Managed Services: Outsourced Solution to Meet Your Security Needs

By Jeff Schroeder • October 30, 2017

As a small- or medium-sized business, you are faced with many challenges. How do you stay focused on your company’s core mission while scaling your organization’s infrastructure to accommodate growth and investing in the right technologies and solutions?

That’s where managed services come in. Instead of investing in the headcount, you can outsource key services to IT professionals focused on critical areas. Advantages of this approach include:

  • Consistent, known, and manageable costs with a good return on investment
  • Ability to leverage innovations and stay at the front of the technology curve
  • Improved security and peace of mind knowing experts are proactively handling issues
  • Internal team members can focus on strategic projects, furthering your company’s cause

How CyberSheath Can Help

You can rely on CyberSheath for your Managed Security Services or Governance, Risk, and Compliance needs. Partnering with other managed service providers while carving out our area of expertise means that you see no additional spend for licensing costs.

You need:CyberSheath offers:
A DFARS-compliant security management platform that monitors your cloud, hybrid cloud, and on-premises infrastructure to provide a unified approach to threat detection and compliance management

Needs to satisfy: NIST 800-171 Rev. 1 Requirements defined in sections 3.3.1, 3.3.4, 3.3.5, 3.3.6, and 3.3.8

Security Management Platform

  • Security Information and Event Management (SIEM) | Gathers and analyzes logs and event data from disparate security controls and devices across the network, and correlates them to identify related security events.
  • Vulnerability Management & Asset Discovery | Provides visibility into assets and user activity and identifies vulnerabilities across the environment.
  • Intrusion Detection System | Detects intrusions and monitors behavior to track events and establish a benchmark for normal conduct.
  • Threat Intelligence | Implements correlation rules, IDS signatures, vulnerability detection rules, and IP reputation updates to ensure the security management platform is appropriately maintained and detecting current threats.
A DFARS compliant incident response monitoring program that will continuously monitor your environment for malicious outsider threats as well as malicious and non-malicious insider threats.

Needs to satisfy: NIST 800-171 Rev. 1 Requirements defined in sections 3.3.3, 3.6.1, 3.6.2, 3.14.3, 3.14.6, and 3.14.7

Incident Response Monitoring Managed Service

  • Comprehensively monitors and analyzes correlated alerts derived from log feeds of selected devices feeding into the SIEM solution. Monitoring will be provided by security experts to identify and respond to security threats.
  • Provides detailed notification and recommendation for containment, eradication, and recovery from security incidents as dictated in the organizational Incident Response Plan (IRP).
  • Creates, edits, and manages all details of the incident in a tracking solution until incident closure.
  • Tracks metrics for incident occurrences, time to resolution, and other critical measurements of the IRP.
  • Provides updates and improvements to the IRP based on after-action reports and lessons learned.
An identification and authentication service that complies with the DFARS security requirements for multi-factor authentication

Needs to satisfy: NIST 800-171 Rev. 1 Requirements defined in sections 3.5.3, 3.5.5, and 3.7.5

Multifactor Authentication (MFA) Managed Service

  • Secures access to accounts by offering a layered approach to security for your VPN, privileged accounts, and Covered Defense Information (CDI) systems.
  • Work with stakeholders and end-users to test the validity of MFA solutions against the in-scope systems and defined use-cases.
  • Deployment of the capability to the in-scope users and systems.
  • Develop and deliver training material for all in-scope users who will be required to use the MFA solution.
  • Work to resolve any system irregularities or issues with the MFA solution.
A mobile device management service for mobile devices that complies with the DFARS security requirements for systems which store, process, or transmit CDI.

Needs to satisfy: NIST 800-171 Rev. 1 Requirements defined in sections 3.1.1, 3.1.8, 3.1.10, 3.1.18, 3.1.19, 3.8.6, 3.13.11, and 3.13.16

Mobile Device Management (MDM) Managed Service

  • Enforces security configuration and encryption for bring-your-own-device (BYOD) or company-provided mobile phones or tablets.
  • Work with stakeholders and end-users to test the capabilities of the mobile device management solution against the in-scope systems and defined use-cases.
  • Deployment of the capability to the in-scope users and systems.
  • Develop and deliver training material for all in-scope users.
  • Work with the organizations to administer the MDM solution as it relates to the provisioning and de-provisioning of mobile devices and users within the scoped environment.
An endpoint protection solution that complies with the DFARS security requirements for the protection of endpoints (client systems and servers) and removable media which store, process, or transmit CDI.

Needs to satisfy: NIST 800-171 Rev. 1 Requirements defined in sections 3.1.19, 3.8.6, 3.8.7, 3.13.11, 3.13.16, 3.14.2, 3.14.4, 3.14.5

Endpoint Protection Managed Service

  • Centralize management of anti-virus, anti-malware, and full disk encryption of the laptops, work stations, and servers.
  • Work with stakeholders and end-users to test the capabilities of the endpoint protection and encryption solutions against the in-scope systems.
  • Deployment of the capability to the in-scope users and systems.
  • Develop and deliver training material for all in-scope users who will be required to use the encryption solutions.
  • Work with the organization to administer the endpoint protection suite as it relates to the configuration and troubleshooting of systems within the scope environment.
A GRC program that enables the organization to track and maintain DFARS compliance after all remediation efforts have been completed

Needs to satisfy: NIST 800-171 Rev. 1 Requirements defined in sections 3.2.1, 3.2.2, 3.2.3, 3.4.1, 3.6.2, 3.12.3, 3.12.1, 3.12.3

Governance, Risk, and Compliance (GRC) Managed Service

  • Provides and maintains a repository of assets, threats, and pre-mapped controls, and assigns controls based on role throughout the organization.
  • Manages policy based on your organization’s unique risk profile, regulatory requirements, and best practice needs.
  • Inventories, tracks and manages of all vendor and service provider assessment activities.
  • Manages training with web-based information security awareness training in-line with DFARS security requirements.
  • Provides audit management with a streamlined verification process of IT security controls through defined audit workflows.
  • Identifies, tracks, and manages regulatory changes to ensure your organization maintains a state of compliance.

You can rely on CyberSheath to provide quality managed services for your IT security needs. Contact us to learn more about how we can help your organization.

Cybersheath Blog

3 Reasons Why You Need a Privileged Access Risk Assessment

A privileged account is one used by administrators to log in to servers, networks, firewalls, databases, applications, cloud services and other systems used by your organization. These accounts give enhanced permissions that allow the privileged user to access sensitive data or modify key system functions, among other things. You can…

Incident Response – Learning the Lesson of Lessons Learned

“Those who do not learn from history are condemned to repeat it.” Over the years, variations of this famous quote have been spoken by everyone from philosophers to world leaders. The message — that we must learn from our mistakes or continue to repeat them — is also highly relevant…

What is DFARS 252.204-7012 and NIST SP 800-171?

With the Department of Defense (DoD) promising the release of an update to NIST Special Publication 800-171, it is imperative defense contractors understand what DFARS 252.204-7012 and NIST SP 800-171 Clause is and how noncompliance with the Clause will impact their business.  Compliance is mandatory for contractors doing business with…

Our Trusted Partners

Cyberark McAfee Thycotic RSA Tenable Alien Vault Alert Logic Trace Security