Scribd Logo
Upload

Welcome to Scribd!

  • Netrika Cyber Security Advisory Services DTD 28th Feb 2023

    Uploaded by

    Himanshu Bisht
    18 views26 pages

    Original Title

    Netrika Cyber Security Advisory Services dtd 28th Feb 2023

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    18 views26 pages

    Netrika Cyber Security Advisory Services DTD 28th Feb 2023

    Uploaded by

    Himanshu Bisht

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 26

    ACHIEVING EXCELLENCE

    WITH A GLOBAL VISION

    CERTIN ISO 9001:2015 ISO 27001:2013


    EMPANELLED Certified Certified
    WHO WE ARE?

    An ISO 9001:2015 and 27001:2013 certified and


    CERT-IN empanelled company, established with
    a vision to help the clients to focus on their core
    competencies in a risk free environment with
    our experience of more than 3 decades across all
    industries throughout the globe.

    Netrika Consulting India Private Limited


    (Netrika), is a professional risk and integrity
    management company that operates in
    emerging and frontier markets to advise clients
    on technology, operational or business risk.
    OUR SERVICES

    FORENSIC INVESTIGATIONS DUE DILIGENCE INFORMATION SECURITY GDPR & PRIVACY


    Asset Tracing (NPA) & E- Discovery Counter Party IT Security Audit
    (ISO 27001/PCI/HIPPA/SOC2/22301) Gap & Risk Assessment
    Due Diligence
    Digital Forensic & Investigations Process Design and
    (Disk, Mobile, Email, Social Media, Senior Management IT/OT Assessment and Compliance
    Documentation
    Video Extraction/Review/Analysis) Due Diligence
    VAPT- Vulnerability Assessment &
    Penetration Testing (N/w & Apps.) Compliance to GDPR/PDPA/
    Process & Compliance IT Asset Due Diligence ISO27701 & Country Privacy
    Reviews (Anti-Bribery, Anti-
    Corruption, AML/KYC Reviews Security Monitoring (Security Operations)

    SECURITY & RISK BRAND PROTECTION TRAININGS & CERTIFICATIONS


    CONSULTING BACKGROUND & ETHICS
    Anti-Counterfeiting / Security certification trainings
    Threat, Vulnerability and Risk Discrete reference checks
    Assessments (TVRA) & Audits Anti-Piracy Programs
    Information security
    Employee Background awareness training
    Technical Surveillance Enforcement Actions
    checks
    Counter Measures Supply chain security trainings
    Cyber Surveillance &
    Ethics Helpline (Whistle
    Executive & Event Protection Online Reputation
    Management Blower) ACFE preparation course
    Business Continuity (ISO22301)& Other corporate trainings
    Health & Safety (ISO45001) Litigation Support
    GLOBAL COVERAGE

    Delhi-NCR Hyderabad

    Kolkata
    Mumbai

    UAE Chennai
    Bangalore
    Corporate Office
    Sri Lanka Singapore
    Delhi-NCR

    Indian Presence
    Mumbai International Presence
    Bangalore
    Kolkata UAE
    Hyderabad Sri Lanka
    Chennai Singapore
    REFERENCES & TESTIMONIALS

    India Innovation Incorporation

    REFERENCES : CYBER SECURITY – ADVISORY/CONSULTING, SECURITY AUDIT & TRAINING


    REFERENCES & TESTIMONIALS

    REFERENCES : HR/IPR/SECURITY RISK– ADVISORY/CONSULTING, TVRA & INVESTIGATIONS


    CYBER SECURITY CONSULTING & ADVISORY SERVICES

    Netrika’s Cyber Risk Portfolio includes the following service offerings

    Information Security Awareness & Training

    Digital Forensics - Discovery, Analysis, & Investigations

    Technology Security & Testing – N/w & App (incl. Code Review & Config@CIS)

    IT & Network Security Assessment – Process & Technology Maturity Assessment

    Governance Frameworks - Information Security , Business Continuity , Data Privacy etc.

    Vendor Risk Management – Third Party Reputation, Compliance & Audits

    Managed Services for Cyber Risk (Continuous Monitoring) - SOC, Surface/Dark/Deep Web

    Note: Process & IT Posture Assessments (ISO27001), Privacy Audits (GDPR/PDPA+B).


    And Industry specific COMPLIANCE Audits (SEBI, IRDA, RBI, PCI, HIPPA, SOC2 etc.).
    CYBER SECURITY FRAMEWORKs
    ISMS – IMPLEMENTATION & SUSTENANCE
    • Scope Definition and Finalization
    • Awareness Training on Standards &
    Benefits
    • Documentations & Gap Analysis
    • Asset Compilation/Asset Register
    • Risk Assessment & Risk Treatment
    • Technology Testing – VAPT
    IT Assets, N/w & Security Devices
    • Controls Implementation
    Assistance (incl. Templates)
    • Internal Audit
    • Certification Audit
    • Surveillance Audits
    CONTINUITY/CONTINGENCY (DR) ASSESSMENT

    • Business continuity planning


    • Define Purpose, User, Owner, lines of
    Communication Recovery procedure, Plan
    invocation
    • Equipment Location & Equipment
    Maintenance
    • Business Impact Analysis
    • Documentation
    • Policy (BCMS)
    • Periodic Testing
    • Business, Utilities & Env
    • Documentation
    • Retention/Modification
    DATA PRIVACY
    TECH ASSESSMENT (SUMMARY)
    • IT Setup/DC Assessment
    • IT Governance Framework
    • IT Policies/Procedure/SOPs
    • Plan/Deploy various Business, Technical &
    Environmental Controls
    • Software/Applications and Change
    Management
    • Data Communication & Network
    • Email & Web Security
    • Access Control & Management
    • Electronic Document & Asset Management
    • IT Support and IT Incident Management
    • IT Vendor Selection and SLA Management
    • System Utilization and Performance Audit
    • Business Continuity & DR Capability
    • Data Archival & Secure Disk Wiping
    TECHNOLOGY TESTING

    Web-App Code Reviews Configuration Hardening of Configuration


    Vulnerability Penetration
    Security (Static/Dynamic) Review Infrastructure Review of
    Assessment Testing Endpoints
    Testing (N/w OS/DB
    (Internal/Externa)
    & Security)
    IT & NETWORK VAPT
    WEB APPLICATION SECURITY TESTING
    CONFIGURATION REVIEW

     Administrator & users privilege rights


     Antivirus & Service Pack updates
     Network shared folder & data sharing
     Review physical security controls
     Unwanted/malicious software etc. etc.
    EMBEDDED RESOURCE
     Deployment of Risk Consultants
    ◦ CISO as a Service
    ◦ ISMS Implementation & Documentation
    ◦ Maintenance and Sustenance of ISMS
    ◦ BCMS Audit/Implementation/Sustenance
    ◦ Program Management on PCI, SOC2 etc.
     Deployment of Technical Consultant
    ◦ Continuous Vulnerability Assessment
    ◦ Support SDLC & Code Reviews
    ◦ Threat Monitoring & Investigations
    ◦ Program Manage EPP/EDR, DLP etc.
     Security Operations
    ◦ IT & Security Administration
    ◦ Compliance Management
    ◦ Configuration Management
    ◦ Incident Management & Forensics
    AWARENESS & TRAINING
     Information Security Training at all levels for employees i.e. Lower , Mid and Senior
    Management.
     Customized Training Content based on Industry and Organizational Acceptable
    Usage Policy.
     Quiz, Case Studies , Scenario Building exercises and Interactive classroom sessions.
     Conducting Infosec Awareness Campaigns : Creative Posters , Wallpapers and Screensavers ,E-
    Learning Modules , AV Films on Information Security Awareness.
     Information Security Measurement via Email Phishing Simulator.
    TPRM/VRM (Vendor/Supplier Risk)
    • Identify impact of vendor breach
    – Know before others & Inform vendor
    – Mitigation strategy/revisit controls

    • 3rd party breaches are reported after


    excessive delays
    – Often lack understanding of privacy,
    security and statutory obligations
    – Seldom equipped with security ***Differentiators***
    professionals, SOC/NOC or undergo (Big Brothers’ may not Do)
    privacy and security trainings
    – Vendor Due Diligences
    – Digital Reputation Management
    • Typically, 3rd party breach – Train/Educate vendors
    notifications often come as a result (Policy, liability and procedures)
    of dark web findings or lawsuits – Alignment to your policy and goals
    e.g.. Alteration of routine workflows
    (WFH, BYOD, Data Handling etc.)
    • Fake Asset Identification and Supply
    Chain Assessment/Investigation – Field Investigations & Legal Support
    THIRD PARTY VENDOR RISK MANAGEMENT
    • Vendor Classification based on client risk
    appetite, policies, business goals
    (Identify Key Vendors and Suppliers)
    • Gap analysis for finalizing the scope
    • Build questionnaire/checklist/templates as
    per Scope & Domain
    • Vendor Assessment plans Audit Calendar
    • Vendor audit interim reports/evidences
    • Vendor Risk
    Scoring/Benchmarking/Dashboard
    • Training calendar for Vendors
    • Continuous Audit and Scanning
    • Tools and Technology for Automation
    • Board Reporting (Vendor Risk Score, Trends
    Immediate Action Items & Observations)
    THREAT MONITORING SERVICES
    ● Dark web and deep web monitoring (sensitive data leakage)
    ● Attack surface detection and Hunting (Surface Web)
    ● Third Party Cyber Risk and Brand Reputation Monitoring
    ● Cyber crime monitoring, advisory and Fraud Intelligence
    VULNERABILITY MANAGEMENT AUTOMATION
    Automation & Consolidation
     Continuous Security Assessment
     Repetitive Tasks/Actions (Orchestrate Risk
    Detection & Recurrent Scans)
     Visualize Findings & Summarize Data
     Mitigate Duplications from multiple Tools
     Reduce Mitigation Time & Prioritize Follow-up
     Enhance Protection & Compliance
     Dashboarding & Reporting at Click
     Various Views (Tester/Manger/CxOs)
     Historical Reporting Comparison
     Improve Security Posture & Compliance

    Testing & Exploits


     Network Discovery (Attack Surface)
     Service Enumeration (Resource Intensive Task)
     Vulnerability Assessment & Pen Testing
     Shortening Gap – Exposure to Remediation

    Rethink Vulnerability Management


     80+Security Tools
     Customized Dashboards & Reporting
     Custom Integrations (APIs)
    SECURITY OPERATIONS - SOC SERVICES
    Monitoring Partner
     Next Gen SoC with
    MSSP
     SIEM
     EDR
     User & Entity Behaviour
     Threat Intelligence
    Options
     Database Access Monitoring in Hand
     Brand Reputation
    Do Do-it-
    Detection and Response Nothing yourself
     Security Device Monitoring & Management
     Vulnerability Management

    Protection
     Server Security
     Web Security Gateway
     Endpoint Security Improved Security
    Reports and
    Daily checklist on event
    24x7x365 continuous Documentation on
     Endpoint Encryption monitoring
    Operational Efficiency
    and Visibility
    Daily/Weekly/Monthly
    analysis and alert
    notification
    basis
     Endpoint DLP
     CASB etc.

    IT Security Infra by Solutions offering


    WAF, Web G/w, DDoS Solution, HSM etc.
    Along with Traditional IT/Network/Security
    Infrastructure
    etc.
    CONTACT US
    Key
    Contacts

    Sanjay Kaushik Aashish Taneja Dhruv Maingi


    CFE, CII, FCIISCM, CATS, CCPS, Co-founder & Director-PES ICPS
    CFAP aashish@netrika.com Co-Founder & Director-IPR
    Managing Director dhruv@netrika.com
    sanjay@netrika.com

    Col Sanganagouda Dhawalgi Mitsu Doshi Kartik Vig


    CFE CFE, CA, CMA, Director – Security & Risk Consulting
    Executive Director-FI Executive Director – FI kartik.vig@netrika.com
    sanganagouda.dhawalgi@netrika.com mitsu.doshi@netrika.com

    Rajesh Kumar Pravin Parab Ashutosh Chowdhary


    CISA/CISSP/CEH/CDPSE/C CFE Head-IPR, Northern
    FE Director-Cyber Security Director-Operations, & Eastern Region
    Western Region and Southern Region ashutosh.chowdhary@netrika.com
    Rajesh.kumar@netrika.com
    pravin.parab@netrika.com
    M: +91- 9910327482
    Balasubramaniam Durgavarjhula Salil Kapoor
    Suruchi Gaur Associate Director, Cyber Security
    CFE, RIMS-CRMP
    Director- New Business and
    Associate Director, Forensic Investigation salil.kapoor@netrika.com
    Marketing
    bala.d@netrika.com M+ 91- 9971798069
    suruchi.gaur@netrika.com

    Vivek Saxena Geetika Wahi Raakhi Dhawan


    Associate Director Govt & Alliances
    Deputy Associate Director- Business Manager - Risk Consulting
    Development + raakhi.dhawan@netrika.com
    v.s@netrika.com Geetika.wahi@netrika.com
    M: 9810557727
    OUR OFFICES

    Global Headquarters Mumbai (Western Region) Bangalore (Southern Region)

    Plot No.2, Industrial Estate, Udyog Vihar, Accord Classic 510, Above Anupam Unit No 205 A, Carlton Towers,
    Phase IV, Gurugram, Haryana-122015, Stationery, Arey Road, Goregaon East, 01 Old Airport Road, Bangalore–560008,
    India Mumbai -400063, India India

    Contact Information Contact Information Contact Information


    +91-124-488-3000, +91- 9910020032 +91-22-49035900, +91- 8655104777 +91-80-43728750, +91 97422 33717
    info@netrika.com pravin.parab@netrika.com sanganagouda.dhawalgi@netrika.com

    UAE Singapore Sri Lanka

    SAIF ZONE , Q1-06-141/C PO Box - Regus Vision Exchange 32 Uswatte Road,


    124932 Sharjah Airport Free Zone, 2 Venture Drive Level #24-01 - #24-32 Etul Kotte, Kotte,
    Airport Rd, Sharjah, Sharjah 8000 Singapore 608526 Sri Lanka.

    Contact Information Contact Information Contact Information


    +971 553794260, 525346993, +91 +65 87308006, +91 9871093338 +94 773410254
    9990944440 singapore@netrika.com srilanka@netrika.com
    dubai@netrika.com

    This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should
    not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty
    (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted
    by law, Netrika, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any
    consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any
    decision based on it.
    Geetika Wahi
    Deputy Associate Director
    Netrika Consulting India Pvt Ltd
    Plot #2, Industrial Estate, Udyog-Vihar Ph-IV Gurgaon-122015, Haryana (India)
    E: Geetika.wahi@netrika.com| M: +91 9810557727 | www.netrika.in

    You might also like