[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

RFP IT Security Provider

Posted on 2015-02-03
1
Medium Priority
?
330 Views
Last Modified: 2016-03-23
When you RFP for the IT Security provider to implement monitoring, virtual patching, forensic analysis, security incidents, zero day attack software, etc, what did you do? How you’ve selected the provider and what are the things they cover for you? Who were your choices for this?
0
Comment
Question by:HelenIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 40588125
It is more of asking the credential and proof of claims in their experience for those mentioned points. Very much what a MSSP can provide as well. Minimally the start off point is always there is need for covering the two scope
a) incident handling framework
b) incident governance lifecycle

Those activities are part and parcel for the above mentioned. Good useful references are below and the provider should very well understand those as it is expected as baseline capability to cover these and demonstrate it.
a) NIST's Cybersecurity framework (recommends the phases of Identify, Protect, Detect, Respond and Recover)
b) ENISA Incident Management guide (covers roles, workflow, lifecycle of triage, resolution, closure, post analysis)
c) ENISA Actionable Information for Security Incident Response (covering actionable info from preparation, stroage, analysis, and distribution)

Note in reference to NIST framework, I do the provider breadth of services covering activities embedded within the
a) Detect (Anomalies and Events, Security Continuous Monitoring and Detection Processes)
b) Response (Response Planning, Communications, Analysis, Mitigation and Improvements)

You can check out Federal one sample RFP covering the aspect of synopsis/solicitation for malware and automated Dynamic Malware Analysis

Also for candidates, the CPNI has previously under the program of  "iDATA: Improving Defences Against Targeted Attack" engaged providers (Qinetiq, BAE and MWR) to share more, I do see they are likely ones in the listing.

Others do include Mandiant (FireEye), CrowdStrike, Dell SecureWorks, and FoxIT which has incident handling experience with their research capability (this is another criteria to verifiable proof that can be asked as provider proof of prior experience )
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
A bad practice commonly found during an account life cycle is to set its password to an initial, insecure password. The Password Reset Tool was developed to make the password reset process easier and more secure.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question