CYBER SECURITY

MANAGED SECURITY SERVICES

PROFESSIONAL SECURITY SERVICES
COMPLIANCE CONSULTING

Security | Engineering | Technology

 ABOUT US

Si is driven by a desire to offer our clients the highest degree of protection against todays cyber threats. We do this by delivering
the most customizable approach to security managed services available and by providing a highly tailored and responsive
approach for each client. We protect all IT assets including virtual assets, cloud and traditional infrastructure using our team of
over 150 dedicated security experts from our Security Operations Centres in London, New York, Dubai and Mumbai.

CONTENTS
Solutions & Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Managed Security Services . . . . . . . . . . . . . . . . . . . . . . . . . 2
Managed Firewall & Managed SIEM . . . . . . . . . . . . . . . . . 4
SOC-in-a-Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Assisted SOC Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Customer dashboards . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
White Labeled Managed Services . . . . . . . . . . . . . . . . . . 12
Advanced Threat Protection and Malware Detection . 14
Managed Honeypot Active Defense . . . . . . . . . . . . . . . 16
Established in 2003 with over a decade in Security and Cyber Security consulting and management services, our objective is
to place the power of our SOC team into our clients’ hands to provide complete visibility of security events and threats within
their environments. Our aim is to become an extension of our clients’ internal teams as a trusted partner.
Why Us?
• Dedicated security specialist • Powered by industry best technology
Professional Security Services . . . . . . . . . . . . . . . . . . . . . 24 • Global SOC’s across 4 continents • Powered by industry experts and analysts
Vulnerability Assessments . . . . . . . . . . . . . . . . . . . . . . . . 26
Solutions & Services
Penetration Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Si provides Managed Security and Professional Security Consulting services to thousands of end customers. Our delivery
Web Application Security Testing . . . . . . . . . . . . . . . . . . 28
model utilizes a cloud based information security and compliance solution, which requires no capital expenditure from our
Network Risk Assessments . . . . . . . . . . . . . . . . . . . . . . . . 29 clients and is accessible via a secure and innovative customer platform.
Firewall Migration Services . . . . . . . . . . . . . . . . . . . . . . . . 30
OBJECTIVE
Network Architecture Review . . . . . . . . . . . . . . . . . . . . . 31
BYOD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 Born out of a common vision... “we deliver to our clients the very best security services by using innovation,
professionalism and our depth of expertise.“
Compliance Consulting . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

ISMS - ISO 27001 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 We deliver on our promise to enhance our clients’ information security posture, lower their total cost of ownership and
Managed SCADA Security . . . . . . . . . . . . . . . . . . . . . . . . 17
demonstrate compliance through our managed security and professional services, day in, day out 24 x 7.
Continuous Threat Defense Service BCP & Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Machine Learnt Behavioural Anomalytics . . . . . . . . . . . 18 PCI Compliance & PCIS . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Managed Services Compliance
Benefits of Engaging an MSS Provider . . . . . . . . . . . . . . 20 Compliance & Security Skills Training . . . . . . . . . . . . . . . 39 • Managed IDS & IPS • PCI consulting
Si CSIRT Teams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 Contact Us . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 • Firewall management • PCI scanning
• Managed application firewall • ISO 27001
• Log monitoring • Polices & procedures
• Log retention • ITIL readiness & training
• SIEM as a service • Business continuity planning
• CSIRT (Computer Security Incident Response)

Professional Services
• Vulnerability management & testing
• Penetration testing
• Web application security
• Network risk assessment
• Device configuration & mitigation reviews
• Cyber forensics
• BYOD
 Si enhances the operational efficiency of our clients’ information systems with our Managed Security Services. By optimizing
IT asset utilization, risk management and compliance we improve uptime and availability.

We design, build and operate security operation centres either onsite at our customers’ locations or in the cloud through our
network of security operation centres.

We have built and we operate security operation centres across London, New York, Dubai and Mumbai. This gives us a
proactive 360o view of global threats.

We are dedicated to serving a range of customers across

We provide the following Managed Security Services: verticals such as financial services, telecoms, retail and
• Design of security operations centres (SOCs) healthcare with 80% of our global clients comprising
• Onsite operation of our clients’ SOCs blue-chip Fortune 500 and Government organisations.
• White labeled MSSP solutions
• A cloud based managed firewall + SIEM service
• On demand Security Incident Response Teams (SIRT)

Services Description

24x7 monitoring and managing of customers security devices

Managed Firewall
“Establish a monitoring strategy and develop supporting policies,
Managed SIEM
taking into account previous security incidents and attacks, and Advanced Threat Protection and Malware Detection
your organisation’s incident management policies. Continuously Managed SCADA Security
(FW, IPS, UTM, WAF and more)
24x7 monitoring of customer assets and event correlation
(network, servers, apps, databases, FW, IPS)
Supply & management of advance next generation FW’s, IPS’s and malware
detection probes with advanced correlation
Supply and management of SCADA firewalls for critical infra, oil & gas

monitor inbound and outbound network traffic to identify unusual Advanced Threat Management Supply and correlation of commercial threat feeds (e.g Norse).

activity or trends that could indicate attacks and the compromise Managed Vulnerability Management Vulnerability Management

of data” Honeypot Active Defense

Active defense utilising honeypot infrastructure correlated with SIEM for
proactive management
Supply & management of web application firewalls utilising Citrix Netscaler
Extract from the “10 Steps to Cyber Security”, CESG information security arm of GCHQ Managed Web Application Firewall
for defense of web environments
Advanced behaviour analysis using cyberflow anormalytics to detect
Continuous Threat Defense
malicious activity
Supply & management of SOC infrastructure onto a customer site including
SOC-in-a-Box + 24X7 Monitoring
the 24 x 7 monitoring of all event sources
Onsite provision of staffing to monitor, administer and manage customer
SOC Staffing Outsource - Onsite
deployed and owned SOC infrastructure and event sources
Offsite provision of staffing to monitor customer deployed and owned SOC
SOC Staffing Outsource - Offsite
infrastructure and event sources
MANAGED FIREWALL & MANAGED SIEM

Managing and monitoring security devices is a highly skilled operation that can be a time consuming and resource intensive Firewall / IDS / IPS / Network Devices / Server
process. Our managed security services allow our clients to focus on their core business while we concentrate on providing
secured networks and systems. Security Services Feature Set Monitor Manage
24x7 Proactive Security Incident Monitoring,
The service we offer is 24x7 and is scalable, compliant and cost effective. This service is designed for banking, government and
Detection & Notification
enterprise clients that wish to outsource SIEM services against strict SLA’s and compliance requirements.
Threat Management SIEM & Correlation
Security Policy Consultation
With over 20,000 devices under management, our cloud based service is secured across our redundant global SOCs and offers
Incident Management
a resilient and dependable service.
Maintain Device Inventory Database
Configuration Management
Summary Features Backup of Device Configuration
Availability Monitoring
Fault Detection & Notification
Advanced Event Correlation Fault Management
24 X 7 Security Monitoring In Country Log Retention Real Time Incident Response Fault Diagnosis & Resolution
Vendor Management
Maintain Documentation
Event Storage For ISO 270001, SANS 20 15 Minute SLA Response SIEM Powered Policy & Signature Configuration Changes
Forensic Analysis Compliance Reports Time By LogRhythm 
Change Management OS Updates, Patches & Signatures
Maintain CMDB
Web Based Customer Policy & Signature Performance, Availability
Weekly Reports Operating System Upgrades
Dashboards Configuration Changes & Threat Management
Basic Reporting
Reporting
Advanced Reporting
What do we manage? Web Based Portal
Web Portal
Access to Threat Feeds
Servers & System OS, 120 days online log retention
Core Network Equipment Network Security Equipment Log Retention
Applications & Databases 12 months archival (Customisable)
Security Managed Servers (Windows,
Network Routers / Switches Managed Firewalls
Linux, Unix, ESX)
Global Security Operations Center. SOC
Applications Network Wireless LAN Managed Network IDS or IPS Co-location center All logs stay in country
TIER 3 D.C
Databases Network Load-Balancers / Accelerators Managed Network VPN Routers
VPN SECURE
Email Servers Managed Network AntiSpam / Proxys Customer Network
VPN SECURE

Managed UTMs
Managed firewall /
UTM / IDS

Managed switch / router

Managed server

Business application monitoring

MANAGED FIREWALL & MANAGED SIEM CYBER SECURITY | CAPABILITY STATEMENT | 5

SOC-IN-A-BOX

Si recognises that many clients have a business demand to locate our Security Operations Centre on their premises SOC and Incident Response Processes
/ data centres. We offer a rapid deployment solution to enable our clients to become operational in a matter of
days including people, processes and technology components. At the heart of the SOC lies an industry leading SIEM Si’s team has been designing, operating and consulting on SOC deployments globally for over 10 years and a particular
(LogRhythm Security Analytics Platform) that is closely coupled with additional modules which may be added at the strength is our ability to develop and optimise SOC and Incident Response processes. Whilst this element is often overlooked
customer request to include full SOC functionality. we believe this is the single most important ingredient to consistent successes and predictable results. Our clients will benefit
from this experience when they partner with Si to deliver our SOC-in-a-Box offering.
Technology Elements
Our SOC-in-a-Box deployment represents an agnostic approach to the component architecture and provides the choice
of vendor to our customers from the following matrix. STEP 1 STEP 2 STEP 3
Select Technology Select Staffing Select Processes

SOC Component Technology

Core Component: LogRhythm Security Analytics Platform OPTION 1: 24x7 Outsource

Si Soc Processes
LogRhythm Onsite – Buy Onsite Team
Module 1: Incident Response Workflow Handling Request Tracker

Module 2: Vulnerability Management Rapid7, Nessus or Qualys

OPTION 2: 24x7 Remote Monitoring
Module 3: Advanced Threat Defence Customer Soc Processes
Palo Alto, Cisco Sorcefire or ThreatTrack LogRhythm Onsite – Lease Offsite Team

Module 4: Advanced Threat Intelligence Norse

24x7 Hybrid Team
OPTION 3:
Module 5: Honey Pot Active defence Honeypot Infrastructure - HoneyDrive Soc in a box
Day shift - Onsite Team
Night Shift - Remote Offsite
Module 6: Web Application Defence LogRhythm Web Application Defense Suite + Third party WAF (Optional)

Module 7: Continuous Threat Defence CyberFlow Anormalytics Suite - Anomaly Detection system
Service Delivery Architecture

People (Staffing) Elements

The heart of an effective SOC operation is the quality of staffing together with
robust and tested SOC policies and processes. In all cases, a 24x7 SOC operation
is required to ensure a continuous level of monitoring and defence and whilst
this can be cost prohibitive for many organisations we offer three options to
achieve this objective.

Options: Staffing
Option 1: Remote 24x7 monitoring from our Global Security Operations Centre.
Option 2: Onsite 24x7 monitoring at our customer’s site location
Option 3: Hybrid – Onsite (8x5) team, offsite (evening shift, weekends and public holidays)

In all cases we ensure that all security logs stay onsite at the customers SOC
infrastructure.

SOC-IN-A-BOX CYBER SECURITY | CAPABILITY STATEMENT | 7

ASSISTED SOC SERVICES

Empowered SIEM Benefits – Cost & Performance

Technology itself is not enough; an efficient SOC team requires a critical balance of people, process and technology. Si The adoption of “Assisted SOC” is motivated by three key messages: “Less Cost”, “Increased Performance” and “Service
partners with LogRhythm to empower our customers to and leverage their existing SIEM investments by providing a 24 Assurance (SLA)”. We demonstrate to our customers that we deliver SOC monitoring services better and for less than the cost
x 7 Monitoring service offering. of an in-house service.

Sample Use Case – Customer X

The Operational Challenge
Key Questions A customer requires a 24x7 monitoring service to support their LogRhythm Security Intelligence platform with an average
SOC ops require highly skilled security MPS throughput of 1,000 MPS.
professionals to investigate security Does outsourcing make sense?
Cost Assumptions
incidents, perform incident response and It does when expertise is not available in-house, or when budget
forensics and help keep an organization does not allow for investment needed to employ, house, and train a The following cost assumptions are used for the cost benefit assessment.
afloat amid a data breach. 24 x 7 SOC team.
SOC Operator (L1)
An enterprise looking to operate a SOC needs Can building a self-contained, well-staffed SOC become cost- Salary (£32,000/yr): £2,667 / mth
to evaluate whether it has the expertise prohibitive for many? Overhead (20% Salary): £533 / mth
in-house to deliver effective monitoring. The The answer is yes primarily due to the resource cost of providing a Desk Space £600 / mth
option is to transfer the risk to a specialist 24x7 team, after all cyber never sleeps! However if budget does not Others £500 / mth Note that a 24x7 operation requires a 5 shift model and a
SOC operator and at Si we offer services to allow for an onsite team then a remote service to deliver log analysis Total Cost to Employ £4,300 / mth minimum of 5 dedicated SOC operators.
support these challenges. and event monitoring can be an economical option.

What is Included?
Cost /mth of 24X7 Performance SLA Response
monitoring team + Skills level
Security Services Feature Set Monitor

Threat Management
Configuration Management
24x7 Proactive Security Incident Monitoring, Detection & Notification Customer X: ? Result:
Expensive, no service
In house team 5 X £4,300 = £21,500 Difficult to achieve with Difficult to track and guarantee + performance
SIEM Event Management & Correlation
in house team manage risk + staff risks
Security Policy Consultation
Result:
Maintain Device Inventory Database Si remote
Si dedicated security Less cost + better service
outsource team £4,500 15 minute response assurance
Backup of Device Configuration professionals

Availability Monitoring
Fault Management
Fault Detection & Notification Options
Change Management Maintain Documentation We recognize that not all businesses are the same and so we support the following deployment models:
• Onsite SOC Teams
Reporting Reporting
• Offsite Remote SOC Team (Remote Monitoring)
Web Based Portal
Web Portal
• Hybrid – Day Shift Onsite / Nightshift Offsite
Access to Threat Feeds

Log Retention Log Management and Archival Service Level Assurance

All services are backed by an SLA:
15 Minute Response Time Incidents - 15 minute response
SLA
Service Credit Backing
Availability - 99.999 Uptime
Dedicated Account Manager Dedicated technical account manager Change Management - 4 hr MTTR

ASSISTED SOC SERVICES CYBER SECURITY | CAPABILITY STATEMENT | 9

CUSTOMER DASHBOARDS

Vulnerability Posture Dashboard

Si’s customer dashboards offer end-to-end support to the operations of SOCs and Managed Security Service Providers (MSSP).
A high level view of the security posture across an enterprise based on scans performed on
It has unique features to help Service Providers setup their operations in minimum time.
the infrastructure, patch level, miss configurations and categorisation of vulnerability.

Unified Interface for Operations High Scalability & Technology Agnostic

Si provides a unified interface for the monitoring &
management of one or more networks for multiple aspects.
The portal is able to collate & analyse customer logs & data
and integrates security intelligence tapped from global
sources with analytical tools.
Customer specific information:
• Customer account information
• Security incidents & events
• Availability of critical hosts and services
• Performance of vital systems and network interfaces
• Vulnerabilities on critical systems and applications
• Incident & change management
Service Centre
Si’s customer dashboards are highly scalable and can Service centre for opening, tracking and drill downs from incident details to resolution.
integrate with almost any Java, ASP or Web based Single portal for change management.
application:
• Technology agnostic interface to normalized
information
• Improved operational efficiency through ease of Security Incident Management
analysis & automation Complete tracking of incident handling through a triage of identification, prioritization
• Enhanced Web 2.0 features for user collaboration and remediation.
• Flexibility to integrate with other security & network
products and appliances
Knowledge Base
Non-customer specific information:
Database of over 100,000 vulnerabilities and 15,000 signatures, with in-built correlation
• Integrated analytical tools for forensic analysis
engine to assist incident management and forensics.
• Access to reliable security intelligence
• Geographical information

Service Management
Management and tracking of performance against service level agreements.

Security Threat Analysis

The Dashboard provides a high level summary of how incidents are categorized based on
their severity and the location that needs more attention.

Customizable Dashboard
The customizable dashboard presents an overview of security incidents across the
enterprise. Key statistics of infrastructure areas that either require more attention or events
that provide a larger picture.

Security News Feeds

Current security trends and news feeds validated in real-time through various sources and
security advisory organizations.

CUSTOMER DASHBOARDS CYBER SECURITY | CAPABILITY STATEMENT | 11

WHITE LABELED MANAGED SERVICES

We provide a service that allows our Partners to re-sell our managed security services as a white labled service. Our process Customer Platform
& technology allow our Partners to deliver ‘in the cloud’ IT services, with no capital investment, to provide a world class, 24x7
managed security service. Si takes care of the technology and the expertise using our global operations centres allowing our Our partners benefit from our innovative Customer Platform that enables complete account management for reporting,
partners to take care of their customers’ security needs. ticketing, fault management, threat & vulnerability management, customized dashboards, news and knowledge base.

Our web user interface sets the benchmark globally for customer interfacing and allows both partners & end customers a live
Customised Platform 360o view of their assets, service fulfilment and SLA performance.

Our clients’ end customers benefit from our unique multi-

service delivery platform that can customize the services
they like to offer, define the look and feel and set up their Customised with our end Customised with our
SLA support and escalation procedures. customer’s logo partner’s logos and colours

Our MSSP partners are traditionally telecoms operators

and security hardware vendors who seek to offer managed News, dashboards & knowledge base
services to their existing client base.

MSSP Services

We can facilitate our partners to provide their end

customers with:
• Managed firewall
• Managed UTM and IDS
• Managed switch and router Reliant & proactive analytics & reports Easy change request
• Application management workflows
• Vulnerability management
• Threat management
• Fault management
Complete SLA management
& incident workflows
Global Security Operation Centres

Customisable dashboards

One click management reports

Easily customisable dashboards... Drag and drop dashboard builder

WHITE LABELED MANAGED SERVICES CYBER SECURITY | CAPABILITY STATEMENT | 13

ADVANCED THREAT PROTECTION AND MALWARE DETECTION

Service Architecture
Si defends our customer networks against threats by using a market leading Next Generation Intrusion Prevention
System and deep integration into our SIEM platform (Powered by LogRhythm) to provide multi-dimensional behavioural Si partners with leading Next Generation Firewall vendors (Palo Alto, Sourcefire or ThreatTrack) to incorporate their
analytics, extended visibility and continuous monitoring for real-time threat detection & response. advanced threat detection technology and sandboxing with our SIEM platform (Powered by LogRhythm) and correlates
it against other security devices and machine data throughout the IT environment.
The Next Generation Firewalls which we support or supply include:
• Palo Alto
• Cisco Sourcefire
• ThreatTrack
• Fortinet

Summary Features
The feature set summary is provided as follows: Service benefits:
• 24 x 7 monitoring & management • No Capex investment required
• Real time incident response system • Detect advanced malware and realize outbreak
• Advanced malware protection & next generation IPS extents for fast remediation
• Packet level forensics and sandboxing • Automated and immediate action against
• Network behaviour analysis threats such as APT and zero-day attacks
• Integration with our next Gen SIEM for behavioural analytics • Multi-dimensional behavioural analytics
• Behavioural whitelisting • 24 x 7 monitoring + real time event
• Statistical baselining contextualization
• Real-time threat management
• Continuous Compliance
• Host & network forensics
• Real-time contextual awareness

Use case &

LogRhythm incorporates Next Gen FW security and advanced malware protection via the secure eStreamer API
and correlates it against other security device and machine logs to deliver multi-dimensional behavioral analytics,
extended visibility and continuous monitoring for real-time threat detection & response.

The integration provides:

• Deeper visibility and contextual awareness into network events with advanced correlation to deliver enterprise-wide
threat detection
• Threat intelligence to help detect advanced malware attacks and realize the extent of the outbreak for fast
remediation
• Automated action against advanced persistent threats (APT) and zero-day attacks
• Unparalleled expertise through Si SOC Team, LogRhythm LabsTM and Sourcefire’s Vulnerability Research Team (VRT)

ADVANCED THREAT PROTECTION AND MALWARE DETECTION CYBER SECURITY | CAPABILITY STATEMENT | 15
MANAGED HONEYPOT ACTIVE DEFENSE MANAGED SCADA SECURITY

A honeypot is a security resource deliberately designed to be probed, attacked and compromised, for the purpose of gathering
intelligence around an attacker. By using honeypots to create better context around threats, we are able to provide a more
proactive defence posture. Our automated and integrated approach to honeypots eliminates the need for the manual review
and maintenance associated with traditional honeypot deployments.
Today, remotely deployed field devices and SCADA systems are increasingly brought into the IT environment and communicate
over IP. This convergence of Operational Technology (OT) and Information Technology (IT) has opened up new points of attack
or “threat vectors” for hackers.
Si has countered this threat by providing SCADA firewall technology which is integrated into our SIEM (Powered by
LogRhythm) for 24x7 monitoring, threat and incident detection.

How It Works The Honeypot Security Analytics Suite

The service is delivered using Palo Alto Networks SCADA Firewall, which is one of the only Layer 7 firewalls available for
delivers:
Si deploys honeypot infrastructure into customer SCADA-based environments.
DMZ environments to analyse malicious events • Continuous monitoring of honeypot data
by continuously monitoring honeypot event • Customized threat research for Service Features
activity utilising our SIEM platform (Powered by
strategic defence • Secure critical infrastructure, power grids, oil/gas pipelines, industrial plant
LogRhythm).
• Automated breach prevention and response • Supports - DNP3, Modbus/TCP, Ethernet IP, IEC 61850, PROFINET and BACnet
We perform real-time, advanced analytics on • Dynamic security intelligence • Layer 7 application protection and analysis for Industrial Control systems language and traffic
all activity captured in the honeypot, including • Real time monitoring • Strong policy enforcement for more granular control over industrial data inputs
successful logins, observed successful attacks and • Low cost approach for customer • Uniform secure access from control networks to sensors
attempted/successful malware activity on the host specific signatures • Translation of SCADA data formats into IP protocols
and use this data to create a defensive posture.
• Fault management • SIEM integration and robust event logging
• All security logs remain in country
• Real time incident response system
• Real time events from the Firewall Service benefits:
• Store the events for forensic analysis • Secure critical infrastructure, power grids, oil/
Analyse the honeypot
Deploy Honeypot SIEM (Powered by Apply defensive • Customisable event correlation gas pipelines, industrial plant
data to create profiles
specific to customer LogRhythm) tracks the posture for detected • No Capex investment required
of behavioural patterns
requirement attacker’s actions profiles and signatures
and attack methods • 24 x 7 Monitoring
• Secure SCADA Networks
• Minimise business risk of security breaches
• Achieve compliance requirements
• Strict SLA response

The customer will interface with the MSSP SOC team via the customer portal where he will have customer access to:
• SLA Tracking
• Ticketing & troubleshooting
• Threat Management Dashboards
• Knowledge Based for Incident Response and analytics

MANAGED HONEYPOT ACTIVE DEFENSE | MANAGED SCADA SECURITY CYBER SECURITY | CAPABILITY STATEMENT | 17
CONTINUOUS THREAT DEFENSE SERVICE
MACHINE LEARNT BEHAVIOURAL ANOMALYTICS

Si partners with Cyberflow AnalyticsTM to provide a service that detects operational anomalies within packet communication Service Architecture
behaviour to determine high risk activities and threats. The system is the only system that can provide “Anomalytics”, a
real-time, streaming, machine-learning, behavioural analytics solution, which can instantly detect and alert operational and 4. We correlate the
1. Deploy a virtual 2. Execute multiple,
security practitioners of anomalous and suspicious activities within their organizations. real-time anomaly
machine network, app real-time analytical 3. Cross-correlate
threat detection and
and device sensors that models to construct the maps against a
This system and service uses Anomalytics to provide real-time cyber-security threat detection at scale and in situations where alerts through our
monitor systems to self-organizing maps behavioural policy
SIEM to drive rapid
traditional security products are failing to adequately identify and detect advanced polymorphic attacks and other anomalous feed the “Anomalytics which present high risk framework.
incident response and
lateral behaviour within their organizations. Fusion Engine”. behaviour.
forensics.

Service Benefits: How it Works

• It is able to monitor traffic effectively over • Collects raw packet meta data
Dashboards
the entire network, as opposed to traditional • Machine learns normal packet communication
security products which monitor only behaviour of clients, servers, protocols and The following image represents a dashboard identifying the high risk traffic occurring within the network utilising
segments of a network visualizes anomalous high risk threats port level analytics.
• The service can detect APTs which other • Finds operational anomalies such as SNMP
analytics methods cannot capture event storms, odd port/app activity and changes
• Cost effective and scalable in IoT sensor communications
• Real time monitoring • Automation of clustered breach activity tracks
• Integrated with SIEM Advanced Persistent Threats (APTs)
• Uses a SPAN port configuration to collect data
• Operates within VMs on any customer
virtualized infrastructure (lightweight data
footprint)

“Anomalytics Fusion Engine”

CONTINUOUS THREAT DEFENSE SERVICE | MACHINE LEARNT BEHAVIOURAL ANOMALYTICS CYBER SECURITY | CAPABILITY STATEMENT | 19
BENEFITS OF ENGAGING AN MSS PROVIDER

Cost Facilities Security Awareness Service Performance

“The cost of a managed security service is typically less “MSSPs can also enhance security simply because of the “It is difficult for an in-house team to track and address The MSSP service can report near real-time results,
than hiring in-house, full-time security experts.” facilities they offer.” (DeJesus, 2001). These are physically all potential threats and vulnerabilities as well as attack 24 hours a day, 7 days a week, and 365 days a year,
(Wilbanks, 2001). hardened sites with state-of-the-art infrastructure patterns, intruder tools, and best security practices.” (Alner guaranteed against an SLA. This is a large contrast with
managed by trained personnel. 2001, Navarro 2001) an in-house service that may only operate during normal
Staffing Whereas …. business hours.
Objectivity and Independence An MSSP is often able to obtain advance warning of new
“A shortage of qualified information security personnel vulnerabilities and gain early access to information on Service Security and Technology
puts tremendous pressure on IT departments to recruit, An MSSP can provide an independent and objective countermeasures.
train, compensate, and retain critical staff.” (Hulme, 2001) perspective on the security posture of an organization. An “Service security solutions and technologies such as
in-house team often can not be objective and certainly is firewalls, intrusion detection systems (IDSs), virtual private
An MSSP transfers this responsibility. In addition, “if a not independent. networks (VPNs) and vulnerability assessment tools are far
client organization can outsource repetitive security SLA more effective because they are managed and monitored
monitoring and protection functions, then they can focus 15 Minute by skilled security professionals.” (Wilbanks, 2001)
internal resources on more critical business initiatives” Alert-High
(Pescatore 2001). Priority events
94%
27% Initial Cost
Skills Recurring Savings Security
Annual Save Awareness
“MSSPs have insight into security situations based on
Service
extensive experience, dealing with hundreds or thousands
of potentially threatening situations every day, and are
some of the most aggressive and strenuous users of
Cost
security software.” (Navarro 2001 & DeJesus 2001)

“In-house staff members who only deal with security on a

MSSP The Business Case for
part-time basis may only see a limited number of security
incidents.” (Hulme, 2001)
200+ Staffing Benefits Managed Security Services
Dedicated
Security
Professionals

Facilities
360O View Skills
Of Global
Threats Independence

20%
Technology
We Are
But 80%
Built For Big
Interpretation
Data

BENEFITS OF ENGAGING AN MSS PROVIDER CYBER SECURITY | CAPABILITY STATEMENT | 21

 SI CSIRT TEAMS

Si has been running a Computer Security Incident Response Team (CSIRT) for many years. Through the development of our CSIRT skills & experience
own SOC and our clients’ SOCs our staff are some of the most qualified and experienced incident response engineers in the
market place. Si follows the best industry standards and guidelines for Our CSIRT engineers are highly experienced and maintain a
incident response. tool kit of skills including:
Si CSIRT LAB • Vulnerability management
The increasing sophistication and impact of malware • Penetration testing
Through the development of our own SOC, our CSIRT lab The security incident management team attacks emphasises the need for companies to retain the • Botnets
comprises an extensive library of incident case files that activities include: services of a professional CSIRT team. • Sandbox
are key for supporting analysis and mitigation measures. • Honeypot
The very fact that Si has SOCs around the world, gives our Rapid Response CSIRT Services • Forensic analysis
CSIRT teams a unique insight into a wide range of threats
and risks, enabling us to react faster to such incidents. Each Incident Response
member of the team has access not only to the labs, but to Why hire a professional CSIRT?
this global resource. Reverse Engineering/Analysis
The inability of companies to prepare for possible cyber-attacks from incredibly resourceful criminals is one of the most
Advanced Threat Alerting
CSIRT Services pressing issues facing global chief executives. The increasing sophistication of attacks, which render even the most technology
Forensics savvy organizations vulnerable, mean that few organizations have the means to employ staff with the ability to respond
We offer our professional services to enterprise, telecom effectively. We offer an incident response service that allows our customers’ organizations to benefit from our skills and
and government organisations on a cost effective basis. Malware Analysis experience.
The available options for procuring these services include:
• Staff secondment Assessments & Audits
• Retainer leased rapid response teams
• Remote CSIRT teams
Script Development

Remediation and Recovery

Malware Sophistication Vs Time

Firs rfare
wa
t m att
Ne ack
Hij
ww

ajo ack
Fas w wi

r cy
no

ave
t fl de s

ber
ux pr

of
0-D w co

DN ead

DLL
no
Email Information

S
ay mm
Crc usi
p2p
Request

thr on
Malware Sophistication

com s a
ctc edia,

eat pla
M
Incident

usi Twit

ms uto
Other

s
Analyze Obtain Contact
Resolution

n
Report

ng ter
Information
Triage Flame - the most

ove DDO
Crc P & H

Soc &
HT
sophisticated

ce
r
com TTP
ctc ndar
Malware yet!

ial FB
sta
com d IR

ms
Coordinate

Crc ndar
Provide Technical

S
The rise in nation

sta
information
Assistance
IDS

ove
& Response

m
com d IR

S
state Malware!

s o port

r
Vulnerability

ms C po

ver s
C
Report

ove rt
Hotline/Helpdesk

non
Call Center

r
Mydoom & Sasser
Record for
CSIRT
Figure Incident
5: CERT/CC Handling
Incident Life
Handling LifeCycle
Cycle Most damage!

98 99 00 01 02 03 04 05 06 07 08 09 10 11 12 13

SI CSIRT TEAMS CYBER SECURITY | CAPABILITY STATEMENT | 23

 Si’s Professional Security Services provides enterprise-wide assessments, design and deployment services to build secure and
resilient IT infrastructures.

Our delivery model is based on industry best practices and technologies that are aligned to our clients’ IT infrastructure and
business processes. Our services create a foundation that enables our clients to address key risk management and compliance
challenges.

Vulnerability Assessments

Penetration Testing

Web Application
Security Testing

Network Risk Network Architecture

“Eighty percent of the intrusions of your networks today can be Assessments Reviews

handled by patches, anti-virus and user actions. We spend 90

percent of our time on the 80 percent of the issues that could be
handled by good hygiene.”
Device Configuration And
Brigadier General Paul Nakasone, Deputy Commander, U.S. Army Cyber Command Migration Reviews

According to Davos World Economic Forum, 2013, (the

Global Agenda Survey), “Cyber Risks” were ranked as the
3rd largest underestimated risk to world development
ahead of sovereign debt, education and protectionism. Cyber Forensics
VULNERABILITY ASSESSMENTS PENETRATION TESTING

Si’s Vulnerability Assessment (VA) service provides our clients with the ability to identify and mitigate security gaps associated
with their IT assets, thereby enhancing their overall security posture.
Our assessments meet the mandatory compliance requirements and provide a proactive measure to stay one step ahead of
threats.
Our Vulnerability Assessment provides:
• O n-demand proactive vulnerability management for
organisations
• Visibility, awareness and consistency of our clients’
organisations
• Tracks asset ownership, pinpoints rogue devices and
views detailed asset discovery and profile reporting
• Reduces investment in tools and technology
• Comprehensive remediation solutions
• Complete remediation procedures to mitigate
identified vulnerabilities
Features include:
A robust policy template to enable security
configuration compliance
Compliance-based reports
(PCI, HIPPA, GLBA, FISMA and SOX)
Interconnected corporate networks of partners, clients, remote offices, wireless LANs, vendors and the Internet have created
multiple avenues for an attacker to target companies. Organisations face greater risks to customer data, intellectual property
and financial records.
CIOs and CFOs must have a clear understanding of risks and vulnerabilities to protect their organizations from external
attacks.
Features include: Our Penetration Testing services enable our
clients to:
Executive summaries (jargon-free, true executive-level summaries) • Identify existing and potential vulnerabilities and
risks from external attacks
Priority matrixes, indicating remediation priorities and risks
• Utilise experienced security analysts with the
Detailed impact analysis of the identified vulnerabilities specialized skills and tools needed to mitigate client
Findings and recommendations to improve security postures risk
• Conduct testing in a safe and controlled environment
Knowledge transfer to client’s IT teams
without compromising routine business activities
• Reduce investment associated with employing full
time security analysts, tools and technologies
• Integrate with an overall risk management solution
to address the audit requirements of policy and
compliance frameworks such as ISO 27001, SOX,
HIPPA, PCI etc

Customisable, multi-view reports that make the most

SCANNING & LOCAL
of existing security investments INFORMATION TARGET FINGER PRINTING SEGREGATION
GATHERING DISCOVERY Identifying OF TARGETS
Audit-read reporting and certified technical support teams Active & Passive Finalizing Underlying Grouping
Reconnaissance The Scope Technology & Targets Based on
Service Attack Vectors
Internal and external vulnerability scans

Best practices (ITIL, OSSTMM and ISO 27001 security standard)

Instant access to Secure-I security intelligence and research WEB BASED

PERIMETER APPLICATIONS
APPLICATIONS OPERATING
DEVICES Web Servers,
E-Commerce, SYSTEMS
Network Database Servers,
B2B, Custom Windows, Linux,
& Security Mail Servers,
Websites & Unix & Solaris
Appliances SSH, FTP
Appliances

IMPACT REPORTS
VULNERABILITY VULNERABILITY PENETRATION
ANALYSIS DATA Detailed
IDENTIFICATION ANALYSIS EXPLOITATION
Extent of CORRELATION Findings,
Locating Known Filtering & Confirming
Business impact MITIGATION Management
& Unknown Confirming of Existing
due to Vulnerability STRATEGIES Report Executive
Vulnerabilities Attack Methods Vulnerabilities
Exploitation Summary

VULNERABILITY ASSESSMENTS | PENETRATION TESTING CYBER SECURITY | CAPABILITY STATEMENT | 27

WEB APPLICATION SECURITY TESTING NETWORK RISK ASSESSMENTS

IT applications allow our clients to directly access personal and confidential information, encouraging a self-driven model and A thorough evaluation of network security posture is mandatory to enable our clients to answer the following fundamental
decreasing costs. questions:
• What is their enterprise security strategy? And what Our Network Risk Assessment includes:
Critical business functions are dependent on the successful functioning of IT applications. There is an exponential increase in can be done to protect it in a better way? • A Security Policy Audit – evaluating security policies
vulnerabilities found in Web Applications creating a significant impact on our clients’ enterprises and the privacy of the end • Where are the weaknesses in their security policies based on availability, business continuity and
users. Business losses can include loss of data, public image and loss of confidence. and architecture? compliance requirements; it also establishes key risk
• How can they make security data actionable and factors and security metrics
Our Web Application Security Testing allows our get timely compliance reports to address audit • A Technical Security Evaluation – analyzing the
clients to: requirements? security architecture in the context of security
• Get instant feedback and catch hidden bugs before Features include: • How much does an effective risk management policies and control objectives to uncover
launch solution cost? vulnerabilities
• C reate higher quality applications as they are tested Identification of technical and logical vulnerabilities • A Threat Management Assessment – examining
by certified QA experts such as SQL injection, cross-site scripting, I/O data Features include: threat identification, investigation and incident
validation, exception management etc.
• Deploy applications faster by testing throughout the response processes
development process Ability to determine remediation steps Comprehensive documentation and • Disaster Recovery & Business Continuity Planning
• Use global testing coverage by testing across and counter-measures presentation of findings – to ensure that plans for returning systems to
operating systems, browsers, languages and more operational standards are in place
Detailed technical information report covering the A prioritised list of remediation steps
• Allow our clients to gain a better understanding of
nature of the defect, the code locations, impact of
potential website vulnerabilities that may be visible Practical recommendations focusing on both the risk
defect and the remediation solutions
from the Internet and cost associated with it

Action plan – short and long term to achieve

Black Box Testing
We perform attack testing assuming the identity
of an external attacker/hacker.
compliance and business objectives
Grey Box Testing White Box Testing
Grey Box testing is a fusion of
Full Source code & infrastructure review
black & white box testing.

With no inside information We receive basic information about We receive complete information,
about the application.. design & function of the Web app. coding, infra, architecture.

WEB APPLICATION SECURITY TESTING | NETWORK RISK ASSESSMENTS CYBER SECURITY | CAPABILITY STATEMENT | 29
FIREWALL MIGRATION SERVICES NETWORK ARCHITECTURE REVIEW

Firewall technology longevity typically spans from between 5-7 years and upgrades are often initiated by growing Si utilises its vast experience and knowledge to act as professional assessors with respect to the security architecture of our
organizations and changing security requirements. A firewall is an item of critical network security infrastructure and any clients’ networks.
change in technology is fraught with risks to business continuity.
Our consultants analyze every key aspect of the architecture including:
Si’s professional services team can assist organizations from applying a standard methodology to executing a firewall • Logical and physical design
migration. Each migration project deployed is unique and represents a different set of challenges, the key to our success is to • Security technology inventory
treat each case with the same level of care and professionalism. • Asset inventory
• Outbound and inbound connectivity
Firewall Migration Road Map • Security procedures and processes
• Network topology
• Network and host access controls
Baseline Assessment Requirements Planning Migrate
• Log-in procedures and authentication requirements
Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 • Business continuity plans
FW Architecture FW Health Check FW Policy & FW Module & Protection Migration Config Migration Cut Over
Assessment & Performance Review Compliance Review Level Assessment & Validate & Monitoring • Containment and incident response procedures
Analysis of: Review of: Review violation of: Review of the protection level Lab Based Configuration & On site:
• Health of security controls
- Firewall logs - Hard disk capacity and usage - Corporate policy, achievable with current Validation. prior to roll out and - Traffic migrated from old to
- VPN’s and CPU memory usage - Industry standards and best Architecture. cut over. new
- Installed software / patch level - Network interface… practices - Troubleshoot
- Bugs fixed in new versions • ..throughput - FW Rules & Optimisation Recommend upgrades and - Monitor
- Utilisation of hardware • ..capacity additional modules - Handover & training
components • ..availability •  e determine security strategies and support our clients’ business objectives
W
- Analysis of logs, errors and
syslog • We implement policies where required and we establish new policies should they be required
- Firewall config
• We put in place effective risk mitigation and regulatory compliance
• We analyse, manage and report
Case Study: Firewall Migration – Fortune 500 Financial Services Institution (2012) • We review existing policies and frameworks and make recommendations where necessary
• We audit existing policies for example ISO 27001/PCI to ensure compliance
What are the facts? • Our aim is to set out a road map detailing short, medium and long term goals
• $ 1.1 Million firewall migration project for this client The client decided to change their technology following a
generates fast payback for customer history of frequent McAfee Sidewinder platform crashes
• The client is an IT managed services provider serving that negatively impacted their end customer satisfaction. Si
over 11,000 community-based banks, credit unions, began by performing a proof-of-concept project to migrate For each key area, and for the infrastructure as a whole, Si consultants identify and document the following 4 Steps:
and insurance agencies. This engagement calls for one firewall in our lab before the full scale roll out.
migrating 45 McAfee Sidewinder firewalls to Cisco
Step 1: Step 2: Step 4:
ASA firewalls Step 3:
Current state A vision for Recommendations
A Gap analysis
What did we learn? assessment a future state for closing gaps

The client recovered the cost of the firewall migration project through lower cost of operations, reduced security risks, more
efficient administrative and maintenance processes, and ultimately a more satisfied customer base.

FIREWALL MIGRATION SERVICES | NETWORK ARCHITECTURE REVIEW CYBER SECURITY | CAPABILITY STATEMENT | 31
BRING YOUR OWN DEVICE (BYOD)

When an organization is considering implementing a BYOD policy they will generally be asking; what sort of Mobile Device
Data waiver
Management will need to be implemented? What systems must employees have mobile access to? What level of security will
Personal and business data can be easily mixed on
need to be implemented? Security personal devices, so employers need to protect
themselves if it goes wrong. If the device is lost or
With sensitive information being
stolen, employers may need to destroy all data –
Si provides consulting services to deliver the right solution to enable our clients to manage and secure both their networks transmitted, security is top of the list.
employees should sign a waiver agreeing to this
Allowing BYOD doesn't mean sacrificing
and also how to control the use of mobile applications on personal devices across their network. before being allowed to use their own device.
security. IT must establish WiFi security,
VPN access and ideally add-on software
to protect against malware.
Manage the Network Manage the Mobile Device

Step 1 Step 2 Step 3 Step 4 Step 5 Step 6

High Performance Security Acccess Acceptable Use Manage the Apps Manage the Data
Network Infra Policy

Your network needs to be Support the secure Set policies around what Develop specific Control access to the Control access to
able to cope with the connection of devices, devices to connect to the stipulations to govern the camera, application documents and data
influx of personal devices whether they are network, and what use of the new stores, Internet browser, shared over the mobile
connecting to it. connecting from inside or network areas they have technologies such as YouTube, and explicit device.
outside the office. access to. smartphones and tablets. content.

Secure & Manage the Network with ISE Secure & Manage Mobile Devices with
Identification
If a wide range of users and
Si has pioneered the implementation of BYOD management Si partners with MobileIron who offer the platform to devices are to be allowed access
through collaboration with Cisco ISE and are selected as manage mobile apps for business users. The MobileIron to the network, it is critical to
identify and authenticate each
1 of only 10 worldwide delivery partners. The technology platform provides both the tightest security and best device and user.
allows: end-user experience for the distribution, delivery and
Management
• Consistent enforcement of context-based policies management of mobile applications, docs and devices for
The IT department needs to
across wired and wireless networks global organizations. select a mobile device
• System-wide visibility showing who and what is on management system. Look
out for one that offers
the network - wired, wireless, or VPN simple user interfaces as
• Accurate device identification using ISE-based well as the security features
you need.
probes, embedded device sensors, active endpoint
scanning
• Greater visibility and control of the endpoint with
Mobile Device Management solution integration*

System wipe
The "bullet". Your IT department needs to be able to
wipe the system if it believes its security has been
compromised.
App security
Some applications could compromise the security of
your business data, so you'll need an application
control system in place to prevent blacklisted apps
being downloaded once the device is hooked up to
your network.

BRING YOUR OWN DEVICE (BYOD) CYBER SECURITY | CAPABILITY STATEMENT | 33

 Si offers a range of compliance services based on industry best practices. Our lead compliance advisors/auditors are leaders in
their field and in certain instances are sector specialists such us banking, finance and government.

Services include:
• C ompliance consulting, implementation and
management
• Compliance certification readiness audits
• Business continuity planning (BCP)
• Security awareness and ITIL training
• Compliance services covering:
All it took was a small number of employee log-in details to be - ISO 27001:2005
- ISO 20000
compromised for hackers to obtain the entire customer database. As - BS 25999
- ITIL
a result 128 million people – equivalent to twice the population of - COBIT
- HIPAA
Britain – had to change their passwords! - PCI DSS
- SAS 70
The eBay Hack, May 2014 - SOX
INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001 BUSINESS CONTINUITY PLANNING (BCP) & MANAGEMENT

What is ISO 27001? What is Business Continuity Planning (BCP) &

ISO 27001 is a set of ‘best practice’ controls for the
management of systems that enable our clients’
organizations to demonstrate that ‘best practices’ are
implemented and ‘continually’ improved.
Information Security Management System
The Information Security Management System (ISMS)
provides a control framework to protect information
assets. This combines management controls, technical
controls, procedural controls & personnel controls to
name a few. The controls combine preventive, detective,
restorative, maintenance and monitoring controls.
The Approach for Successful Certification?
We typically apply four phases to the successful delivery of
an ISMS process and we can demonstrate proven success
with some of the most successful organizations in the
Fortune 500 index.
The ISO 27001 standard is divided into management
system controls comprising 11 domains which in turn
have a further 133 detailed controls:
• Security policy
• Organization of information security
• Asset management
• Human resources security
• Physical and environmental security
• Communications and operations management
• Access control
• Information systems acquisition, development
& maintenance
• Information security incident management
• Business continuity management
• Compliance
Management?
What are we planning for?
Business Continuity Planning & Management “identifies • Random failure of mission-critical systems
an organization’s exposure to internal & external threats • Epidemic
& synthesizes hard & soft assets to provide effective • Earthquake
prevention & recovery for the organization, while • Fire
maintaining competitive advantage & value system • Flood
integrity” (Elliot, Swartz & Herbane, 1999) • Cyber attack
• Sabotage (insider or external threat)
Our Approach to BCP Compliance • Hurricane or other major storm
• Utility outage
BS 25999 is BSI’s standard in the field of Business • Terrorism/Piracy
Continuity Management (BCM) and can be applied to any • War/civil disorder
organization in any location globally. Si are specialists at • Theft (insider or external threat)
applying this standard which includes guidance on the
processes, principles and technology recommended for
BCM and the specification of a set of requirements for
implementing, operating and improving a BCM System
(BCMS).

Phase I Phase II Phase III Phase IV

Analysis Solution Design Testing Maintenance
Planning Implementation Certification

Objectives & policies Risk treatment plan Monitor, review & refine Documentation Business Impact Analysis (BIA) Disaster Recovery Design Crisis Command Team call-out

Crisis Management -
Gap analysis Implement controls Management review Verification Threat & Risk Analysis (TRA) Technical Swing Test Verify - Tech solutions
Command Structure

Risk assessment Training & awareness Certification Impact Assessment IT Failover Plan IT Applications Test Verify – Recovery Procedures

Recovery Requirement Training Business Process Test Process Refresh

4 Key Benefits of ISO 27001 Implementation

1. Compliance 3. Lowering the expenses

ISO 27001 can provide the methodology to enable an Information security is usually considered as a cost with no
efficient way to comply with regulations regarding data obvious financial gain. However, there is financial gain if
protection, security & IT governance. you lower your expenses caused by incidents.

2. Marketing edge 4. Putting your business in order

ISO 27001 can be a unique selling point, especially if ISO 27001 is particularly good for putting businesses in
handling clients’ sensitive information. order – it forces organizations to very precisely define both
responsibilities and duties, and therefore strengthens the
internal organization.

INFORMATION SECURITY MANAGEMENT SYSTEM - ISO 27001 | BUSINESS CONTINUITY PLANNING & MANAGEMENT CYBER SECURITY | CAPABILITY STATEMENT | 37
PCI COMPLIANCE & PAYMENT CARD INDUSTRY SECURITY COMPLIANCE & SECURITY SKILLS TRAINING

Si offers a full range of PCI Compliance Consulting services to satisfy the requirements of the Payment Card Industry Data To enhance our compliance consulting services in the field of ISO 27001, Business continuity Management (BS 25999) and ITIL
Security Standards (PCI DSS) compliance. Si is a PCI Approved Scanning Vendor (ASV). we offer courses to enable our clients to take ownership of their compliance needs.

Our courses are delivered with a combination of inhouse trainers and experienced consultants from the UK.
What is PCI DSS? Information Security Programme
Course Name Duration Course Owner
The PCI Data Security Standard (DSS) was developed by In itself PCI does not address an organization’s information
the PCI Security Standards Council, and is enforced by the security and as such we recommend in addition to the 1. Implementation and Audit – ISMS-ISO 27001 2 Days Si & Partner
payment card issuers. It is designed to protect consumers requirements of PCI compliance a strong framework should
and businesses, and to encourage the global adoption of be established to provide a strong information security 2. Implementation and Audit – ITSM-ISO 20000 2 Days Si & Partner
consistent data security measures. The PCI DSS comprises environment. By focusing on a broader security program,
12 broad requirements which organizations must meet to organizations can mitigate potential data security breaches 3. Implementation and Audit – BCMS- ISO 22301 2 Days Si & Partner
maintain compliance. and cyber security attacks, which will lead to better service
to customers and increased profitability. 4. Internal Auditor - ISO 27001 2 Days Si & Partner
PCI DSS compliance requires any organization that
transmits, processes, or stores data that contains payment 5. Business Impact Analysis 2 Days Si & Partner
card information to protect the privacy and confidentiality
of that data. In addition to retailers, the PCI DSS standards 6. ISO 27005 2 Days Si & Partner
affect financial institutions, healthcare providers,
transportation service providers, the food and hospitality 7. Network Security Assessment 2 Days Si & Partner
industry, and payment service providers, among many
others. 8. Application Security Assessment 2 Days Si & Partner

9. Business Continuity Management 2 Days Si & Partner

PCI DSS Trends
10. PCI – DSS 2 Days Si & Partner
Several trends have accelerated the need for PCI DSS
compliance and payment security. While the payment 11. An Integrated Management System 2 Days Si & Partner
card brands have been actively enforcing PCI compliance
for Level 1 merchants the past few years, they are now 12. Security Operation Centre Design & Delivery 2 Days Si & Partner
enforcing compliance for Level 2 - 4 merchants as well.
Merchants that are non-compliant can face substantial 13. SOC & SIRT Optimization 2 Days Si & Partner
fines and the threat of having payment card privileges
revoked.

PCI COMPLIANCE & PAYMENT CARD INDUSTRY SECURITY | COMPLIANCE & SECURITY SKILLS TRAINING CYBER SECURITY | CAPABILITY STATEMENT | 39
CONTACT US GLOBAL SECURITY OPERATION CENTRES

London, UK
UK New York

1st Floor 2137 Route-35

6 Bevis Marks 1st Floor Holmdel,
London NJ 07733
EC3A 7BA United States
T: +44 (0)7481 804622 T: +1 732 444 4404

New Jersey,
USA

INDIA UAE Dubai, UAE

Pune, India
305/310 Owner’s Industrial Estate Al Barsha Business Point USA Co-Location Global Soc
Gabriel Road, Mahim, Office 501, Al Barsha One Data Centre
Mumbai, India 400016 P.O. Box 283996
T: +91 22 2445 4725 Dubai, UAE California, USA
T: +971 4 354 9535
F: +971 4 354 9536

www.siconsult.co.uk
info@siconsult.com

CONTACT US | GLOBAL SECURITY OPERATION CENTRES CYBER SECURITY | CAPABILITY STATEMENT | 41

Si’s Multi-disciplinary Capabilities:
• Cyber Security
• Security Consulting
• ICT Consulting
• Building Technology
• Engineering & Integration Management