AN MSPs GUIDE TO NIST COMPLIANCE STEVE RUTKOVITZ ABOUT STEVE - - PowerPoint PPT Presentation

an msps guide to nist compliance steve rutkovitz
SMART_READER_LITE
LIVE PREVIEW

AN MSPs GUIDE TO NIST COMPLIANCE STEVE RUTKOVITZ ABOUT STEVE - - PowerPoint PPT Presentation

Jun 07, 2023 19 likes •343 views

AN MSPs GUIDE TO NIST COMPLIANCE STEVE RUTKOVITZ ABOUT STEVE RUTKOVITZ For over 20 years, Steve owned and operated a very successful MSP business. With a clear understanding of the market needs, he developed an innovative IT and business

slide-1
SLIDE 1

AN MSPs GUIDE TO NIST COMPLIANCE

slide-2
SLIDE 2

STEVE RUTKOVITZ

2

Management Educating Risk Assessments Security and Compliance

ABOUT STEVE RUTKOVITZ

For over 20 years, Steve owned and operated a very successful MSP business. With a clear understanding of the market needs, he developed an innovative IT and business process.

STEVE’S SKILLS

PRESIDENT & CEO

slide-3
SLIDE 3

CHOICE CYBERSECURITY

3

Having been in the MSP industry, we understand the marketplace and its needs. Our proven three step process has helped MSPs improve client relationships and increase MRR. With a robust suite

  • f products and

services, you can put your clients' security and compliance worries at ease. With minimal changes to your current offerings, MSPs can increase revenue by at least 40%.

Expertise Assess Address Maintain Suite of

Products and

Services MRR

slide-4
SLIDE 4

THE COMPLIANCE WEBINAR SERIES

4

Why Focus on Compliance?

Each month, we will explore one compliance regarding security and best practices. Our goal is to empower you to approach your customers in certain verticals with confidence. A deeper understanding of a compliance offers:

  • Subject matter expertise
  • Trusted relationships
  • Separation from the competition
  • More opportunities for recurring revenue
slide-5
SLIDE 5

Our Proven Process

5

A Structured Repeatable System

Our Proven Process

5

slide-6
SLIDE 6

WHAT’S REQUIRED?

6

  • Compliances
  • Best Practices
  • Self Assessments

State Laws Compliance Best Practices Supply Chain

slide-7
SLIDE 7

WHAT’S AT RISK?

7

Confidential Client Data

1 2

Company Brand

3

Reputation

4

Fines Breaches

5 6

Customer Contracts

7

Data Assets

8

Client Relationships

slide-8
SLIDE 8

Federal Information Security Management Act (FISMA)

8

Structured framework to protect government information,

  • perations and assets

9 Steps Towards Compliance:

8

6 | Assess the effectiveness of the security controls once they have been implemented. 7 | Determine agency-level risk to the mission

  • r business case.

8 | Authorize the information system for processing. 9 | Monitor the security controls on a continuous basis. 1 | Categorize the information to be protected. 2 | Select minimum baseline controls. 3 | Refine controls using a risk assessment procedure. 4 | Document the controls in the system security plan. 5 | Implement security controls in appropriate information systems.

slide-9
SLIDE 9

NIST STRUCTURED FRAMEWORK

9

The Fastest Growing US Compliance

slide-10
SLIDE 10

GROWING MARKET

10

Cybersecurity Framework Usage

As of 2015, 30% of U.S. organizations use the NIST Cybersecurity Framework; and use is predicted to rise to 50% by 2020 according to Gartner research.

Percentage of U.S. Organizations 10 20 30 40 50

2012 2015 2020 0% 30% 50%

PROJECTED

Years

slide-11
SLIDE 11

Who Needs NIST?

11

Government Contractors

1 2

Non Profits

3

State and Local Gov

4

Businesses

slide-12
SLIDE 12

12

RISK ASSESSMENTS

  • Build a Baseline
  • Uncover Gaps and Risks
  • Expose Vulnerabilities
  • Analyze Layers of Defense
  • Identify Sensitive Data
  • Missing Controls and Policies
slide-13
SLIDE 13

NIST Structured Framework

13

NIST 800-171 NIST 800-53 NIST Primary Controls

Developed by Department of Commerce

slide-14
SLIDE 14

REPORT ON COMPLIANCE

14

slide-15
SLIDE 15

SCANS

15

Types of Scans

360 degree clear view of network risk

1 Active 2 Passive 4 Dark Web 3 PII 5 Data

slide-16
SLIDE 16

PII SCAN EXAMPLE

16

slide-17
SLIDE 17

17

slide-18
SLIDE 18

VULNERABILITY SCAN COMPARISON

18

slide-19
SLIDE 19

DATA AUDIT AND WORKFLOW MAP

19

  • Industry is riddled with sensitive

data not deleted, but still need to protect

  • Data flow analysis shows what

you can’t see with a scan – Data workflow map follows the data at rest and in motion

  • Data at rest
  • Data in motion
  • Third party
slide-20
SLIDE 20

20

RISK BASELINE

  • Missing Controls
  • Missing Policies
  • Data Flow
  • Scan Results
  • Assets Baseline
  • Financial Risk
slide-21
SLIDE 21

21

BRING CLIENTS UP TO AN ACCEPTABLE LEVEL OF RISK

  • Executive Summary
  • Create New Projects
  • Layers of Security 1.0 to 2.0
  • Meet Client Compliances
  • Best Practices
slide-22
SLIDE 22

HOW TO SELL SECURITY

22

Grow Revenue Increase Efficiency Reduce Costs

Reduce Costs

RISK

slide-23
SLIDE 23

CREATING NEW PROJECTS

23

Managed Firewall Data Leak Prevention Remediation and Clean Up Awareness Training Mobile Device Management Threat Detection Policy Development File Archiving SIEM Web Filtering Encryption

slide-24
SLIDE 24

REPORT ON COMPLIANCE

24

25 Auditing & Logging Awareness Training Policy Development Encryption 11 150 32

slide-25
SLIDE 25

MOST COMMON PROJECTS

25

Next Generation Firewall Auditing & Logging File Archiving Encryption PII Remediation & Cleanup Vulnerability Remediation Web Filtering Mobile Device Management Awareness Training Policy Development

slide-26
SLIDE 26

RECURRING REVENUE

26

Security as a Service Vulnerability as a Service Compliance as a Service Dark Web & Credential Monitoring Website Monitoring Awareness Training Risk Assessments

slide-27
SLIDE 27

27

MAINTAIN AN ACCEPTABLE LEVEL OF RISK

  • Monthly Recurring Revenue
  • Continuous Alerting and Monitoring
  • Comparison Reporting
slide-28
SLIDE 28

RISK ASSESSMENT REFERRAL PARTNER

28

No Learning Curve Strategic Growth Generate MRR Leave the Work to Us Creates New Projects

slide-29
SLIDE 29

PARTNER PROGRAM

29

  • Live Training
  • 6 Foundation Training Modules
  • $2,495 ($1,500 (500 x $3) for scans and

$995 for branding, brochures and MSP Portal)

Webinar Special!

  • Branded portal: 2 factor
  • Branded reports
  • 500 scans (spans all clients)
  • Co Branded Brochures

Regularly $5,100 minimum order for branded portal

slide-30
SLIDE 30

NEXT STEPS

30

Develop a Strategy Create a strategy for approaching clients Choose One Client Pick one client that needs Security and Compliance Services Contact Us Discover how to grow your business Present Proposal Provide your client with the Risk Assessment

slide-31
SLIDE 31

31

Questions?

slide-32
SLIDE 32

THANK YOU FOR ATTENDING

32

+1 (410) 205-4980

info@choicecybersecurity.com 10055 Red Run Blvd, Suite 140, Owings Mills, MD 21117

www.choicecybersecurity.com

Connect with us

If you’re ready to expand your offerings and increase your monthly recurring revenue, let’s start with a conversation.

President and CEO