Security Webinar CSAT & SAM
&
9 februari 2021
Maarten Overman
Dennis Dols
De belofte van ITAM met Security:
1. Unauthorized or rogue software (Shadow IT) 2. Outdated software assets (Patch management) 3. Data and software integrity
4. Access control
Who puts it trust in a silver bullet?
STARTEN MET EEN TOOL-DISCUSSIE IS DESASTREUS
1. EDR, WAF 2. APT
3. Data (privacy) 4. Isolated tool
1. Verantwoording terug bij de business-owners.
2. Breek het complexe IT landschap op in deelgebieden.
3. Zet de kraan dicht & neem Security vanaf het begin af aan mee.
1. Verantwoording terug bij de business-owners.
2. Breek het complexe IT landschap op in deelgebieden.
3. Zet de kraan dicht & neem Security vanaf het begin af aan mee.
SAMENWERKING MET QS SOLUTIONS
A. De findings: zijn afgestemd op de business B. Holistisch beeld: eet de olifant in kleine stukken C. Slaat discussie plat; feitelijke info op tafel
Why don’t organizations have the security they need?
Security is too complex Security is too expensive Security is not a business priority
Working from home became mandatory
Many Line of Business applications not available from home IT infrastructures not prepared for 100% mobile workforce Cloud services adopted without due diligence
Higher risk to become victim of cybercrime
COVID-19 impact on IT departments
The Cyber Security Assessment Tool – Why?
• Market demands to take security seriously
• Law regulations and market standards (GDPR/ISO27k)
• Brand reputation damage and financial penalties
• Fact based actionable insights
• Align Busines Management
& IT/Security Management with one common truth
• Invest in the right security initiatives by making informed decisions based on facts
Organizations need to know their cyber security
vulnerabilities
Organizations need an action plan to improve cyber security
Focus your limited security budgets on the highest risks
• Over 2000 assessments worldwide
• Global partnership with Microsoft
• Customers in all segments Recognized solution to conduct Cybersecurity Assessments in all segments
ATP
Online Activity
ATP
Employees Customers
Partners Contractors
Administrators
Effectively use your resources to mitigate the highest risk
ATP
Employees Customers
Partners Contractors
Administrators
Define policies and procedures on external
sharing
Enable MFA
& use Privileged
Identity Management
All endpoint policies in place.
27,000 Documents with potential PII located in Office 365
120 users with admin accounts without two factor verification 2300 external users with
access to Office 365 resources
Detect and Respond with
Cloud App Security
Protect data using Azure Information Protection Migrate VMs to
Azure
47 servers with Windows Server
2012 OS
320 Cloud Applications being used and no policy in
place.
How does CSAT work?
Endpoints Office 365, SharePoint,
Teams, Intune
Active Directory &
Azure AD
Azure tenant and services
Questionnaire
CSAT is an infrastructure application providing you with an easy interface from which you can collect relevant data from the following sources:
Data collection
By using proprietary agents that delete themselves following the endpoint scan, the effort required from the internal IT department is kept to a minimum.
Questionnair e
Microsof t
365 Azure
Endpoints
SharePoint on-premises
Local Active
Directory Automated report
with
recommendations based on facts
Questionnaire
Based on the Center for Internet Security 20 Controls
• All important security topics are addressed
• A "must-do, do-first" starting point for every organization seeking to improve their cyber defense.
Interview between Cybersecurity Analyst and:
• IT manager
• Security Officer
Deliverables
Final Report – Management Summary
Final Report – Predefined & Automated Recommendations
Final Report – Technical Data
Final Report – Technical Data
Windows 10 Enterprise
• Periodic Cybersecurity maturity assessments
• Ongoing Cybersecurity Program services
• Track progress
Strategic
• Cybersecurity
improvement Action Plan
• Implement Cybersecurity
procedures, policies, remediation steps
• Deploy Cybersecurity tooling
Tactical
• Automated analysis
• Remediation support and input
• Periodic ISMS controls checks
Operational
Periodical Assessments with CSAT
Quick Results – Automated scan, questionnaire, reporting Provides recommendations based on facts
Risk-based Action Plan
Track progress and report on positive impact after remediations
Cyber Security Assessment Tool
Value for you
Align
IT/Security shares fact-based security conclusions and recommendations with Business Management
Offers risk-based action plan for security improvements Optimize
Saves money if available Microsoft licenses are deployed Prevents deployment of point solutions
Control
Proves that customer takes security seriously Shows that customer works towards compliance
Met impact
HULPMIDDEL.
▪ algemene toetsing Security op orde
▪ extra munitie business casus Security/Cloud
▪ awareness genereren rondom IT Security
DAN TOCH?
Tooling discussie
Discovery Recognition
Usage
SW HW
ITAM tooling
DAN TOCH?
Tooling discussie
Discovery Recognition
Usage
SW HW
analysis NVD & GDRP
ITAM tooling
• Identify SW vulnerabilities
• Monitor & protect PII
Technopedia
CMP CMDB
DAN TOCH?
Tooling discussie
Discovery Recognition
Usage
SW HW
analysis NVD & GDRP
Whitelisting &
Blacklisting
ITAM tooling
Outdated SW SaaS / Open Source
• Identify SW vulnerabilities
• Monitor & protect PII
Technopedia
CMP
Business
CMDB
Office 365 E3 +
• Cloud UC
• Personal and Org Analytics
• Advanced Security &
Compliance
EMS E3 +
• Cloud App Security
• Premium P2
• Microsoft Defender for Identity
• Information Protection P2 (“Samos”)
Windows 10 Enterprise E3 +
• Microsoft Defender for Endpoint
MICROSOFT 365 ENTERPRISE
E5
On Prem Capable
Microsoft discussie
WIE HEEFT HET SUPER—SCHERP?
Condities
Office 365 E3 +
• Cloud UC
• Personal and Org Analytics
• Advanced Security &
Compliance
EMS E3 +
• Cloud App Security
• Premium P2
• Microsoft Defender for Identity
• Information Protection P2 (“Samos”)
Windows 10 Enterprise E3 +
• Microsoft Defender for Endpoint
MICROSOFT 365 ENTERPRISE
E5
On Prem Capable
Microsoft discussie
WIE HEEFT HET SUPER—SCHERP?
Condities
HOE KUNNEN WE HELPEN?
Vragen en discussie
Meer weten?
Get in touch!
Dennis Dols
Global Partner Manager [email protected]
www.linkedin.com/in/dennisdols/
Maarten Overman Enablement Manager
[email protected] linkedin.com/in/maarten-overman- 7b350b7/
https://cybersecurityassessmenttool.com/
