The threats to your data and your business are constant and varied. They range from nation-state sponsored attacks which have seen the exfiltration of millions of personnel records, to criminal-sponsored credit card breaches to ransomware attacks that disrupt the delivery of healthcare to thousands of patients. How does an organization proactively defend itself in today’s threat-rich world?
Whether you’re a commercial firm dealing with GDPR, PCI DSS, SOX or HIPAA; a State/Local government entity with its own, unique breach law; or a Federal Agency working to improve its FISMA score, the Varonis Data Security Platform is designed to help you understand what sensitive information exists within your environment and how to protect that information. Varonis helps secure your enterprise data on premise and in the cloud, classifies regulated and sensitive information, and highlights who is (and who shouldn’t be) accessing sensitive information. Varonis builds profiles on users - what kinds of data they use, how much, when, and from which devices – and alerts on any unusual activity that could indicate a data breach, insider threat, or cyberattack, similar to how a credit card company builds a profile of your spending habits to spot fraud.
In the case of ransomware, a secure backup/recovery capability is critical to restoring critical information in a timely manner. Rubrik delivers automated backup, recovery, archival, search, cloud, and development in a simple, scale-out platform built for public, private and/or hybrid clouds. Rubrik Radar makes it easier and faster to recover from security attacks while providing greater intelligence on how an incident impacted your global applications and data.
Radar leverages machine learning to detect and alert on anomalous behavior. Radar analyzes changes to file content to understand what was impacted and where that data resides in the environment. Finally, Radar allows restoration to the most recent clean state with just a few clicks.
Having the right set of tools to protect data and support an effective cybersecurity program is certainly necessary. But tools in and of themselves are not enough. One must carefully consider the people using these tools and the processes and procedures that the organization has developed.
Presidio’s Next Generation Risk Management (NGRM) is an adaptive security portfolio designed to address today’s changing cyber threat landscape. Irrespective of size and industry vertical, NGRM can be tailored to meet the needs of any organization. The modular consumption model allows an entity to contract for those services that complement its own capabilities. In addition to integrating the Varonis and Rubrik technologies into the client environment, Presidio Cyber Security (PCS) offers a variety of security assessments.
Security testing is essential to maintain an appropriate security posture for any size organization and is one of 4 pillars upon which the NGRM is based. The testing regimen should include vulnerability assessments, penetration testing, static and dynamic code assessments of web-facing applications, wireless infrastructure testing and social engineering exercises. The frequency of such testing will vary based on the type of assessment as well as the degree of changes to infrastructure and applications. For example, vulnerability scanning and remediation needs to be performed with a much higher frequency than penetration testing. The former may be performed on a weekly basis while the latter could be done on a semi-annual schedule. New applications or major updates to applications are the ideal opportunities to perform code analysis.
Strategy: an organization should have a defined security strategy that addresses the various governance models to which the organization may be subject. Examples of such governance models include HIPAA, PCI DSS, GDPR, SOX, NIST 800-171, etc. The strategy, the 2nd pillar of the NGRM, must also have led to the creation of policies and procedures that the organization has laid out and provide the daily “how to” guidance for cybersecurity within the context of the applicable governance models. On-going security awareness training is a “must have” these days. Continuous reinforcement of best practices is necessary to reduce the likelihood of an employee clicking on a link that unleashes a breach or ransomware upon the organization. Lastly the adoption of a defined security framework is essential to address the multitude of technical, operational and executive considerations. The NIST Cyber Security Framework has seen increased interest and adoption in many industries. The cybersecurity strategy can easily be aligned with the business/mission goals and corresponding risks. When combined with the unique business intelligence brought by the customer and threat intelligence from Presidio, PCS will develop a security roadmap to assist in reducing the risk to the information systems, and business, of our clients.
Security Architecture: Architecture is the 3rd pillar of the NGRM. No matter the size of an enterprise, the security architecture should accommodate not only the traditional data center but also support public cloud, IoT and mobility. Logical and physical network segmentation is required for both defensive purposes as well as to avoid co-mingling of production, dev/test and management systems. Firewalls, switches and routers must be properly configured to enforce segmentation and access restrictions. The architecture should accommodate complex Active Directory, PKI and DNS deployment models. Lastly all of the devices in the environment should be hardened against industry standards such as CIS or DOD STIGs (Security Technical Implementation Guides).
Security Operations: The 4th pillar of the NGRM is Security Operations (SECOPS). Implementation of security controls, remediation services, incident response and security reporting are capabilities where the organization may need to perform a self-assessment to determine where its internal expertise lies and which functions are candidates for outsourcing to a Managed Security Services Provider (MSSP) such as Presidio or whether staff augmentation is the more cost effective option.
Let Presidio, Varonis and Rubrik help you protect what matters most today!