TASL

Cyber Security

In a world increasingly driven by digital technologies and information, cyber-threat management is more than just a strategic imperative. In 2018, threat actors consistently improved their cyber weapons, quickly adopted new methods and adapted their attacks to emerging technologies. Today`s threat trends increasingly point to more stealth-like cyber-attacks with malware, ransomware, data breach, and crypto-mining. The volume and sophistication of cyber threats are increasing and pose real and potent threat to a present-day organization. According to a Forbes report, 2019 is going to be a defining year at the intersection of physical and cybersecurity. The Internet of Things (IoT) and advances in artificial intelligence are some of the main driving forces in this evolution.

A cyber-attack can lead to unprecedented loss for an organization on multiple fronts and can cause irreversible damage to its reputation. Data protection and privacy are the most pressing security challenges of our time. Consumers have become used to provide more and more personal information to companies for convenience-where we go, who our friends are, employer, mood, etc.

TASL completely understands that in this age of ever-increasing cyber threats and attack vectors, organizations face an uphill task in terms of protecting their brand identity and intellectual property.

TASL believes organizations must have a robust Cyber Security Architecture that provides tactical and strategic capability to detect, prioritize, respond to and anticipate attacks.

The Cyber Security practice of TASL provides a wide spectrum of services and solutions. TASL cyber security team has the right combination of experience and expertise to support and manage all kinds of critical cyber security initiatives for a customer.

SERVICES




Advisory

Security & Information Protection & Management
Our Security Risk and Vulnerability Assessment uses specialized techniques to do an in-depth evaluation of an organization`s Information Technology Infrastructure to help identify potential security risks and key vulnerabilities. Through proven methodologies and tools, our cyber security experts assess organization`s security exposure to provide mitigation strategies and identify remediation efforts.

TASL uses expertise to perform a thorough inspection of an organization`s entire IT infrastructure covering the people, process and technology looking for security weaknesses along the entire chain of an organization`s operation.

Vulnerabilities may exist across multiple systems and devices connected to an organizations network. Typical targets of an assessment include network devices, web applications, email servers, databases, and almost any device attached to the network. The Security experts work with organizations to identify a list of potential targets based on the internal or external requirements.

The identified vulnerabilities are then fixed as per the industry best practices and the cycle is repeated on a periodic basis to recheck and reassure an organization of the sufficiency of its IT security infrastructure and policies.




Technology Maturity Assessment & Roadmap

In the ever-increasing competitive scenario of today, Organizations need to constantly evolve through right-sizing, new strategic initiatives, technology improvements and rational use of reducing IT funds. TASL understands the challenge for organizations to maintain stability and security of their IT Infrastructure through all these changes. With an ever-evolving threat landscape it becomes a necessity to assess the current state and define an adaptive & evolving cybersecurity posture for your organization. TASL consultants have an in-depth knowledge of vertical specific requirements, new threat vectors, regulatory landscape and resiliency needs to help define the right cybersecurity posture.

Problems like performance gaps, redundancies and inefficiencies also emerge over time. IT security organizations face the daunting task of balancing the evolving needs of business and scaling up the technology and policies to support information security needs of the business.

The TASL team of expert consultants can help organizations assess their IT infrastructure for adequacy and help build a future roadmap of their IT security infrastructure to ensure the limited resources are put to best use and the evolving business needs are effectively met.

Security Leadership

The TASL cybersecurity team comprises of experts who have in-depth experience in various facets of cybersecurity. We can offer services to set-up and manage the end to end cyber security function for organizations. TASL has the right mix of resources who can be deployed to support the cybersecurity function of an organization for all the critical roles including the leadership role of a CISO (Chief Information Security Officer).

TASL services are offered in flexible options - organizations can choose to partner with TASL to help them augment, manage or set up their cyber security function for a short term or can outsource their entire cybersecurity function to be managed end to end by TASL.

Data Classification, Protection & Privacy Governance


For organizations that handle growing volumes of increasingly complex and distributed data, TASL provides its Data Classification, Protection and Privacy Governance. TASL provides management capabilities and granular controls over the complete lifecycle of data, identifying the existence, establishing ownership, accountability and relationship for data assets. The solution includes control frameworks, record inventory catalogs, risk mapped to data assets, policies, processes and reporting.

Systems Integration



Information Security Management System (ISMS) Implementation
This is achieved by implementing the Information Security Management System (ISMS) in order to maintain, restore and guarantee the security of the Information.

With many years of experience in Information Security, TASL experts can assist and guide organizations in all areas of the Management Information System (MIS), ranging from assessing information security against the standard to helping achieve certification to the standard

For the ISMS service a team of TASL ISMS experts travel to the customer site to perform the required detailed assessments and advising on the steps needed to improve the current state of the information security of the organization. TASL also manages the change to ensure increased awareness among all the stakeholders when putting into place new protocols, new controls and new procedures. This helps in early adoption and a smooth transition creating a win-win proposition for the customers.

Some of the services offered as a part of the ISMS implementation include:

  • ISO 27001 Gap Assessment Review
  • Access Control Review
  • Application Security Review
  • Firewall Policy Review
  • Incident & Breach Response Planning
  • Infrastructure Configuration Review
  • Internal Policy Review
  • Patch Management Review
  • Risk Management Review
  • Vendor Risk Management
  • ISMS Training and Awareness
Product Implementation

TASL uses a well-defined phased approach for the implementation of products as part of any cyber security initiative for a customer. TASL has a rich pool of multi-skilled resources who work with the client team in a consultative manner for the execution of the various product implementation. Each phase during the engagement has well defined deliverables and outcomes and TASL follows a mutually agreed signoff mechanism to ensure proper closure of a phase before moving on to the next phase during the product deployment.

SOC Implementation & Consulting

TASL offers best of breed services for SOC tool & process implementation enabling organizations with the visibility they require to protect their networks, IT and application assets from a growing landscape of advanced threats as well as meet the current and emerging compliance mandates.

TASL offers a team of knowledgeable experts to provide technology agnostic SOC consulting to help organizations choose the best suited SIEM platform, analysis of compliance and threat management requirements as well as end-to end implementation services which includes architecture development, deployment, customization, integration with other security devices and process definitions.



TASL SOC implementation services include:

  • Requirement Analysis and SOC platform selection.
  • Solution Architecture Design, Configuration and Deployment.
  • Defining the Processes
  • Solution Training and Awareness Management
  • Post Go-Live Support Services.


Operations and Maintenance



In the current age of ever-increasing Information security threats, Organizations need to constantly be protected from various types of incessant cyber-attacks. Organizations without constant monitoring and threat management mechanisms struggle to effectively counter these attacks and can suffer serious business consequences as a result.

The TASL iSOC (Intelligent-Security Operations Center) services provide next-gen SOC competencies that bring visibility to and protection against the mounting risk of cyber-attack by using its capability to capture and intelligently analyze data from any type of device to provide actionable insights for proactive threat management. Security hygiene through technological interventions and process improvement is the key focus of this service. The service pivots around the focused dashboard that zero`s in and synchronizes the customers security initiatives around devices/ incidents and uses automation and analytics to generate real-time alerts and reports.

The managed services framework and approach combines detection, triaging, orchestration, contextualized incident management and investigation into a seamless experience to reduce Mean Time to Response (MTTR) for every incident. The platform learns from analyst interactions and investigations to help cyber defense teams with best next steps.

TASL SOC services are available in multiple options and customers can choose to partner with us as per their requirements.



Our SOC service help organizations meet the following objectives:
  • Reduction in the overall enterprise security risk.
  • Moving from a reactive response strategy to a proactive mitigation-based approach.
  • Increase the visibility over the environment.
  • Meet the compliance and regulatory requirements.


Specialized Services

Integrated Identity Management & Governance

Today's organizations are evolving to increase their accessibility to customers, partners, vendors, suppliers and employees across multiple channels, both physical & virtual (including mobile based access, web access/cloud). They are deploying an ever-increasing number of applications, to address business needs such as role management, compliance and audit reporting, but are incompatible or inconsistent with existing security models & audit mechanisms, resulting in increased risk of identity theft & unauthorized access.

TASL offers comprehensive identity management solutions that are focused on provisioning, role-based access control, role management, access management, single sign-on and federated identity management.



Insider Threat Analytics

The traditional approach to information security is based on a distinction between internal and external threats, the present-day threat landscape clearly shows the boundaries separating them are not clearly defined within the modern infrastructures, and the threat mediums are mostly inside the organizational boundary walls. Modern information systems and networks are global, complex and open to access to multiple types of stakeholders. This makes them vulnerable to exploitation and risks. Today, all companies face risk from within their own walls from a variety of individuals and groups, including their employees and contractors, supply chain and customers, as well as malicious parties that have infiltrated the organization.

TASL offers a state-of-the-art solution for insider threat management. TASL offers the Enterprise Immune System from Darktrace, a radically new approach to the cyber challenge based on the assumption that organizations face a constant level of threat from within. It represents a cutting-edge technology that is capable of `self-learning` within an organization on an adaptive, real-time basis - and using these learnings to detect an anomalous behavior when it starts to manifest itself. Like viral DNA, which constantly mutates and evolves to ensure its survival within the human body, cyber attackers are sophisticated and constantly change and tweak their behaviors in order to avoid detection. The Enterprise Immune System is just as clever as the viral DNA - it is continually learning and understanding what constitutes a threat.

An Enterprise Immune System therefore gives organizations the ability to get ahead of threat for the first time and remediate emerging suspicious activity before major damage is done. It also allows threat analysts to focus on truly concerning incidents that are likely to be serious threats, rather than producing floods of undifferentiated alerts.



Web Intelligence & Analytics

The types and amount of web data in existence are quickly expanding. Manually searching for and identifying relevant information is difficult and time-consuming because it`s scattered across the web in multiple locations, formats and languages, and is constantly being updated. In addition, the most critical information to ongoing investigations is increasingly real-time in nature, requiring a very high frequency of data collection from web sources.

Our Web Intelligence & Analytics service gives corporate and government organizations a competitive advantage in their pursuit of critical insights from the web. Using an end-to-end open source web intelligence solution, we can automatically transform seemingly unrelated fragments of publicly shared data found on the web into actionable insights.



Please contact us at: contactcs@tataadvancedsystems.com