Solved

RFP IT Security Provider

Posted on 2015-02-03
1
295 Views
Last Modified: 2016-03-23
When you RFP for the IT Security provider to implement monitoring, virtual patching, forensic analysis, security incidents, zero day attack software, etc, what did you do? How you’ve selected the provider and what are the things they cover for you? Who were your choices for this?
0
Comment
Question by:HelenIT
1 Comment
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40588125
It is more of asking the credential and proof of claims in their experience for those mentioned points. Very much what a MSSP can provide as well. Minimally the start off point is always there is need for covering the two scope
a) incident handling framework
b) incident governance lifecycle

Those activities are part and parcel for the above mentioned. Good useful references are below and the provider should very well understand those as it is expected as baseline capability to cover these and demonstrate it.
a) NIST's Cybersecurity framework (recommends the phases of Identify, Protect, Detect, Respond and Recover)
b) ENISA Incident Management guide (covers roles, workflow, lifecycle of triage, resolution, closure, post analysis)
c) ENISA Actionable Information for Security Incident Response (covering actionable info from preparation, stroage, analysis, and distribution)

Note in reference to NIST framework, I do the provider breadth of services covering activities embedded within the
a) Detect (Anomalies and Events, Security Continuous Monitoring and Detection Processes)
b) Response (Response Planning, Communications, Analysis, Mitigation and Improvements)

You can check out Federal one sample RFP covering the aspect of synopsis/solicitation for malware and automated Dynamic Malware Analysis

Also for candidates, the CPNI has previously under the program of  "iDATA: Improving Defences Against Targeted Attack" engaged providers (Qinetiq, BAE and MWR) to share more, I do see they are likely ones in the listing.

Others do include Mandiant (FireEye), CrowdStrike, Dell SecureWorks, and FoxIT which has incident handling experience with their research capability (this is another criteria to verifiable proof that can be asked as provider proof of prior experience )
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
Data breaches are on the rise, and companies are preparing by boosting their cybersecurity budgets. According to the Cybersecurity Market Report (http://www.cybersecurityventures.com/cybersecurity-market-report), worldwide spending on cybersecurity …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question