Introductions How we got here: Referral from Ted Schlein Call - - PowerPoint PPT Presentation

How we got here: Referral from Ted Schlein Call Participants: Joseph Loomis Former founder & CEO of Net Enforcers [Online Brand Protection] Sold Net Enforcers, debt-fee and very profitable. Formally licensed Private Investigator Cooperative member with the FBI & DEA’s divisions on Cybercrime. Customers included Sony, Pfizer, Eli Lilly, Apple, MSFT, Novartis, etc. Spyro Malaspinas IBM, VeriSign, Symantec & Protiviti PCI-DSS and forensic breaches, remediation and security and compliance consulting Routinely responds to high profile financial services and credit card incidents Methodically positioned new security and compliance programs

Introductions

• Joseph Loomis, CEO & Co-Founder

Former CEO & Founder, Net Enforcers

• Paul Janisko, CTO & Co-Founder

Founder of Rendered Source, LLC

• Spyro Malaspinas, CSO & Co-Founder

IBM, Symantec, VeriSign, Protiviti

• Stephen Grutzius, CMO
• Emil Herich, General Counsel
• Matt LaVelle, General Counsel

Who is CyberSponse?

The Problem:

The state of incident response in most organizations:

• Comes in the form of a word document
• Is rarely if ever tested
• Was established to meet a regulatory requirement, or legal agreement
• Was copied and pasted from another organization, not catered to the organization
• Does not include any contingency planning, e.g. whom do I call if we are over our

head/ill prepared

• Does not include mechanics for communicating securely internally or externally

regarding the incident

• Does not lend itself to process improvement, utilizing archaic systems to triage very

stressful events that can include many unknowns

• Is very manual
• Does not provide any need to know boundaries around sensitive information
• Medium sized businesses, and those without a dedicated security team are left with

little direction

The Solution

• The CyberSponse IMS (Incident Management System) is a cloud and

appliance based technology offering incident management workflow, secure collaboration, and planning tools for security incident preparation and remediation.

• A business to business directory linking clients to organizations that

can assist in bolstering security capabilities, perform forensic/incident response services, security auditing, managed services, and product based security and compliance solutions.

• Numerous compliance requirements and security best practices include

the need for a well-developed and annually tested incident response process.

• PCI, SOX & ISO 27001 and each require a formal incident

response program that must include a process, procedure, and annual testing.

The IMS System Includes:

• Secure Message Delivery System with Mobile Integration
• Tried and true, Customizable Incident Response Frameworks
• Semi-automated Incident Response management workflows
• Business to Business directory services
• Incident Response Security Policy and Procedure Templates
• Triage Process Flow Charting & System Illustrations
• Integrated Privacy Law and Regulations Database by state/country
• Security Focused Content & Task Management Console
• Task Assignment Design System with reminders on performance reporting
• Executive Management Reporting Console
• Visual Architecture Interfacing during attack
• Incident Response Simulation Testing
• Secure Collaboration based upon RBAC; internal and external communication
• Customizable User Rights Management Console
• Evidence/classified Communications based upon role and responsibility
• Secure repository for security documents and sensitive communication

Industry Changes… Using IMS

• Speed to Mitigation of a Breach
• Efficiently address breach reporting requirements
• Working Incident Response frameworks
• Realization of Risks associated with Cyber Connectivity
• Consolidated Communication medium for Cooperative Organizations
• Less Downtime for Customers
• Shift to Pro-active Customer Thinking
• Improvement in Cross Vendor Communications
• A New Standard of Secure Communication

Synergy with Strategic Partners…

• Direct link to:

Mandiant Professional Services Mandiant Incident Management Product Offerings

• Web integration:

Mandiant PS to utilize platform for forensic investigations and IR Mandiant to integrate CyberSponse workflows into existing MCIRT and Mandiant Intelligent Response

• Comprehensive IR solution
• Allows organizations to perform more self serve operations
• Creates efficiencies in trusted communication
• Allows Mandiant to service more organizations and breaches

Discussions & Next Steps