Buscar
Estás en modo de exploración. debe iniciar sesión para usar MEMORY

   Inicia sesión para empezar

ICE CONSULTING PRODUCTS & SERVICES


🇬🇧
In Inglés
Creado:


Public
Creado por:
James Williams


0 / 5  (0 calificaciones)



» To start learning, click login

1 / 25

[Front]


Accolades
[Back]


• 25 years’ experience designing, implementing, and scaling operations • Customer Satisfaction Rating of 97% (out of 5,000 reviews) • The Top 10 Best Performing Managed Security Service Providers by Insights Success Magazine • Top 10 Most Disruptive Cloud Solution Provider from CEO Views Magazine • The Top 25 Technology Providers from CIO Providers • Best Supplier Award – Adaprec, Inc • Best in Class Award – Northrup Grumman • Service of Excellence Recognitions – Ion Torrent, Odyessy Thera

Practique preguntas conocidas

Manténgase al día con sus preguntas pendientes

Completa 5 preguntas para habilitar la práctica

Exámenes

Examen: pon a prueba tus habilidades

Pon a prueba tus habilidades en el modo de examen

Aprenda nuevas preguntas

Modos dinámicos

InteligenteMezcla inteligente de todos los modos
PersonalizadoUtilice la configuración para ponderar los modos dinámicos

Modo manual [beta]

Seleccione sus propios tipos de preguntas y respuestas
Modos específicos

Aprende con fichas
Completa la oración
Escuchar y deletrearOrtografía: escribe lo que escuchas
elección múltipleModo de elección múltiple
Expresión oralResponde con voz
Expresión oral y comprensión auditivaPractica la pronunciación
EscrituraModo de solo escritura

ICE CONSULTING PRODUCTS & SERVICES - Marcador

0 usuarios han completado este curso. ¡sé el primero!

Ningún usuario ha jugado este curso todavía, sé el primero


ICE CONSULTING PRODUCTS & SERVICES - Detalles

Niveles:

Preguntas:

40 preguntas
🇬🇧🇬🇧
Accolades
• 25 years’ experience designing, implementing, and scaling operations • Customer Satisfaction Rating of 97% (out of 5,000 reviews) • The Top 10 Best Performing Managed Security Service Providers by Insights Success Magazine • Top 10 Most Disruptive Cloud Solution Provider from CEO Views Magazine • The Top 25 Technology Providers from CIO Providers • Best Supplier Award – Adaprec, Inc • Best in Class Award – Northrup Grumman • Service of Excellence Recognitions – Ion Torrent, Odyessy Thera
4 Types of Services
1. Strategic 2. Administrative 3. Technical 4. Support
Strategic Services
1. Provide IT Director services 2. Design IT Infrastructure On-Premise and Cloud 3. Implement Process & procedures based on IT best practices 4. Meet compliance requirements 5. Handle office build-out, migration & expansions
Administrative Services
1. Regular IT Meetings 2. Project Management 3. Ticket Management 4. Client Satisfaction reporting 5. Weekly & Monthly IT Reporting 6. Key Performance Index (KPI) Reporting 7. Asset Management 8. Vendor Management 9. Cabling Services 10. IT Room, Cooling, HVAC 11. IT Documentation
Technical Services
1. Firewall,Switching, & Routing 2. Linux, Windows & MAC servers & systems 3. Cybersecurity 4. Design & implement Zero Trust Network 5. Virtualization & Storage 6. Backup & Disaster Recovery 7. Wireless Solutions 8. Single Sign ON (SSO) & Multifactor Authetification 9. Mobile Device Management 10. Cloud services management 11. Onboarding & offboarding employees & contractors 12. Printing & phone services
Support Services
IT SUPPORT SERVICES 1. Onsite technical services 2. Helpdesk-live tech support 24x7x365 including holidays 3. Proactive weekly Preventative Maintenance Network Security Network Infrastructure Systems Infrastructure Endpoints (Desktops, Laptops, & Mobile Devices) 4. NOC (Network Operation Center) 24x7x365 5. Provide IT Training to Users
Accolades
• 24 years’ experience designing, implementing, and scaling operations • Customer Satisfaction Rating of 97% (out of 5,000 reviews) • The Top 10 Best Performing Managed Security Service Providers by Insights Success Magazine • Top 10 Most Disruptive Cloud Solution Provider from CEO Views Magazine • The Top 25 Technology Providers from CIO Providers • Best Supplier Award – Adaprec, Inc • Best in Class Award – Northrup Grumman • Service of Excellence Recognitions – Ion Torrent, Odyessy Thera
Real-Time Analysis of Behavior Related Incident SCENARIO: Three times a day on-average John logs into a file share containing critical business data. Then one day, he logs in 100 times… anomaly detected. His credentials were stolen, and he has been personally compromised.
SOLUTION: Using artificial intelligence (AI) and machine learning technology, Securonix establishes a baseline of normal behavior, and compares that baseline to current activity on the network. It triggers an alert when it detects activity outside the norm. The ICE SOC Team opens the alert, contacts your IT Dept, and initiates action based on your Threat Response Plan. RESULT: Threat mitigated before your company loses the sensitive data core to your business.
Security Stats
WHO - 5 fold increase in cyberattacks in 2020
Average cost of 1 breach (+500)
3.86 million - based on The Ponemon Institute and IBM Security
Average cost of 1 breach (under 500)
2.67 million - - based on The Ponemon Institute and IBM Security
Most frequently compromised type of record
PII (Personally Identifiable Information) The costliest at $150 a record
Non-Monetary Damages
Loss of intellectual property Years of research down the drain Damage to your brand and reputation Cancelled deals and partnerships Millions in lost productivity, and legal/remediation expenses Disclosure requirements imposed by your clients and governments intellectual property
The burden placed on IT Staff
Anti-Virus / Anti-Malware / EDR Behavioral analytics Firewall/WAF, Servers on cloud infrastructure Firewalls with UTM URL & DNS Filtering Threat Detection / Threat Prevention IDS / IPS Penetration Testing Threat hunting Log aggregation Wireless rogue activity detection Single Sign On / Multi Factor Authentication Email filter tuning and quarantine management Identify Access Management (IAM) Monitoring of critical data flows Data Encryption Hosted Email services Threat Intelligence and Feed Analysis
SOC-2 Certification
SOC 2 (System and Organization Controls 2) is a type of audit report that attests to the trustworthiness of services provided by a service organization. SOC 2 reports are the result of an official SOC 2 audit. These reports attest that a service organization’s solution has been audited by a Certified Public Accountant (CPA) on over 600 data points, using standards laid down by the AICPA, with regard to: Security, Availability, Processing Integrity, Confidentiality and/or Privacy.
SOC-2 Audits for what? (SAPIC)
Security Availability Privacy Integrity (process & storage) Confidentiality
Availability
The process, product, or service must remain available per the agreement between user and provider. Both parties either explicitly or implicitly agree on the appropriate level of availability of the service.
Confidentiality
If access to the data is limited to certain individuals or organizations, it must be treated as confidential. Data protected by the principle of confidentiality could include anything the user submits for the eyes of company employees only, including but not limited to business plans, internal price lists, intellectual property and other forms of financial information. An auditor will take into account data encryption, network firewalls, software firewalls and access controls.
Privacy
The principle of privacy applies to the collection, disclosure, disposal, storage and use of personal information with regard to the generally accepted principles of privacy (GAPP) as established by the AICPA. It applies to Personal Identifiable Information (PII), information that can be used to differentiate persons, including but not limited to names, addresses, phone numbers and social security numbers. Other data, including race, gender, medical profiles, and religion are also covered by GAPP. An auditor must verify controls in place to prevent the dissemination of PII.
Security
System resources must be defended against outside access to comply with the principle of security. Access controls must adequately resist attempts at intrusion, device manipulation, unauthorized deletion, data misuse, or improper modification and release. An auditor looks at IT security tools like WAF (web application firewalls), encryption and intrusion detection in addition to administrative controls such as background checks and authorizations.
Integrity
This principle is concerned with the delivery of the right data at the right time and at the right price— in other words, whether or not the platform performs as expected. Data processing must be complete, licensed, reliable and timely. IMPORTANT: Integrity of storage does not imply the integrity of the information. Information may contain errors before it is entered into the system, which the storage entity is not responsible to identify. An auditor must look at data processing management and quality assurance practices to ensure the reliability of the data.
SOC (Security Operations as a Service)
1. Provides 24/7/365, real-time visibility into your IT infrastructure 2. Staffed by a global team of trained professionals 3. SIEM (Security Incident and Event Management) subscription includes industry-leading processes and security tools 4. Proactive remediation of threats before damage is caused 5. One of the most cost-effective and impactful ways to elevate any organization’s security posture as compared to developing these services in-house
ICE SOC
1. ICE has qualified team of certified security professionals to monitor your infrastructure 24/7/365 2. ICE security professionals respond to all alerts instantly to reduce the exposure and limit the damage a security breach might otherwise cause 3. ICE SOC team will work with your organization to establish incident response teams (IRT), formulate Incident Response Plans (IRP), and perform the necessary actions to remediate threats in a timely manner, as required by many compliance frameworks
4 STEPS PROVIDED
MONITOR - Real time monitoring of critical apps and services in a single dashboard ANALYZE - Centralized Log Collector to collect and store logs from services and devices for analysis. Risk management process that reduces chances of security breaches. RESPOND - Respond immediately to cyber attacks to avoid security breach ESTABLISH - Incident Response Plan (IRP)
SECURONIX PARTNERSHIP
Securonix delivers a next-generation security analytics and operations management platform for the modern era of big data and advanced cyber threats and was named a leader in the 2021 Gartner Critical Capabilities for SIEM(for Security Information and Event Management)
WHY SECURONIZ PARTNERED WITH US
ICE Consulting is an experienced MSSP that offers a full range of security services to their customers. They have a highly skilled staff that understands the value of providing the best solutions to keep their customers protected 24 x 7. We see ICE Consulting as a strategic MSSP partner in a key geography with unique vertical expertise in Biotechnology and Life Sciences.
SECURONIX SNYPR
1. Centralized Log Collector maintains all logs from the connected devices and services for extended time periods for forensic analysis, legal reasons, etc. 2. SIEM and UEBA in a single package. 3. Threat Analyzer with a cloud based-AI engine analyzes, reports, suggests remediation, and documents all threats received. 4. SNYPR is compatible with most major applications and services (Okta, Azure, AWS, O365, Palo Alto Firewalls, Cisco Umbrella, Windows Servers, Web Servers, etc…)
SECURONIX FEATURES (Part1)
Anti-Virus / Anti-Malware / EDR Firewalls with UTM URL & DNS Filtering Threat Detection / Threat Prevention IDS / IPS Single Sign On / Multi Factor Authentication Data encryption Behavioral analytics Threat hunting Email filter tuning and quarantine management Servers & storage in data centers
SECURONIZ FEATURES (part 2)
Firewall/WAF, Servers on Cloud infrastructure Log aggregation Identify Access Management (IAM) Hosted Email services Penetration Testing Wireless rogue activity detection Monitoring of critical data flows Threat intelligence and feed analysis
Incident Response Workflow
1. Identify Friend or Foe (IFF) 2. Use WHOIS, and DNS to identify the source 3. Create a network object to auto-identify the CIDR (registered public IP) block for the source in the future 4. Add the system to an elevated risk watch list (Risk Booster for future events) 5. Move from Production VLAN to Patch Only/Guest VLAN (Switch Port) 6. Update anti-virus 7. Update OS 8. Run a full AV scan If clean, run a vulnerability scan to check patches were successful, If success, return to production VLAN If failed AV or Patch check Notify IT team to reimage system, or Perform a full reimage of system and repeat a-d 9. Add the system to an elevated risk watch list (Risk Booster for future events)
IF FOE
If foe… Add to the block list recommendations for the next change review or window Check for additional attackers/symptoms on the same CIDR block Block at the firewall or IPS as appropriate (Class C CIDR block or smaller) Note date of block, and add to an expire/review list for 30 days Note and review country of origin for appropriateness to the business
ALERT & REPSONSE
1. Create a ticket to track the event 2. Update the ticket with any enrichment data available. Identify Friend or Foe Add network information about the source Internal? Or External? Check blacklist information (AbuseIPDB, Zeus Tracker…) and add to ticket Identify the user logged into the system at time of event (if internal) 3. Classify the ticket Internal / External Recon, Exploit, Data Exfil,Malware, Unknown
Real-Time Analysis of Behavior Related Incident SCENARIO: Three times a day on-average John logs into a file share containing critical business data. Then one day, he logs in 100 times… anomaly detected. His credentials were stolen, and he has been personally compromised.
SOLUTION: Using artificial intelligence (AI) and machine learning technology, Securonix establishes a baseline of normal behavior, and compares that baseline to current activity on the network. It triggers an alert when it detects activity outside the norm. The ICE SOC Team opens the alert, contacts your IT Dept, and initiates action based on your Threat Response Plan. RESULT: Threat mitigated before your company loses the sensitive data core to your business.
ERP
Enterprise Resource Planning (ERP) solution
SOC-2
SOC 2 (System and Organization Controls 2)
LOI
Letter of Intent
SOW
Statement of Work
CDMO
Contract Development and Manufacturing Organization (CDMO)
CMO
Contract Manufacture Organization
CRO
Contract Research Organization