EXPERT CONSULTING SERVICES AND WORKSHOPS CATALOGUE - 1st edition - IECyber
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
EXPERT CONSULTING
SERVICES AND WORKSHOPS
CATALOGUE
1st edition
1 // 24
SOPHIC TABLE OF CONTENTS
EMPOWERING INTRODUCTION PAGE 4
SOPHIC PRO PAGE5
LEADERS SOPHIC PRO FAMILY PAGE6
WORKSHOPS PAGE 7
TOP LEVEL MANAGEMENT WORKSHOP PAGE 8
OT MANAGEMENT WORKSHOP PAGE 9
RAPID ASSESSMENT SERVICES PAGE 11
MATURITY PAGE 12
RISK PAGE 13
ORGANIZATION PAGE 14
SECOND OPINION SERVICES PAGE 16
SUBJECT FOCUSED PAGE 19
SIEM/ SOC/ SOAR PAGE 20
ABOUT IECYBER PAGE 22
2 // 24 SOPHIC EMPOWERING LEADERS 3 // 24
INTRODUCTION
Technology brings many benefits and exciting opportunities for “SOPHIC” is a suite of tools and services providing decision
transformation and growth BUT as the world is getting smaller, makers with the MOST EFFECTIVE CYBER PICTURE
cyber risks are getting bigger and bigger. to enhance organization's defense and resilience.
In almost every sector, cyber is integral to everything, which
means that anything and anyone might pose a cyber risk. SOPHIC PRO, is one of Sophic top solutions, unites a wide range
of professional and consultancy services, covering the whole
With the threat of cybercrime increasing in frequency and impact range of cyber management in an organization.
every single day, it’s imperative for businesses, especially Critical
Infrastructures to defend themselves in order to protect the daily We provide the customer the ability to choose the suitable service,
lives of millions. depending on the organization’s maturity and awareness level
- from a rapid assessment of different cyber aspects, dedicated
SOPHIC PRO has been developed and designed, based on 25 professional advisory and services, tailor-made workshops,
years of Israel Electric Corporation (IEC) experience, to provide and up to the full-scale evaluation, gap analysis, planning, and
you tools and practical recommendations for routine & crisis deployment activities and long-term professional escort.
times, to enhance the cyber understanding, defense & resilience.
OUR
UNIQUENESS 25 years of
battle-proven
Solutions from
the eyes of SOPHIC PRO services are carefully and
experience a stakeholder
precisely adapted to the customer needs,
culture, regulations and procedures, and on the
other hand, continuously updated to the highly
One of the dynamic changing cyberspace
most attacked Experienced Under strict
companies in engineers and regulation of the Israeli
the world cyber security experts government agencies
4 // 24 SOPHIC EMPOWERING LEADERS 5 // 24
SOPHIC PRO FAMILY CYBER IS HERE.
It is one of the most disrupting issues of the
modern world and it's here to stay.
RAPID
WORKSHOPS
ASSESSMENT
SECOND OPINION SUBJECT FOCUSED
‘SOPHIC’ was established to EMPOWER
LEADERS – to balance between the cyber
Top Level
Management Cyber Maturity Strategy & Policy SIEM / SOC / SOAR sturdiness and the ability of the business to
fulfill its destiny and to adapt ourselves for the
NEW NORMAL
OT Management Cyber Risk Cyber Assessment * IoT
* IT/ OT/ VT
Cyber Organization Subject Focused
INTEGRATION
Customer Specific * CYBER by DESIGN
* Will be released in Q4, 2020
6 // 24 SOPHIC EMPOWERING LEADERS 7 // 24
WORKSHOPS
WORKSHOPS Top level Awareness Workshop-
Cyber-attack and recovery scenario simulation for C-level
“A DAY IN THE LIFE OF A CISO”
DESCRIPTION
One of the missing links in organizational cyber sturdiness is the lack of understanding of
the most important roles in any organization – the decision-makers. From Israel Electric
experience, this is one of the common factors of cyber defense and resilience failures,
based on analysis of hundreds of events of cyber compromise. The workshop is formed in
participants' active simulation game, exposing them to real dilemmas and solutions based
on Israel Electric's vast experience, and in parallel, it includes a rough estimation of the
cyber organization's quality represented by the participants
MAIN GOALS
» Leveraging decision-makers' understanding of the cyber phenomena.
» To be in the cockpit during the reality-like cyber crisis: to experience the differences
compared to other types of crisis.
» To reconsider the management intense support for the cyber organizational activities.
» To better understand the meaning of a balanced cyber organization
VALUES TO PARTICIPANT OUTCOMES
✓ Increase cyber awareness across the ✓ Gaps report & mitigation plan
organization ✓ Key performance indicators
✓ Understanding and avoid cyber for measurement of Cyber
management pitfalls Organization quality
✓ Develop practical understanding of cyber ✓ Presentation session & materials
decision main dilemmas ✓ Follow-up activities report
✓ Creation of efficient 'cyber' communication
TARGET NUMBER OF DURATION
AUDIENCE PARTICIPANTS
C-level Management, Up to 15 5 hours
High-level executives,
Ministries management,
Regulatory bodies,
Members of the board
8 // 24 SOPHIC EMPOWERING LEADERS 9 // 24
WORKSHOPS
OT Management
“ANATOMY OF ICS CYBER-ATTACK”
DESCRIPTION
This workshop is focused on providing the knowledge of practical steps that a hacker will While tools, technology and tactics change,
take in the process of a cyber-attack against any ICS systems and Networks. It provides
the participants, via real live demonstrations for the process of the ICS reconnaissance all cyber-attacks have one thing in common,
stage on SCADA systems and personnel through the Shodan and Google Hacking search
engine that lets users find specific types of SCADA Systems. The participants will also learn
they’re all human-driven.
about Active Cyber Defense Cycle and what are the basic cybersecurity steps to reduce Knowing the motivations and tendencies
exploitable Weaknesses and Attacks against ICS Systems.
behind your cyber adversaries can help
MAIN GOALS you make the right strategic decisions and
» Understand and Increase of professional and cyber terms understanding
» Identify some of the current techniques and tools that a hacker will use investments to better protect your organization
» Describe and identify basic principles for active cyber defense
» Apply steps and procedures for variety of situations
VALUES TO PARTICIPANT
✓ Increase of professional and cyber ✓ Understanding and analyzing the OT/IT
term understanding dilemma.
✓ Understand real life threats on ICS ✓ Detailed knowledge about attackers’
systems and actions to reduce techniques and behaviors.
exposure.
OUTCOMES
✓ Summary report of the workshop discussions, finding and materials.
✓ Tools to track threats, vulnerabilities and attacks vectors on ICS.
TARGET NUMBER OF DURATION
AUDIENCE PARTICIPANTS
Operation managers, Up to 15 3 Days
Cyber managers,
IT manager
10 // 24 SOPHIC EMPOWERING LEADERS 11 // 24
RAPID ASSESSMENTS
RAPID
ASSESSMENT RAPID MATURITY
SERVICES SCOPE OF WORK
» Provides an attractive, unique, and rapid cyber maturity assessment of the organization
or any sub-organization(s).
Rapid services are based on high level » Based on high level assessment of different cyber management aspects, providing the
assessment of different cyber management customer quick, directional and efficient information for next steps and prioritization of
actions needed
aspects, leveraging of cyber awareness, » Based on a measurable set of KPI's and IECyber methodologies adapted to customer
providing the customer quick, directional and requirements.
» The model integrates Cyber and Maturity frameworks sources such as NIST, NERC,
efficient information for the next steps and ISO, ANSI, C2M2, INCD, GDPR, SABSA, HIPAA with IEC’s best practices methodology.
prioritization of actions needed. Yet it provides
ability to identify significant gaps and pitfalls VALUES TO PARTICIPANT OUTCOMES
and call for action. ✓ Agile process- Efficient and rapid ✓ High level cyber maturity level report
understanding of the situational ✓ Gap analysis report according to the
cyber maturity level assessment findings
✓ The main gaps and ✓ Recommendations for actions and
recommendations for actions priorities
✓ Ability to prioritize cyber ✓ Presentation session and materials
investments and activities to the organization
✓ Follow-up activity report
TARGET ORGANIZATION DURATION
AUDIENCE
CXO Critical Infrastructure utilities 4 - 10 weeks
CIO’s Enterprises
CISO’s
CXO
12 // 24 SOPHIC EMPOWERING LEADERS 13 // 24RAPID ASSESSMENTS RAPID ASSESSMENTS
RAPID RISK RAPID ORGANIZATION
SCOPE OF WORK SCOPE OF WORK
» Provide a unique "Out of the box" risk management methodology including the most » Creation of a full executable plan and associated documentation to identify gaps and
critical threats and risk points across IT/OT/VT* on top of standard network & asset- build a highly efficient Cyber Organization.
based risk assessment. » Unique methodology in the industry that connects the cyber organization "quality" to
» Fast organizational or specific unit(s) cyber risk process-based assessment, life cycle the cyber sturdiness of the organization.
adaptable. » Share knowledge and skills to further monitor the Cyber Organization quality by
providing 17 different KPI's translated to cyber organizational strength and weakness.
» The methodology is based on worldwide leading standards combined with IECyber's
» Detailed plan with staffing recommendations, practical steps for implementation,
advanced risk assessment methodology, covering chosen enriched sources, adapted
change agents, procedures, roles & responsibilities, success KPI's, controls, and more.
to customer risk appetite and operational environment.
» Analysis includes identification of the gaps and mitigation proposal (detailed reports)
» Executed by IECyber experts. of cyber functional structure, adapted to the client organizational culture, procedures
* Virtual Technology and needs.
VALUES TO PARTICIPANT OUTCOMES VALUES TO PARTICIPANT OUTCOMES
✓ Understanding the main risks and ✓ High level risk assessment report
✓ High level cyber organization ✓ High-level organizational cyber
recommendations for actions including the explanatory variables
quality level including weakness status report, quality and risk at
✓ Understanding the main gaps and status.
and strength analysis existing situation
in the organizational cyber ✓ Risk management process analysis
✓ The main pitfalls and ✓ Gap and pitfalls analysis report
risk management process and & actionable recommendation
recommendations for actions ✓ Recommendations report of changes
recommendations for ACTIONS report.
✓ High level recommendations needed for improvement
✓ Presentation session and materials
for targeting enhanced cyber ✓ Acquire knowledge & skills for Cyber
to the organization
organizatio Organization quality monitoring
✓ Presentation session and materials
to the organization
TARGET ORGANIZATION DURATION TARGET ORGANIZATION DURATION
AUDIENCE AUDIENCE
IT/OT managers Critical Infrastructure utilities 5 - 12 weeks IT/OT managers Critical Infrastructure utilities 4 - 8 weeks
CIO’s CIO’s Enterprises
CISO’s CISO’s
CXO CXO
14 // 24 SOPHIC EMPOWERING LEADERS 15 // 24SECOND OPINION
SECOND OPINION
SECOND OPINION SERVICES
DESCRIPTION
Fast, professional second opinion/validation (SECOP) of various cyber issues, corporate
or specific unit, based on the material (reports, assessments, consulting) previously
prepared by the organization.
SECOP is based on IECyber unique methodologies and vast cyber coping adapted to
customer requirements and environment
The SECOP is essential in the following cases to create a kind of superposition cover,
adding, justifying, and verifying different cyber issues prepared in various Corporate
cyber activities:
» Professional review before final approval of a cyber assessment/ plan/ program.
» Update cyber assessment/plan/ program periodically
» Update the cyber assessment/plan/ program because of the deployment gap.
» To be exposed to a different point of view about cyber assessment/plan/ program
VALUES TO PARTICIPANT
✓ Efficient & rapid second opinion/validation.
✓ Visibility of missing or needless activities.
✓ Increasing certainty and trust on the work/reports/ assessments obtained
✓ Improvement of expense justification and operational balancing
✓ Improvement in the priority set-up of different actions driven from the work/
reports/assessments obtained
✓ “Better sleep”
OUTCOMES
SECOP report including:
✓ Missing elements ✓ 'Next actions plan' adjustment
✓ Needless elements ✓ General evaluation of the given material
✓ Priority adjustment (document/ information) by organization
✓ Expenses adjustment ✓ Validation of the organization material
16 // 24 SOPHIC EMPOWERING LEADERS 17 // 24SECOND OPINION
THE SECOND OPINION SERVICE’S SUBJECTS:
WHY US ?
We are a stakeholder
SUBJECT DOMAIN
• our methods and tools are deeply based on
Organizational Cyber Strategy
STRATEGY & POLICY
Organizational Cyber Policy proven practices at IEC
Organizational Cyber Framework
Cyber architecture
• We have the stakeholder mindset and
Cyber Maturity Assessment
perspective, which gives us a superior
Cyber Risk Assessment understanding of the cyber organization
ASSESSMENTS Cyber Hygiene Assessment
Cyber Organization
• For the more than 25 years our cyber
Cyber Response & Recovery Assessment practices are being extremely tested daily,
SIEM/SOC/SOAR Plan
more than the typical enterprise
SIEM/SOC/SOAR Deployment Plan
SIEM/SOC/SOAR Operations Plan
SUBJECT FOCUSED IT/OT/VT integration Plan
IT/OT/VT integration Deployment Plan
Cyber by Design Plan
Cyber Organization Plan
CUSTOMER SPECIFIC According to customer's request
TARGET ORGANIZATION DURATION
AUDIENCE
IT/OT managers Critical Infrastructure utilities 2 - 5 weeks
CIO’s
CISO’s
CXO
18 // 24 SOPHIC EMPOWERING LEADERS 19 // 24SUBJECT FOCUSED
SUBJECT FOCUSED SIEM / SOC / SOAR
We have implemented at IEC one of the most advanced SOC (IT-OT fusion center)
monitoring 24X7 all IEC IT-OT-Physical assets and we have automated: rules, policy and
procedure to be able to analyze tens of millions cyber suspected events per month
SCOPE OF WORK
» Design of Security Operation Center (SIEM, SOC, architecture, policies, playbook,
roles book, etc…)
» Design of cyber security monitoring and mitigation activity management processes
for the most risky cyber vector attack against predefined domains directed to early
detection cyber- attack on preparation stages and timely initiation and management
mitigation activity.
» Design cyber security hunting processes for predefined domains.
» Training Client's personnel in area mitigation activity based on information
dissemination and workflow management functionality of SOC.
» Develop recommendations for implementation relevant cyber component and
design cyber security architecture directed to improve cyber security resilience of
predefined domains.
» Accompany the customer along the implementation process.
VALUES TO PARTICIPANT OUTCOMES
✓ Central point to monitor and ✓ Proofed design: SOC and IT-OT
mitigate cyber events fusion center
✓ Fast recognition and effective ✓ SOC/SOAR related Policies,
response to cyber-attacks Processes, Procedures
✓ Increase Organization cyber ✓ SOC trained personnel in the area of
defense and resiliency mitigation
TARGET ORGANIZATION DURATION
AUDIENCE
IT/OT managers Critical Infrastructure utilities 12 - 16 weeks
CIO’s Governments
CISO’s Enterprises
CXO MSSP
20 // 24 SOPHIC EMPOWERING LEADERS 21 // 24OUR EXPERIENCE WHY SHOULD IECYBER BE YOUR TRUSTED PARTNER?
» Implementing IEC's SOC (IT-OT Fusion center) » IEC is a worldwide recognized cyber industry innovator, operating for almost 10 years
» Monitoring 24/7 all IEC IT-OT assets a modern IT-OT fusion center, facing sophisticated cyber-attacks on a regular basis
» We have automated: Rules, Policy & Procedures from world "premier-league" adversaries and rogue actors.
» Analyzing tens of millions suspected events per month » IEC operates a highly versatile, evolving cyber fusion center, able to address today's
and to foresee tomorrow's cyber challenges.
YOUR SAFETY » IECyber delivers SOC expert consulting services through its IEC's highly skilled
experts. IEC experts develop playbooks, procedures, policies and unique techniques
» Deep understanding of the actions an adversary may take while operating within an to address hundreds of thousands of daily cyber events.
ICS network » We provide a complete set of SIEM/SOC/SOAR consultancy and implementation
» Better characterize and describe post-compromise adversary behavior services, from “the stakeholder’s view”, along to “the full system life cycle”.
» Help your organization to monitor and detect Domain's adversary cyber-attack groups » All IEC solutions and services are field tested and "battle-proven" 24/7.
» Improve cyber security resilience of domain's like: DMS, AMI, EMS, Power
Generations and IT domains.
22 // 24 SOPHIC EMPOWERING LEADERS 23 // 24About IECyber
IECYBER is The cyber entrepreneurship and business development
unit in Israel Electric Corporation(IEC), providing a unique portfolio
of cyber solutions and services - SOPHIC. 25 years of cyber battle-
proven experience, insights, practices and tools were packed into a
unique cyber defense and resilience game-changing SUITE.
The SOPHIC SUITE including cyber defense and cyber resilience
solutions, based on vast, real-life daily experience, gained in
challenging geopolitical environment, focused on protecting one
of the most critical infrastructure companies and leading vertically
integrated electricity supplier in Israel.
THE SOPHIC SUITE PORTFOLIO:
» Sophic Pro - Expert consulting services and workshops
» Sophic OT- Advanced secure solutions for SCADA systems
» Sophic Picture - providing you a clear, detailed, accurate and
updated picture of your organizational cyber picture, including
strengths & weaknesses analysis.
24 // 24 SOPHIC EMPOWERING LEADERSYou can also read
