![Page 1: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/1.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
Because Security Gives Us Freedom
![Page 2: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/2.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
PANOPTIC CYBERDEFENSE
CYBERSECURITYLEADERSHIP
Panoptic Cyberdefense is a monitoring and detection service in three levels:● Security Management and Reporting● Managed Detection and Response● Security Orchestration
Cybersecurity Leadership is a professional service, custom-tailored to the needs andgoals of your organization, designed to augment the leadership necessary to build amature cybersecurity operation, from the ground up. The service assists your organization with Assessment, Governance and Compliance, Security Readiness, and CISO Services.
Managed Security Systems for the enterprise, inclusing our own SIEM and NIDS platforms.
![Page 3: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/3.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
SECURITY IS A PROCESS NOT
A PRODUCT
![Page 4: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/4.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
CONFUSIONCONFUSION
![Page 5: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/5.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
SHELFWARE
MOST LIKELY
SIEMIDS
MAIN REASONS
LACK OF STAFFLACK OF CLARITYCOMPLIANCE ONLY
Source: 451 Research
![Page 6: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/6.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
LACKINGCLARITY
POINT OF ACTIVITY
SCOPE
![Page 7: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/7.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
SOLUTIONFRAGMENTATION
![Page 8: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/8.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
INCONSISTENTTERMS
![Page 9: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/9.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
UNCLEARSCOPE
![Page 10: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/10.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
SCOPEFRAGMENTATION
![Page 11: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/11.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
SOLUTIONFRAGMENTATION
![Page 12: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/12.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
POINTGAPS
![Page 13: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/13.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
SCOPEGAPS
![Page 14: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/14.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
LACKINGINTEGRATION
![Page 15: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/15.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
SCOPEGAPS
![Page 16: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/16.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
UNCLEARCLAIMS
![Page 17: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/17.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
PARTIAL ORCOMPLETE?
![Page 18: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/18.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
NEEDCOMPLIANCE
INFO
![Page 19: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/19.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
LITTLESTANDARDIZATION
OF TERMS
MAGNIFICENT 7
ENCRYPTIONSIEMVULNERABILITY MANAGEMENTIDS/IPSAVFIREWALLS/NGFWSMONITORING (GENERAL)
Source: 451 Research
![Page 20: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/20.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
LITTLESTANDARDIZATION
OF TERMS
MAGNIFICENT 7
ENCRYPTIONSIEMVULNERABILITY MANAGEMENTIDS/IPSAVFIREWALLS/NGFWSMONITORING (GENERAL)
Source: 451 Research
![Page 21: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/21.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
NO AUTHORITYINDUSTRY DOESN’T HAVEINCENTIVE
STANDARDS DON’T HAVEAUTHORITY
![Page 22: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/22.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
USE A MODEL
NIST Special Publication 800-53 (Rev. 4)Security Controls and AssessmentProcedures for Federal Information Systems and Organizations
NOT
NIST Framework for ImprovingCritical Infrastructure Cybersecurity
![Page 23: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/23.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
THE SOLUTION:MAPPING
PRODUCT
PROCESS
SERVICE
AC-1 ACCESS CONTROL POLICY- PROCEDURESAC-2 ACCOUNT MANAGEMENTAC-3 ACCESS ENFORCEMENTAC-4 INFORMATION FLOW ENFORCEMENTAC-5 SEPARATION OF DUTIESAC-6 LEAST PRIVILEGEAC-7 UNSUCCESSFUL LOGON ATTEMPTSAC-8 SYSTEM USE NOTIFICATIONAC-9 PREVIOUS LOGON NOTIFICATIONAC-10 CONCURRENT SESSION CONTROLAC-11 SESSION LOCKAC-12 SESSION TERMINATIONAC-13 SUPERVISION AND REVIEW - ACCESSAC-14 PERMITTED ACTIONS WITHOUT IDAC-15 AUTOMATED MARKINGAC-16 SECURITY ATTRIBUTESAC-17 REMOTE ACCESSAC-18 WIRELESS ACCESSAC-19 ACCESS CONTROL FOR MOBILE DEVICESAC-20 USE OF EXTERNAL INFORMATION SYSTEMAC-21 INFORMATION SHARINGAC-22 PUBLICLY ACCESSIBLE CONTENTAC-23 DATA MINING PROTECTIONAC-24 ACCESS CONTROL DECISIONSAC-25 REFERENCE MONITOR
![Page 24: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/24.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
A TINY BITABOUT
NIST
NIST Security Controls(NIST Special Publication 800-53 (Rev. 4))
Control FamiliesAC - Access ControlAU - Audit and AccountabilityAT - Awareness and TrainingCM - Confguration ManagementCP - Contingency PlanningIA - Identifcation and AuthenticationIR - Incident ResponseMA - MaintenanceMP - Media ProtectionPS - Personnel SecurityPE - Physical and Environmental ProtectionPL - PlanningPM - Program ManagementRA - Risk AssessmentCA - Security Assessment and AuthorizationSC - System and Communications ProtectionSI - System and Information IntegritySA - System and Services Acquisition
![Page 25: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/25.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
NIST ISCOMPREHENSIVE
SC-5 DENIAL OF SERVICE PROTECTION
Control DescriptionThe information system protects against or limits the effects of the following types of denial of service attacks: [Assignment: organization-defined types of denial of service attacks or references to sources for such information] by employing [Assignment: organization-defined security safeguards].
Control EnhancementsSC-5(1) DENIAL OF SERVICE PROTECTION | RESTRICT INTERNAL USERSThe information system restricts the ability of individuals to launch [Assignment: organization-defined denial of service attacks] against other information systems.SC-5(2) DENIAL OF SERVICE PROTECTION | EXCESS CAPACITY / BANDWIDTH / REDUNDANCYThe information system manages excess capacity, bandwidth, or other redundancy to limit the effects of information flooding denial of service attacks.SC-5(3) DENIAL OF SERVICE PROTECTION | DETECTION / MONITORINGThe organization:SC-5 (3)(a) Employs [Assignment: organization-defined monitoring tools] to detect indicators of denial of service attacks against the information system; andSC-5 (3)(b) Monitors [Assignment: organization-defined information system resources] to determine if sufficient resources exist to prevent effective denial of service attacks.
![Page 26: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/26.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
AC-5 SEPARATION OF DUTIES
Control DescriptionThe organization:a. Separates [Assignment: organization-defined duties of individuals];
b. Documents separation of duties of individuals; and
c. Defines information system access authorizations to support separation of duties.
MANY AREPURELY POLICY
![Page 27: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/27.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
Access ControlAC-4 INFORMATION FLOW ENFORCEMENTAC-5 SEPARATION OF DUTIESAC-20 USE OF EXTERNAL INFORMATION SYSTEMSAC-21 INFORMATION SHARING
Incident ResponseIR-4 INCIDENT HANDLINGIR-5 INCIDENT MONITORINGIR-6 INCIDENT REPORTINGIR-7 INCIDENT RESPONSE ASSISTANCEIR-9 INFORMATION SPILLAGE RESPONSEIR-10 INTEGRATED INFORMATION SECURITY
ANALYSIS TEAM
ONSHOREMDR
![Page 28: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/28.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
Access ControlAC-3 ACCESS ENFORCEMENTAC-5 SEPARATION OF DUTIESAC-7 UNSUCCESSFUL LOGON ATTEMPTSAC-8 SYSTEM USE NOTIFICATIONAC-9 PREVIOUS LOGON (ACCESS) NOTIFICATIONAC-10 CONCURRENT SESSION CONTROLAC-11 SESSION LOCKAC-12 SESSION TERMINATIONAC-13 SUPERVISION AND REVIEW - ACCESS CONTROLAC-14 PERMITTED ACTIONS WITHOUT IDENTIFICATION
OR AUTHENTICATIONAC-20 USE OF EXTERNAL INFORMATION SYSTEMSAC-21 INFORMATION SHARINGAC-24 ACCESS CONTROL DECISIONSAC-25 REFERENCE MONITOR
Incident ResponseIR-4 INCIDENT HANDLINGIR-5 INCIDENT MONITORINGIR-6 INCIDENT REPORTINGIR-7 INCIDENT RESPONSE ASSISTANCEIR-10 INTEGRATED INFORMATION SECURITY ANALYSIS TEAM
ONSHORESIEM
![Page 29: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/29.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
QUALIFIERS
SUPPORTS
COMPLETE
PARTIAL
![Page 30: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/30.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
CONSIDERATIONS
IN-SOURCEVS. OUT-SOURCE
POINT OF ACTIVITY
![Page 31: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/31.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
REVIEW
● It can be difficult to understand cybersecurity offerings and gaps that may remain because of the lack of a way to compare functions against a complete stack model and because of the lack of standardized terminology.
● NIST can be used as a model of completeness and mapping solutions to NIST controls both provides clarity and identifcation of gaps.
● Using the model involves determining which NIST controls the solution satisfes and to what degree. This can be done by simply posing the question to the vendor.
● Additional factors to consider involve in-sourcing versus out-sourcing in the context of risk.
● Point of activity should also be determined to understand gaps in scope not refected in the NIST controls.
●
![Page 32: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/32.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
CREDITS
Jim BurnhamSix Nines IT
Steve KentonShore’s CTO
Chris JohnsononShore’s Security Compliance Strategist
![Page 33: Because Security Gives Us Freedom - Chapters Site · NIST Security Controls (NIST Special Publication 800-53 (Rev. 4)) Control Families AC - Access Control AU - Audit and Accountability](https://reader030.vdocument.in/reader030/viewer/2022040616/5f14c975db074659fd397666/html5/thumbnails/33.jpg)
www.onShore.com PANOPTIC CYBERDEFENSE™
QUESTIONS
Stel ValavanisCEOonShore [email protected]@onShore.com