Cybersecurity Risk Assessment - 'All Done' with WISER
-
Upload
cyber-wiser -
Category
Internet
-
view
61 -
download
1
Transcript of Cybersecurity Risk Assessment - 'All Done' with WISER
![Page 1: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/1.jpg)
WISER “WIDE-IMPACT CYBER SECURITY RISK FRAMEWORK”www.cyberwiser.eu @cyberwiser
Co-funded by the European CommissionHorizon 2020 – Grant # 653321
Cybersecurity Risk Assessment – ‘All done’ with WISER
Riga – 27th October, 2016Presentation at DSS ITSEC
DEMO
1
Antonio Álvarez RomeroAtos Spain
![Page 2: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/2.jpg)
2
Outline
CyberWISER Services
Introduction to CyberWISER-Light
Introduction to CyberWISER-Essential
Conclusions
© WISER 2015 www.cyberwiser.eu - @cyberwiser
![Page 3: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/3.jpg)
CyberWISER Services
CyberWISER Light – self-assessment of cyber risks and vulnerabilities in IT system.
User-friendly service - suited to every type of organisation. Especially good for time- and resource-constrained SMEs.
CyberWISER Essential – Risk Platform as a Service (RPaaS) for self-assessment of exposure levels with continuous, quasi-real-time monitoring
Standardised mitigation plan
CyberWISER Plus – RPaaS + Customised approach to cyber risk assessmentFace-to-face support in self-assessment phase Deployment support & mitigation plan tailored to your organisation
Available Dec 2016
Available Dec 2016
www.cyberwiser.eu
3© WISER 2016 www.cyberwiser.eu - @cyberwiser
![Page 4: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/4.jpg)
4
CyberWISER Services
© WISER 2016 www.cyberwiser.eu - @cyberwiser
CyberWISER-Light (CWL)Two versions: CWL Fast-track and CompleteSoftware as a ServiceOnline QuestionnaireOnline Vulnerability scannerProduces Aggregated Report
CyberWISER-Essential (CWE)CyberWISER-Plus (CWP)
![Page 5: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/5.jpg)
5
CyberWISER Services
© WISER 2016 www.cyberwiser.eu - @cyberwiser
CyberWISER-Light (CWL)CyberWISER-Essential (CWE)
Risk Management PaaSSensors deployed at client produce dataRisk Assessment services in the CloudDashboard showing real-time data and information
CyberWISER-Plus (CWP)
![Page 6: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/6.jpg)
6
CyberWISER Services
© WISER 2016 www.cyberwiser.eu - @cyberwiser
CyberWISER-Light (CWL)CyberWISER-Essential (CWE)CyberWISER-Plus (CWP)
Extended with more specific Risk ModelsExtended with specific application-level sensors
![Page 7: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/7.jpg)
7
Outline
CyberWISER Services
Introduction to CyberWISER-Light
Introduction to CyberWISER-Essential
Conclusions
© WISER 2015 www.cyberwiser.eu - @cyberwiser
![Page 8: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/8.jpg)
8
CyberWISER-Light
© WISER 2016 www.cyberwiser.eu - @cyberwiser
![Page 9: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/9.jpg)
CyberWISER-Light Demo
© WISER 2015 www.cyberwiser.eu - @cyberwiser 9
![Page 10: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/10.jpg)
Questionnaire
© WISER 2015 www.cyberwiser.eu - @cyberwiser 10
![Page 11: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/11.jpg)
Vulnerability test
© WISER 2015 www.cyberwiser.eu - @cyberwiser 11
![Page 12: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/12.jpg)
Vulnerability test
![Page 13: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/13.jpg)
CyberWISER-Light Demo
© WISER 2015 www.cyberwiser.eu - @cyberwiser 13
![Page 14: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/14.jpg)
14
Outline
© WISER 2015 www.cyberwiser.eu - @cyberwiser
CyberWISER Services
Introduction to CyberWISER-Light
Introduction to CyberWISER-Essential
Conclusions
![Page 15: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/15.jpg)
15
CyberWISER-Essential
© WISER 2016 www.cyberwiser.eu - @cyberwiser
Dashboard with a set of sectionsRisk ReportingConfigurationMonitoringModellingTesting
![Page 16: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/16.jpg)
16
CyberWISER-Essential
© WISER 2016 www.cyberwiser.eu - @cyberwiser
Risk reporting
![Page 17: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/17.jpg)
17
CyberWISER-Essential
© WISER 2016 www.cyberwiser.eu - @cyberwiser
Configuration
![Page 18: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/18.jpg)
18
CyberWISER-Essential
© WISER 2016 www.cyberwiser.eu - @cyberwiser
Monitoring
![Page 19: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/19.jpg)
19
CyberWISER-Essential
© WISER 2016 www.cyberwiser.eu - @cyberwiser
Modelling
![Page 20: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/20.jpg)
20
CyberWISER-Essential
© WISER 2016 www.cyberwiser.eu - @cyberwiser
Testing
![Page 21: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/21.jpg)
CyberWISER-Essential Demo Scenario
© WISER 2015 www.cyberwiser.eu - @cyberwiser 21
Simulation of an incident The attacker uses Kali Linux from public IP addressThe attacker executes a Hydra scriptWiser Agent detects the attack with Snort sensor (/var/log/snort/snort.alert)Wiser Agent sends events to DWHShow events received by Monitoring Engine from DWH via RabbitMQShow Alarm received in the RAE and how it is triggered the risk assessment
• Risk models selected• DEXI instantiation• Qualitative risk assessment per risk and target• Aggregations:
• Overall• By sections• By risks• Mitigation measures
![Page 22: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/22.jpg)
CyberWISER-Essential Demo Scenario
© WISER 2015 www.cyberwiser.eu - @cyberwiser 22
![Page 23: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/23.jpg)
23
Outline
© WISER 2015 www.cyberwiser.eu - @cyberwiser
CyberWISER Services
Introduction to CyberWISER-Light
Introduction to CyberWISER-Essential
Conclusions
![Page 24: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/24.jpg)
24
CyberWISER: What’s in it for my organisation?
© WISER 2016 www.cyberwiser.eu - @cyberwiser
Affordable cyber risk assessment services depending on customer needs & budget. Due to the real-time monitoring and the increase of automatization of this assessment, prices could be more competitive, and be affordable for segments as SMEs, that have a low budget for these types of services. Effective, efficient, and user-friendly solutions. This is going to be achieved by means of an Online-centred delivery model, which is found at www.cyberwiser.eu Customised approach and a team of experts “on-call” (where applicable), to overcome the intrinsic shortfalls of the one-fits-all solution. A “Cyber Security for all” approach!
![Page 25: Cybersecurity Risk Assessment - 'All Done' with WISER](https://reader035.fdocuments.net/reader035/viewer/2022062900/58e75ecb1a28ab4a278b5683/html5/thumbnails/25.jpg)
www.cyberwiser.eu @cyberwiser
Thank you for your attentions! Questions?
ContactAntonio Álvarez RomeroAtos [email protected]