Data in transit• Remote Access • BYOD – Smartphones/Tablets

#WBInsights15#WBInsights15

Detect and RemediateDetect • Do you know who is accessing your network? • Do you know who is accessing and changing files? • Do you know when you users are logging in and out? From Where?

Remediate • What are you doing to remediate your findings?• Is there a action plan or incident management policy on

what to do and a clear understanding of who is accountable for making sure it gets done?

#WBInsights15#WBInsights15

ReportDefine Key information – What is happening?• Systems• Software• Events• Users• Incidents• Web Activity• File Access

Thank you!utgsolutions.com

John Dolan jdolan@utgsolutions.com 678-730-2793

Derrick Helms, CISSPdhelms@utgsolutions.com 678-730-2742