Security

Security Operations Center

Whether you call it “information security” or “cyber security”, Conversant Group understands it is more than a techno buzz-word: it’s the reality of doing business in the modern, interconnected era.  Whether you’re struggling finding qualified security experts or just overwhelmed with security questions from clients and auditors, we’re here to serve as your virtual aid.

“The bad guys never sleep.  Neither do we.”
Let us support your security program – standing in the gap between your critical assets and those who threaten them – with our managed, cloud-hosted, next-generation SEIM solution:

Layered Security

Perimeter

1:

The Perimeter is about protecting your internet/external facing services-your firewalls, Intrusion Protection System (IPS), threat intelligence services, remote connection technologies such as VPN, and any other services in your DMZ.

Layered Security

Physical Security

2:

There is no cyber security without physical security. It's important that you cover your bases with basic physical security before addressing the issue of cyber threat. Here we look at everything from access cards to biometrics, power management, fire suppression, and security guards to protect your assets.

Layered Security

Network

3:

How your network is constructed has a tremendous impact on what can be done to ensure its security. This layer includes segmentation strategies, 802.1x Network Access Control (NAC) technologies, certificate management, encryption-in-motion, and even your wireless infrastructure.

Layered Security

Logical Access Control

4:

Logical Access Control covers how you manage, authorize, and provide for your users throughout your environment. Key principles are Role-Based Access Control (RBAC), Privileged Access Management (PAM), and Two-Factor Authentication (2FA).

Layered Security

Endpoint

5:

The intersection of the user and the computing device puts a lot of focus on endpoint security. Here we span traditional technologies like Anti-Virus (pattern-based and next-gen), Data Execution Protection (DEP), encryption, and secure configurations. However, it also includes enterprise-level functions like asset, change, & configuration management, as well as patching.

Layered Security

Monitoring and Incident Response (IR)

6:

This layer encompasses what people usually think about in regard to cyber security: Security Event and Incident Management (SEIM) systems, log management, incident response, and forensics.

Layered Security

Security Strategy

7:

All IT cyber security exists to support business goals. But at the end of the day, effective security must be a program, not a project. In this layer, we cover strategic planning (including budget and staffing), metrics, policies, as well as vendor & contract management.

Layered Security

Data Protection

8:

The central focus of cyber security is to protect data-- this essential layer covers key strategies to support that end. Key concepts include encryption technologies, Data Loss Protection (DLP), Disaster Recovery, and even documentation of data repositories and flows.

Layered Security

Risk Management

9:

The business side of cyber security is about risk management, so like the stem it runs through all layers. This layer covers core concepts like conducting Risk Assessments, the development of a Risk Register and resulting Mitigation Plans. However, it also includes Vulnerability Scanning and Maturity Models.

Layered Security

Users

10:

Users are commonly considered information security’s Achilles heel. However, we believe that through Awareness Training, Specialized Training, and Continuous Testing, the enterprise can ENABLE the user to be the cornerstone of your security program. The key to this philosophy is rewarding users for good behavior rather than just penalizing them for mistakes.

Perimeter

Physical

Network

Logical Access
Control

Endpoint

Monitoring & IR

Security Strategy

Data Protection

Risk Management

Users

Virtual Chief
Information Security Officer

Our virtual Chief Information Security Officer (vCISO) partners with you to guide your cyber security program.  The vCISO will work within your organization to build, lead, or assist in the development of an information security program on your schedule.  Whether you need assistance setting up a cyber security team or managing the one you already have, we can flex our vCISO to meet your needs.  Let Conversant Group help you navigate the complexities of your security environment (including interfacing with your board or executive committee) and enable your business, all while continually maturing your security program.  

Risk Assessments

 

 

As a business leader, you make decisions about risk every day: which project to tackle first, how to address your next case, what partnership you enter, and even how you spend your budget.  Your ability to secure your network is solely based on your ability to manage risk.  

Evaluate the effectiveness of
your information security controls

Organize and simplify your responses
for client security requirements

Quantify and control your risks; identify
your firm’s risk tolerance and residual risk

Overwhelmed with
requests for security
documentation ?
If you do not have the expertise to setup a risk management program, let us help. Our experienced and certified work force can evaluate the existence and effectiveness of your security controls. We can even help you communicate those needs up the chain to enable (and fund) real, sustainable change.

Applied
Artificial
Intelligence

(AI) Models

Centralized
Resources

Reduce false positives and ease
analyst & reporting fatigue

User Behavioral Analysis (UBA),
learning based on unusual activities

Identify new malicious activity using
Deep Packet Inspection (DPI)

24 x 7 x 365 monitoring
and alerting

Threat intelligence
using STIX and TAXII feeds

Active threat hunting &
Malware Analysis

Malware analysis

Applied
Artificial
Intelligence

(AI) Models

Reduce false positives and ease
analyst & reporting fatigue

User Behavioral Analysis (UBA),
learning based on unusual activities

Identify new malicious activity using
Deep Packet Inspection (DPI)

Centralized
Resources

24 x 7 x 365 monitoring
and alerting

Threat intelligence
using STIX and TAXII feeds

Active threat hunting &
Malware Analysis

Malware analysis

get more
information
about
security

let's build

a purposeful

relationship

together

 

 

 

 

learn more about us

 

contact us