managing cyber security risks

The Internet & Network Communications Never Sleep

Network Security To Manage Your Risks!

Do You Know What’s Traveling Through Your Network Communications Right Now?

Data Leakage – Data Theft ?

What Confidential, private or inappropriate information is passing through the Network?

What Confidential, private or inappropriate information is passing through the Network?

Does Your IT Department Know?

What Confidential, private or inappropriate information is passing through the Network?

Does Your IT Department Know?

Cyber Diligence Can Help You Manage Your IT & Operational Risks

Keeping an Eye on Cyber Security

IT Risk Management

Proactive Strategies and Incident Response

Insider Threats

Outsider Threats

Compliance Issues (HR, EEO, Sex Harassment, etc.)

Protecting the Enterprise From

Digital Risks

WHO WE ARE & WHAT WE DO

Cyber Diligence – Let Our Experience, Skills and Tools Work For You

WHO WE ARE

Experienced Computer Crime Investigators

Law Enforcement Backgrounds with the Largest Law Enforcement Agency in the United States

Recognized Experts in the Field

Equipped with the Specialized Tools and State-of-the-Art Lab to get the Job Done!

Cyber Diligence: What We Do Information Technology Investigations Network Forensics Computer Forensics Incident Response E-Discovery Expert Witness and Litigation Support Training and Briefings Technical Experts for Investigations Information Technology Security Assessments IT / Communication TSCM

Client Markets We’ve Serve Financial and Investment Institutions Healthcare Industry Insurance Industry Legal firms Engineering & Architectural Technology and Manufacturing Industry Utilities Energy and Fuel Industry Supply Chain Private Security & Investigation Firms

Network Security Reviews

Examine a Company’s Ability to Protect Against Potential Liabilities: Network Examination and review (Not CYA)

Basic Mid-Level Comprehensive

Identify Risks and help the Client to Understand and Manage their Operational and IT Risks

Compliance Audits Provide the client with a report on the Cyber

Security posture of the organization

Cyber Diligence Capabilities Deployable, all-in-one boxes, pre-configured to

immediately capture “data in motion” Flexible filters that capture based on defined

criteria; “everything”, “everything but”, and “nothing except”

Passive non-intrusive devices easily deployed anywhere on a network

High speed monitoring for organizations with high bandwidth traffic

High storage capacity Scalable – potential to monitor & record tens of

thousands of users

Cyber Diligence Capabilities continued

Provide visibility & intelligence into an organization’s “data” Recording application content across

network protocols, regardless of content type, platform, address, or port, without effecting network performance

Proactive Alerts based on policy Playback of retrieved content exactly as it

appeared in the original user communication

Capturing Data in Motion

A contextual, perpetual drill-down summary report that covers statistics and information from captured network activities: Usage across the network (Number of accesses, amount of

data sent) Relevant content associated with a user:

Most active user(s) identified by IP address, MAC address and NT/AD username

Most active protocols (Web, E-mail, IM, SSL, File transfers) Most active Content Type (Application, Image, Video, Audio, etc. – over

510 types) Most active Alerts (Based on user defined criteria and discussion on

Alerts!) Adherence to regulatory or internal use policies Risks for data leakage Risks for data theft Risks or evidence of criminal activities like fraud or child

pornography Post Incident: Cyber Security Incident (CSI) Response

Cyber Security Investigations (CSI)

Cyber Security Investigations (CSI) Experienced real-life investigators Equipment that provides powerful real-time indexing

and forensic fingerprinting on user communications and associated metadata entering & leaving a network

“Credible Content Reproduction” Provide evidence of user activity that is both forensically

accurate and credible Point and click forensics capability State-of-the-art Laboratory Software capabilities:

Silent Runner, Encase, Gargoyle Investigator, Forensic Pro, ProDiscover, Livewire Investigator, HB Gary,Forensic Tool Kit, and many more….

Cyber Diligence CSI Capabilities continued

Periodic Checks for Compliance with Corporate Responsibilities

• Insider Threats• Outsider Threats• Operational Risks

Identify and Manage Risks

Execute malware discovery across your networks

Conduct Live Network Investigations Collect, monitor, record, research, analyze, report Acquire system information, active port mapping,

and examine installed software, updates, patches, etc.

Review IT Security Incident Logs Provide Incident Response to Network Security

and Policy Breaches Detect unauthorized access, leakage or theft of

confidential or personal identifiable info Detect abuse of network resources

Compliance Audits Conduct scans on stand-alone system or

network resources for known contraband, hostile, or “bad” programs

Periodic Audits of logs, policies and procedures

Conduct Penetration Tests

Cyber Security Incident Response

Determine what happened How did it happen Attempt to identify who did it Extent of loss Responsibility Corporate adherence to established policies Was the event preventable Mitigate IT & Operational Risks

Let Cyber Diligence Show You How We Can Make a Difference Contact Us:

David Kondrup (516) 507-4322 Vice President, Strategic Initiatives

Email: dk@CyberDiligence.com

www.CyberDiligence.comCyber Diligence, Inc.575 Underhill Blvd – suite 209Syosset, N.Y. 11791