SlideShare ist ein Scribd-Unternehmen logo

Whitepaper: Unified Cyber Security Monitoring and Management Framework - Happiest Minds

Happiest Minds Technologies
Happiest Minds Technologies

There are numerous statistics published by security vendors, Government & private agencies, research analysts etc in terms of the cyber attacks.

Technologie
1 von 8
Downloaden Sie, um offline zu lesen
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Introduction There are numerous statistics published by security vendors, Government and private agencies, research analysts etc in terms of the number and type of cyber-attacks, money lost due to cyber-attacks, data exposure and litigations. Though most of these estimates and surveys deploy different methodologies and vary to quite a degree, there are a few facts which cannot be ignored i.e. Cyber- attacks are becoming: More advanced…. o sKyWIper (Flame) is one of the most sophisticated and complex malware ever found o Stuxnet was designed to exploit more than 4 zero-days vulnerabilities (not publically known). More focused and targeted, especially at financial institutions, political, military establishments and intellectual property…. o Stuxnet includes a highly specialized malware payload that is designed to target only Siemens supervisory control and data acquisition (SCADA) systems. o RSA Advanced persistent attack which focuses on getting confidential data from internal servers. o Zeus Botnet primarily focuses on financial frauds o Attacks from Hacktivists like anonymous and lulzsec. The overall risk would still be low if these attacks continue to remain targeted. However, given the ubiquitous nature of the internet, many of these advanced attacks proliferate into the public domain and become a very potent weapon in the hands of even a novice attacker e.g. most of the malware generation toolkits like Zeus, SpyEye etc are currently available in the hackers’ market for a few hundred to a few thousand dollars.
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Source – IBM Security X-Force 2012 Cyber Security Threat Landscape Current cyber security challenges Today, organizations rely heavily on cyber space to reach out to new customers and geographies, drive new business models and enhance operational efficiencies. However, given the increase in the number and sophistication of cyber threats and attacks, it’s very critical for them to understand the risk involved and the counter measures required to derive the desired benefits of cyber space adoption. Though there has been tremendous increase in awareness, technology capabilities, market and vendor focus on cyber security, some key challenges still remain  Evolving risk and attacks – Cyber space has evolved as the backbone for the survival of entire organizations and even entire countries and is now the basic channel for covert warfare and focused attacks.  Increase in complexity and evolving technology landscape – With the introduction of mobility, de-parameterization and cloud adoption , new threat vectors are constantly evolving  Dynamic business environment – IT security is still regarded as a cost center and more effort is required for it to be perceived as a business need and work in collaboration with business.  Point solution approach – Various security solutions provide good protection against a specific security problem, however, interoperability between the various solutions is still an issue  Significant effort and expertise – Significant effort and expertise is required in deployment, management and fine-tuning of cyber security solutions.
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved A unified approach to cyber security monitoring and management Despite reasonable investment in security tools and technologies, several successful attacks have proved that something more needs to be done to effectively detect and manage the growing numbers of threats. One of the major causes is the lack of synergy between various functions and tools within the security domain itself and across layers including physical, network, user, data and application security. Hence, in order to evolve a successful response strategy for cyber security, it is important to look at all these layers holistically and leverage the information available at every layer to develop an overall threat and response model. Unified approach to Cyber Security In order to ensure a unified and holistic approach to cyber security, it’s important to convert data (logs, packets, policies, activities, configurations etc) available across various layers and across different functions/tools into real actionable intelligence. Some of the latest tools such as SIEM (security information and event management) have evolved on this premise and can serve as a basic building block for a unified framework.
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved The critical steps involved in building a unified cyber security monitoring and management framework include: Step 1 - Risk Awareness The most critical aspect of cyber security is to understand existing and emerging risks and threats to the business. A risk based approach will not only ensure the optimum use of investments but will also provide clear and accurate visibility of current posture. Being risk aware broadly means:  Visibility of the existing risks – leveraging vulnerability assessment, penetration testing, configuration audits, data, applications and identity handling policies and processes etc.  Intelligence on emerging threats – leveraging threat intelligence related to emerging attacks, known sources and patterns of attacks, targeted attacks on the industry segments etc in which the organization is operating. Risk assessment should form the basis of all ongoing and new investments. It is also important to design all the management and monitoring processes in accordance with the identified risk to ensure correct categorization, prioritization and response to any potential security threat. Step 2: - Environment Awareness Environment details serve as a fundamental element for the overall cyber security monitoring and management program. Asset information and software/application details from CMDB (configuration management data base), patch level details for patch management database, IP addressing schemes and network topology, business assets by priority, allowed software and applications, applicable policies and compliance regulations not only determine the level of security required and use cases (in terms of determining the rules, access control lists, thresholds, prioritization of security events etc) but also help in responding quickly to any suspicious/confirmed incidents. Step 3: - Identity and Data Awareness The two most critical assets of any organization are its users and data. It’s imperative for any cyber security framework to leverage and utilize the data and identity information to be able to protect against cyber threats.  Identity and access management (IAM) solutions deployed in most organizations not only manage the entire lifecycle of users but can also provide information related to different categories of users including administrators, super users, contractors etc.  Various data security solutions like data leakage protection (DLP) and database activity monitoring (DAM) can help track and monitor any unauthorized and suspicious use or leakage of data.
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved The integration of identity and data information in the framework will help to define the right level of data access levels, track and monitor privileged and disgruntled user activities, identify unauthorized entitlement changes and unauthorized data access/loss. Step 4: - Business Awareness Most of the current efforts in cyber security monitoring and management focus more on the infrastructure, host layers and security products. While these are critical elements, they exist solely to support business and business applications. It is important for the security team to understand the business context and build capabilities to detect and respond to any threats that can impact business applications (including packaged apps, web apps and custom apps). The traditional security tools do not have the integration and inspection capabilities for business contexts (though they can still carry out traffic inspection for protocol level anomalies and code level anomalies). In order to extract and use the information relevant to security, a separate intelligence engine is required. Such an engine should have the ability to look at transactions logs and audit logs to determine fraudulent activities and anomalous patterns and correlate this information with other layers to identify relevant threats and attacks. Tools like Splunk and Apache Lucene can be used to build such inspection engines. Step 5: - Content Visibility Security tools operate at different levels when it comes to the logging of actual content. While a SIEM solution typically works at the audit log level, an Intrusion Detection and Prevention Systems solution actually logs the entire packet detail at the network level. Many times, working only at the log level or isolated packet level does not provide the complete context for getting the desired level of visibility. In order to build complete visibility across the network, details of actual data traversing the network can answer most of the requirements including identification of threats and anomalous behavior, faster incident response and forensic and legal analysis. Such a solution has the ability to capture all the traffic traversing the network across the desired segments, create alerts on suspicious behaviors and recreate the complete session details to pin point the exact issue. Step 6: Hidden Intelligence Though SIEM tools and packet capturing tools have solved the issue of collecting and storing data for purposes of reporting, investigation etc, the amount of data generated in today’s organizations can easily overload these tools and prevent any intelligence from being generated. Big Data platforms are evolving as very useful tools to address a lot of business intelligence and data mining applications and it is also possible to use these platforms for the purpose of security intelligence. Using Big Data platforms and tools, it is now possible to generate trends and carry out pattern analysis over a very large set of data, which can help in identification of slow moving attacks, building statistical
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved machine learning models for predictive behavior analysis, identify any bottlenecks with regard to capacity, performance, availability etc. Most importantly, for any cyber security solution to work, it must be managed effectively and evolve continuously. Deployment of point solution products and security technologies do not serve the purpose if they are not continuously updated and fine-tuned. Similarly, the overall cyber security framework should be capable of being upgraded and flexible enough to add new innovations, scale to meet new technology architecture like cloud, mobility and evolve to counter the latest emerging threats. Conclusion Countering focused and targeted attacks requires a focused cyber security strategy. Organizations need to take a proactive approach to ensure that they stay secure in cyber space and adopt a robust cyber security strategy which should be:  Risk driven: To ensure continuous awareness and mitigation of existing and emerging threats and risks  Holistic: To cover all the layers including infrastructure, applications, data and users  Adaptable: To address new business models and threats  Efficient: To support business dynamics, utilize existing investments and maximize return on investment  Collaborative: To leverage the expert knowledge and experience Credits and References  IBM X-Force 2012 Cyber Security Threat landscape  Content Aware SIEM Defined – by Dr. Anton Chuvakin and Eric D. Knapp  Oracle Information Architecture: An Architect’s Guide to Big Data  Splunk for Application Management – Splunk  The Business case for a Next-Generation SIEM – IBM(Q1 Labs)  Apache Hadoop and Sub-projects
© Happiest Minds Technologies Pvt. Ltd. All Rights Reserved To learn more about the Happiest Minds Cyber Security Offerings, please write to us at business@happiestminds.com About Happiest Minds Happiest Minds is a next-generation IT services company helping clients differentiate and win with a unique blend of innovative solutions and services based on the core technology pillars of cloud computing, social computing, mobility and analytics. We combine an unparalleled experience, comprehensive capabilities in the following industries: Retail, Media, CPG, Manufacturing, Banking and Financial services, Travel and Hospitality and Hi-Tech with pragmatic, forward-thinking advisory capabilities for the world’s top businesses, governments and organizations. Founded in 2011, Happiest Minds is privately held with headquarters in Bangalore, India and offices in the USA and UK. Corporate Office Happiest Minds Technologies Pvt. Ltd. Block II, Velankani Tech Park 43 Electronics City Hosur Road, Bangalore 560100, INDIA Phone: +91 80 332 03333 Fax: +91 80 332 03000 United States 116 Village Boulevard, Suite 200 Princeton, New Jersey, 08540 Phone:+1 609 951 2296 2018 156th Avenue NE #224 Bellevue, WA 98007 United Kingdom 200 Brook Drive, Green Park, Reading Berkshire, RG2 6UB Phone: +44 11892 56072 Fax: + 44 11892 56073 About the author Vijay Bharti (Vijay.bharti@hapiestminds.com) heads the infrastructure security practice at Happiest Minds Technologies Pvt. Limited. He brings in more than 15 years of experience in the area of IT Security across multiple domains like Identity and Access Management, Data Security, Cloud Security and infrastructure Security. His recent work includes building Security operation center frameworks (including people, processes and various SIEM technologies) where he is working on building an integrated view of security and ways of leveraging advance analytics and big data innovations for cyber security.

Empfohlen

FFIEC Regulatory Training
FFIEC Regulatory TrainingFFIEC Regulatory Training
FFIEC Regulatory TrainingBrad Garland
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryWilliam McBorrough
 
Dodd Frank Act 2015 Rule Implementation: Will The World End?
Dodd Frank Act 2015 Rule Implementation: Will The World End?Dodd Frank Act 2015 Rule Implementation: Will The World End?
Dodd Frank Act 2015 Rule Implementation: Will The World End?Jillayne Schlicke
 
The Dodd-Frank Act
The Dodd-Frank ActThe Dodd-Frank Act
The Dodd-Frank ActTeresa Rothaar
 
The Impact of the Dodd-Frank Act on Your Bank
The Impact of the Dodd-Frank Act on Your BankThe Impact of the Dodd-Frank Act on Your Bank
The Impact of the Dodd-Frank Act on Your BankEDR
 
A Summary of the Dodd Frank Act and How it Affects Hedge Funds
A Summary of the Dodd Frank Act and How it Affects Hedge FundsA Summary of the Dodd Frank Act and How it Affects Hedge Funds
A Summary of the Dodd Frank Act and How it Affects Hedge FundsHedge Fund South Africa
 
Largest Electricity provider in the US- Case Study
Largest Electricity provider in the US- Case StudyLargest Electricity provider in the US- Case Study
Largest Electricity provider in the US- Case StudyHappiest Minds Technologies
 
BFSI GLOBAL TRENDS FY 24
BFSI GLOBAL TRENDS FY 24BFSI GLOBAL TRENDS FY 24
BFSI GLOBAL TRENDS FY 24Happiest Minds Technologies
 

Empfohlen

FFIEC Regulatory Training
FFIEC Regulatory TrainingFFIEC Regulatory Training
FFIEC Regulatory TrainingBrad Garland
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryCyber Crime Threat Landscape - A Focus on the Financial Industry
Cyber Crime Threat Landscape - A Focus on the Financial IndustryWilliam McBorrough
 
Dodd Frank Act 2015 Rule Implementation: Will The World End?
Dodd Frank Act 2015 Rule Implementation: Will The World End?Dodd Frank Act 2015 Rule Implementation: Will The World End?
Dodd Frank Act 2015 Rule Implementation: Will The World End?Jillayne Schlicke
 
The Dodd-Frank Act
The Dodd-Frank ActThe Dodd-Frank Act
The Dodd-Frank ActTeresa Rothaar
 
The Impact of the Dodd-Frank Act on Your Bank
The Impact of the Dodd-Frank Act on Your BankThe Impact of the Dodd-Frank Act on Your Bank
The Impact of the Dodd-Frank Act on Your BankEDR
 
A Summary of the Dodd Frank Act and How it Affects Hedge Funds
A Summary of the Dodd Frank Act and How it Affects Hedge FundsA Summary of the Dodd Frank Act and How it Affects Hedge Funds
A Summary of the Dodd Frank Act and How it Affects Hedge FundsHedge Fund South Africa
 
Largest Electricity provider in the US- Case Study
Largest Electricity provider in the US- Case StudyLargest Electricity provider in the US- Case Study
Largest Electricity provider in the US- Case StudyHappiest Minds Technologies
 
BFSI GLOBAL TRENDS FY 24
BFSI GLOBAL TRENDS FY 24BFSI GLOBAL TRENDS FY 24
BFSI GLOBAL TRENDS FY 24Happiest Minds Technologies
 
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKINGARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKINGHappiest Minds Technologies
 
DIGITAL MANUFACTURING
DIGITAL MANUFACTURINGDIGITAL MANUFACTURING
DIGITAL MANUFACTURINGHappiest Minds Technologies
 
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & InsuranceExploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & InsuranceHappiest Minds Technologies
 
AN OVERVIEW OF THE METAVERSE
AN OVERVIEW OF THE METAVERSEAN OVERVIEW OF THE METAVERSE
AN OVERVIEW OF THE METAVERSEHappiest Minds Technologies
 
VMware to AWS Cloud Migration
VMware to AWS Cloud MigrationVMware to AWS Cloud Migration
VMware to AWS Cloud MigrationHappiest Minds Technologies
 
Digital-Content-Monetization-DCM-Platform-2.pdf
Digital-Content-Monetization-DCM-Platform-2.pdfDigital-Content-Monetization-DCM-Platform-2.pdf
Digital-Content-Monetization-DCM-Platform-2.pdfHappiest Minds Technologies
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0Happiest Minds Technologies
 
Cloud Reshaping Banking
Cloud Reshaping BankingCloud Reshaping Banking
Cloud Reshaping BankingHappiest Minds Technologies
 
Automating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UKAutomating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UKHappiest Minds Technologies
 
PAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArkPAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArkHappiest Minds Technologies
 
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...Happiest Minds Technologies
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESHappiest Minds Technologies
 
Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Happiest Minds Technologies
 
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Happiest Minds Technologies
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITHappiest Minds Technologies
 
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDITHappiest Minds Technologies
 
How to Approach Tool Integrations
How to Approach Tool IntegrationsHow to Approach Tool Integrations
How to Approach Tool IntegrationsHappiest Minds Technologies
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITHappiest Minds Technologies
 
Contact Centre Growing Digital
Contact Centre Growing DigitalContact Centre Growing Digital
Contact Centre Growing DigitalHappiest Minds Technologies
 
California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)Happiest Minds Technologies
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 

Weitere ähnliche Inhalte

Mehr von Happiest Minds Technologies

Exploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & InsuranceExploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & InsuranceHappiest Minds Technologies
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0Happiest Minds Technologies
 
Automating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UKAutomating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UKHappiest Minds Technologies
 
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...Happiest Minds Technologies
 
Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Happiest Minds Technologies
 
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Happiest Minds Technologies
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITHappiest Minds Technologies
 
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDITHappiest Minds Technologies
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITHappiest Minds Technologies
 

Mehr von Happiest Minds Technologies (20)

ARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKINGARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
ARTIFICIAL INTELLIGENCE IN DIGITAL BANKING
 
DIGITAL MANUFACTURING
DIGITAL MANUFACTURINGDIGITAL MANUFACTURING
DIGITAL MANUFACTURING
 
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & InsuranceExploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
Exploring the Potential of ChatGPT in Banking, Financial SERVICES & Insurance
 
AN OVERVIEW OF THE METAVERSE
AN OVERVIEW OF THE METAVERSEAN OVERVIEW OF THE METAVERSE
AN OVERVIEW OF THE METAVERSE
 
VMware to AWS Cloud Migration
VMware to AWS Cloud MigrationVMware to AWS Cloud Migration
VMware to AWS Cloud Migration
 
Digital-Content-Monetization-DCM-Platform-2.pdf
Digital-Content-Monetization-DCM-Platform-2.pdfDigital-Content-Monetization-DCM-Platform-2.pdf
Digital-Content-Monetization-DCM-Platform-2.pdf
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
 
Cloud Reshaping Banking
Cloud Reshaping BankingCloud Reshaping Banking
Cloud Reshaping Banking
 
Automating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UKAutomating SOC1/2 Compliance- For a leading Software solution company in UK
Automating SOC1/2 Compliance- For a leading Software solution company in UK
 
PAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArkPAMaaS- Powered by CyberArk
PAMaaS- Powered by CyberArk
 
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
GUIDE TO KEEP YOUR END-USERS CONNECTED TO THE DIGITAL WORKPLACE DURING DISRUP...
 
SECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKESSECURING THE CLOUD DATA LAKES
SECURING THE CLOUD DATA LAKES
 
Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)Complete Guide to General Data Protection Regulation (GDPR)
Complete Guide to General Data Protection Regulation (GDPR)
 
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
Azure bastion- Remote desktop RDP/SSH in Azure using Bastion Service as (PaaS)
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
 
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN CPG THROUGH INTELLIGENT FREIGHT AUDIT
 
How to Approach Tool Integrations
How to Approach Tool IntegrationsHow to Approach Tool Integrations
How to Approach Tool Integrations
 
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDITREDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
REDUCING TRANSPORTATION COSTS IN RETAIL THROUGH INTELLIGENT FREIGHT AUDIT
 
Contact Centre Growing Digital
Contact Centre Growing DigitalContact Centre Growing Digital
Contact Centre Growing Digital
 
California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)California Consumer Privacy Act (CCPA)
California Consumer Privacy Act (CCPA)
 

Kürzlich hochgeladen

DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 

Kürzlich hochgeladen (20)

DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 

Whitepaper: Unified Cyber Security Monitoring and Management Framework - Happiest Minds

  • 1. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice
  • 2. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Introduction There are numerous statistics published by security vendors, Government and private agencies, research analysts etc in terms of the number and type of cyber-attacks, money lost due to cyber-attacks, data exposure and litigations. Though most of these estimates and surveys deploy different methodologies and vary to quite a degree, there are a few facts which cannot be ignored i.e. Cyber- attacks are becoming: More advanced…. o sKyWIper (Flame) is one of the most sophisticated and complex malware ever found o Stuxnet was designed to exploit more than 4 zero-days vulnerabilities (not publically known). More focused and targeted, especially at financial institutions, political, military establishments and intellectual property…. o Stuxnet includes a highly specialized malware payload that is designed to target only Siemens supervisory control and data acquisition (SCADA) systems. o RSA Advanced persistent attack which focuses on getting confidential data from internal servers. o Zeus Botnet primarily focuses on financial frauds o Attacks from Hacktivists like anonymous and lulzsec. The overall risk would still be low if these attacks continue to remain targeted. However, given the ubiquitous nature of the internet, many of these advanced attacks proliferate into the public domain and become a very potent weapon in the hands of even a novice attacker e.g. most of the malware generation toolkits like Zeus, SpyEye etc are currently available in the hackers’ market for a few hundred to a few thousand dollars.
  • 3. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved Source – IBM Security X-Force 2012 Cyber Security Threat Landscape Current cyber security challenges Today, organizations rely heavily on cyber space to reach out to new customers and geographies, drive new business models and enhance operational efficiencies. However, given the increase in the number and sophistication of cyber threats and attacks, it’s very critical for them to understand the risk involved and the counter measures required to derive the desired benefits of cyber space adoption. Though there has been tremendous increase in awareness, technology capabilities, market and vendor focus on cyber security, some key challenges still remain  Evolving risk and attacks – Cyber space has evolved as the backbone for the survival of entire organizations and even entire countries and is now the basic channel for covert warfare and focused attacks.  Increase in complexity and evolving technology landscape – With the introduction of mobility, de-parameterization and cloud adoption , new threat vectors are constantly evolving  Dynamic business environment – IT security is still regarded as a cost center and more effort is required for it to be perceived as a business need and work in collaboration with business.  Point solution approach – Various security solutions provide good protection against a specific security problem, however, interoperability between the various solutions is still an issue  Significant effort and expertise – Significant effort and expertise is required in deployment, management and fine-tuning of cyber security solutions.
  • 4. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved A unified approach to cyber security monitoring and management Despite reasonable investment in security tools and technologies, several successful attacks have proved that something more needs to be done to effectively detect and manage the growing numbers of threats. One of the major causes is the lack of synergy between various functions and tools within the security domain itself and across layers including physical, network, user, data and application security. Hence, in order to evolve a successful response strategy for cyber security, it is important to look at all these layers holistically and leverage the information available at every layer to develop an overall threat and response model. Unified approach to Cyber Security In order to ensure a unified and holistic approach to cyber security, it’s important to convert data (logs, packets, policies, activities, configurations etc) available across various layers and across different functions/tools into real actionable intelligence. Some of the latest tools such as SIEM (security information and event management) have evolved on this premise and can serve as a basic building block for a unified framework.
  • 5. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved The critical steps involved in building a unified cyber security monitoring and management framework include: Step 1 - Risk Awareness The most critical aspect of cyber security is to understand existing and emerging risks and threats to the business. A risk based approach will not only ensure the optimum use of investments but will also provide clear and accurate visibility of current posture. Being risk aware broadly means:  Visibility of the existing risks – leveraging vulnerability assessment, penetration testing, configuration audits, data, applications and identity handling policies and processes etc.  Intelligence on emerging threats – leveraging threat intelligence related to emerging attacks, known sources and patterns of attacks, targeted attacks on the industry segments etc in which the organization is operating. Risk assessment should form the basis of all ongoing and new investments. It is also important to design all the management and monitoring processes in accordance with the identified risk to ensure correct categorization, prioritization and response to any potential security threat. Step 2: - Environment Awareness Environment details serve as a fundamental element for the overall cyber security monitoring and management program. Asset information and software/application details from CMDB (configuration management data base), patch level details for patch management database, IP addressing schemes and network topology, business assets by priority, allowed software and applications, applicable policies and compliance regulations not only determine the level of security required and use cases (in terms of determining the rules, access control lists, thresholds, prioritization of security events etc) but also help in responding quickly to any suspicious/confirmed incidents. Step 3: - Identity and Data Awareness The two most critical assets of any organization are its users and data. It’s imperative for any cyber security framework to leverage and utilize the data and identity information to be able to protect against cyber threats.  Identity and access management (IAM) solutions deployed in most organizations not only manage the entire lifecycle of users but can also provide information related to different categories of users including administrators, super users, contractors etc.  Various data security solutions like data leakage protection (DLP) and database activity monitoring (DAM) can help track and monitor any unauthorized and suspicious use or leakage of data.
  • 6. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved The integration of identity and data information in the framework will help to define the right level of data access levels, track and monitor privileged and disgruntled user activities, identify unauthorized entitlement changes and unauthorized data access/loss. Step 4: - Business Awareness Most of the current efforts in cyber security monitoring and management focus more on the infrastructure, host layers and security products. While these are critical elements, they exist solely to support business and business applications. It is important for the security team to understand the business context and build capabilities to detect and respond to any threats that can impact business applications (including packaged apps, web apps and custom apps). The traditional security tools do not have the integration and inspection capabilities for business contexts (though they can still carry out traffic inspection for protocol level anomalies and code level anomalies). In order to extract and use the information relevant to security, a separate intelligence engine is required. Such an engine should have the ability to look at transactions logs and audit logs to determine fraudulent activities and anomalous patterns and correlate this information with other layers to identify relevant threats and attacks. Tools like Splunk and Apache Lucene can be used to build such inspection engines. Step 5: - Content Visibility Security tools operate at different levels when it comes to the logging of actual content. While a SIEM solution typically works at the audit log level, an Intrusion Detection and Prevention Systems solution actually logs the entire packet detail at the network level. Many times, working only at the log level or isolated packet level does not provide the complete context for getting the desired level of visibility. In order to build complete visibility across the network, details of actual data traversing the network can answer most of the requirements including identification of threats and anomalous behavior, faster incident response and forensic and legal analysis. Such a solution has the ability to capture all the traffic traversing the network across the desired segments, create alerts on suspicious behaviors and recreate the complete session details to pin point the exact issue. Step 6: Hidden Intelligence Though SIEM tools and packet capturing tools have solved the issue of collecting and storing data for purposes of reporting, investigation etc, the amount of data generated in today’s organizations can easily overload these tools and prevent any intelligence from being generated. Big Data platforms are evolving as very useful tools to address a lot of business intelligence and data mining applications and it is also possible to use these platforms for the purpose of security intelligence. Using Big Data platforms and tools, it is now possible to generate trends and carry out pattern analysis over a very large set of data, which can help in identification of slow moving attacks, building statistical
  • 7. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved machine learning models for predictive behavior analysis, identify any bottlenecks with regard to capacity, performance, availability etc. Most importantly, for any cyber security solution to work, it must be managed effectively and evolve continuously. Deployment of point solution products and security technologies do not serve the purpose if they are not continuously updated and fine-tuned. Similarly, the overall cyber security framework should be capable of being upgraded and flexible enough to add new innovations, scale to meet new technology architecture like cloud, mobility and evolve to counter the latest emerging threats. Conclusion Countering focused and targeted attacks requires a focused cyber security strategy. Organizations need to take a proactive approach to ensure that they stay secure in cyber space and adopt a robust cyber security strategy which should be:  Risk driven: To ensure continuous awareness and mitigation of existing and emerging threats and risks  Holistic: To cover all the layers including infrastructure, applications, data and users  Adaptable: To address new business models and threats  Efficient: To support business dynamics, utilize existing investments and maximize return on investment  Collaborative: To leverage the expert knowledge and experience Credits and References  IBM X-Force 2012 Cyber Security Threat landscape  Content Aware SIEM Defined – by Dr. Anton Chuvakin and Eric D. Knapp  Oracle Information Architecture: An Architect’s Guide to Big Data  Splunk for Application Management – Splunk  The Business case for a Next-Generation SIEM – IBM(Q1 Labs)  Apache Hadoop and Sub-projects
  • 8. © Happiest Minds Technologies Pvt. Ltd. All Rights Reserved To learn more about the Happiest Minds Cyber Security Offerings, please write to us at business@happiestminds.com About Happiest Minds Happiest Minds is a next-generation IT services company helping clients differentiate and win with a unique blend of innovative solutions and services based on the core technology pillars of cloud computing, social computing, mobility and analytics. We combine an unparalleled experience, comprehensive capabilities in the following industries: Retail, Media, CPG, Manufacturing, Banking and Financial services, Travel and Hospitality and Hi-Tech with pragmatic, forward-thinking advisory capabilities for the world’s top businesses, governments and organizations. Founded in 2011, Happiest Minds is privately held with headquarters in Bangalore, India and offices in the USA and UK. Corporate Office Happiest Minds Technologies Pvt. Ltd. Block II, Velankani Tech Park 43 Electronics City Hosur Road, Bangalore 560100, INDIA Phone: +91 80 332 03333 Fax: +91 80 332 03000 United States 116 Village Boulevard, Suite 200 Princeton, New Jersey, 08540 Phone:+1 609 951 2296 2018 156th Avenue NE #224 Bellevue, WA 98007 United Kingdom 200 Brook Drive, Green Park, Reading Berkshire, RG2 6UB Phone: +44 11892 56072 Fax: + 44 11892 56073 About the author Vijay Bharti (Vijay.bharti@hapiestminds.com) heads the infrastructure security practice at Happiest Minds Technologies Pvt. Limited. He brings in more than 15 years of experience in the area of IT Security across multiple domains like Identity and Access Management, Data Security, Cloud Security and infrastructure Security. His recent work includes building Security operation center frameworks (including people, processes and various SIEM technologies) where he is working on building an integrated view of security and ways of leveraging advance analytics and big data innovations for cyber security.