NewPush Solutions for the Public Sector

It is no longer sufficient to use cybersecurity systems of the past with the hope that they will defend against the cyberattacks of today or the future. Cybercrime is advancing at an astonishing rate; security protection needs to recognize every threat and have an answer for it. Attacks are frequent, damaging, and more organized; security systems need to include ongoing and comprehensive monitoring, with the means to keep personnel continually informed on the organization’s cybersecurity footprint.

Technological advances such as the Internet of Things (IoT), remote access, cloud computing, and borderless data centers have increased the number of pathways that cybercriminals can use to access networks, disrupt operations, and obtain valuable information. Today’s cyber threats can only be combated by utilizing ongoing and intelligent threat and vulnerability monitoring systems that possess the ability to identify and secure distributed and remote technologies. Additionally, decision-makers require a continuous, complete, and comprehensive view of their organization’s cybersecurity status at any time.

The Connective Platform™ is a comprehensive cybersecurity solution designed to ensure high level security for any enterprise. It provides a comprehensive and holistic view of an enterprise's cybersecurity asset landscape, identifying threats, vulnerabilities, and gaps against the organization's defined risk profile. TCP enables connectivity and interoperability between diverse and disparate IT and cybersecurity tools to combine data from all assets, users, and points of measurement across all existing and future technologies. With TCP’s unique data ontology and correlation rules, a comprehensive overview of an organization’s cybersecurity risk profile is presented in a clear, concise, and quantifiable suite of executive and operational dashboards.

The Connective Platform™ is a SaaS product specifically designed to provide senior leadership and security operation teams with a complete and comprehensive actionable view of their entire enterprise cybersecurity risk profile. Through the analysis and correlation of data from across the IT enterprise, functions such as asset discovery and management, vulnerability and threat detection, identity management, risk assessment, and comprehensive reporting are performed to provide that full enterprise-wide security risk view.

The Connective Platform™ enables the avoidance of cyber threats as well as compliance efficacy by providing thorough visibility across disjointed systems. TCP allows organizations to identify gaps in their cybersecurity landscape, and to answer the ‘you don’t know what you don’t know’ question.

The Connective Platform™ has enabled organizations to significantly reduce their daily risk and vulnerabilities, close material weaknesses found in audits, streamline user access reviews, and improve security management processes. All these actions equate to considerable time, compliance, and cost savings through an easy-to-manage solution.

The Connective Platform™ (TCP) will bring immediate value to any Security Operations Center (SOC) or Managed Security Practice. It will streamline processes and tools utilization, improve visibility and usage of data from SIEM and other systems, and yield efficiencies in operation, thereby generating cost savings. It will enhance security protection and improve the overall security and compliance risk profile of the enterprise.

There are four areas in which the implementation and utilization of TCP can save substantial costs for an enterprise.

1) The reduction of manual operations and analysis of data from all telemetries protecting the cyber footprint. Many enterprises still use manual and/or archaic tools and processes that TCP eliminates.

2) TCP identifies underperforming or non-performing tools in use and can schedule them for retirement.

3) Processing costs of data consumption by certain technologies that charge by consumed volume, such as SIEM, can be reduced by sanitizing log data through TCP.

4) And finally, because TCP enables compliance adherence and validation, the time and cost of performing security validations and audits is reduced substantially.

TCP mechanizes much manual work currently being performed by security analysts. Any such mechanization, by definition, increases the productivity of the organization, thereby freeing up resources to work on other tasks and assignments. But also, due to TCP’s comprehensive, instantaneous view of the cyber footprint, identification, prioritization, mitigation, and tracking to resolution of all vulnerabilities enables a sharp increase in productivity of the users of this data.

Attacks against virtually every type and size of company, organization, and enterprise are increasing worldwide. Numerous examples (SolarWinds, Colonial Pipeline, MGM, and many others) can be cited in which the enterprise lost track of an asset in the cyber inventory, only to have the breach occur at that exact point in the footprint. We boldly make the claim that had TCP been in place in those instances, the likelihood of such breaches would have been reduced as the rogue asset would be known.

Most attacks and breaches are aimed at invoking financial penalties. Most attempts by enterprises to thwart attacks involve costly operations and significant staffs of people. It should be obvious that taking costs out of the security operation while enabling maximum protection against attacks will yield a significant positive impact on the bottom line of the enterprise.

Protection against attacks is the primary reason any enterprise deploys tools and products in its cyber footprint. But it is also necessary to validate security efficacy via audits and reviews. As TCP processes data about assets from all telemetries in the cyber footprint, it also maps that data against all regulatory, business, financial, and corporate audit requirements, thereby producing on a regular basis an auditory view of the cybersecurity posture. Therefore, on an ongoing basis, corporate executives can be assured they are prepared.

TCP is a SaaS product for threat, vulnerability and identity management, providing cybersecurity

protection that gives the enterprise the capability to significantly reduce the risk of a cyber-attack or ransomware incident. TCP assures IT and security corporate and regulatory compliance, while reducing the cost of security operations substantially.

TCP Core is the engine driving The Connective Platform™. This Core consists of a Robotic Process Automation (RPA) engine, a compliance engine, and a portal. RPA powers governance, security, and the initiation of internal and standard policies. Compliance is for business applications, access management, and threat information. The portal is used by vendors, staff, and clients.

The Connective Platform™ consists of three unique, yet complimentary products that together provide comprehensive security protection for any enterprise. The three are Connective Shield, Connective Identity, and Connective Vigilance.

Vulnerability and Threat Management
Every organization has extensive assets that bring with them gaps and vulnerabilities that need to be realized and effectively handled. Connective Shield puts enterprise management in control of managing assets, analyzing risks, and initiating action to resolve and prevent those risks.

Asset Reconciliation

Reconciliation is the process of interlinking distinct sets of records to determine their relationship so that knowledge about those records is enhanced to its fullest. This ensures they are consistent and contain no deviations. By amalgamating and reconciling data from all data telemetries in the security footprint, TCP will provide a complete and accurate view of all assets.

Compliance

There are now many industry and government regulations with which organizations must comply. Depending on the location and the nature of an institution’s business, these could include PCI, GDPR, HIPAA, SOX, etc. TCP Shield processes data against regulatory rules to provide a full picture of risk and compliance.

Executive Dashboard

TCP’s Executive Dashboard provides standard reporting of security posture and compliance by constantly comparing the state of cybersecurity against predetermined sets of controls such as NIST 800-53, ISO27000, etc. TCP provides decision makers with a tool to be able to assess trends and progress, and to prioritize where further investment is necessary.

By deploying and using Connective Shield any enterprise or institution will realize the following benefits:

Complete identification and categorization of all assets in the cybersecurity footprint, as well as all vulnerabilities against those assets, to enable quick and decisive remediation.

A single point of control defining, measuring, and enforcing corporate security policies, and centralizing the view of corporate risks via single-pane-of-glass reporting at all levels of the enterprise operation, including CEO or Board, CIO. CISO, and operational levels.

Complete amalgamation of all data from all telemetries including access risks to assets, presented, and managed at the asset level.

Streamlining the review process, thereby simplifying audits and regulatory reporting.

Enhancing compliance and reducing the risks and costs related to it, for HIPAA, PCI, SOX, GDPR, and other regulations.

Identity and Access Management

Connective Identity enables any enterprise to always know who in the organization has what access privileges to what data and systems.

Identity Governance (IGA)

Connective Identity offers capabilities in identity analytics, identity lifestyle management and governance, access rights management and governance, and governance on the fly. Identity lifecycle management and governance includes identity lifecycle management portals, identity approbation workflows, identity provisioning, and identity governance and remediation.

Architecture

The Connective Identity Core consists of a portal, a Robotics Process Automation engine, and an analytics engine. The portal is for communication with system integrators, internal teams, and consultants. The RPA engine powers enterprise governance, business processes, workflow, and a best practices library. The analytics engine utilizes identity and human resources data, ERP, as well as legacy applications and cloud utilization.

By deploying and using Connective Identity any enterprise or institution will realize the following benefits:

Provisioning and de-provisioning of access, data history, and enterprise-wide trend analysis, identification and tracking of orphan and service accounts, and the use of account and identity reconciliation.

Separation of Duties and User Access Reviews for partners, vendors, and host applications. This enables quantitative analysis of any increases in security risks for quick detection of any misuse of privilege or access rights.

Enabling account reconciliations and integration with account access and removal. This includes policy violations related to all internal or external assets.

Full mapping of the controls of NIST and ISO 27000. Use of analytics to advance IGA deployments and manage identity administration and governance, automate provisioning and de-provisioning, and continuous compliance and controls.

Identity analytics, including identity lifecycle specifications, identity lifecycle data models, identity analytical reports, and data quality reports and cleanup.

For system integrators, account provisioning and de-provisioning can be connected through Connective Identity. The system also acts to complement any existing IAM service. Inbound and outbound API connectors can be used for provisioning and de-provisioning for a smoother service. There is also a special Role Mining feature that enables system integrators to easily identify abnormal access rights.

Connective Vigilance Security Awareness Training (SAT) protects any organization from the dangers of phishing, malware, ransomware, and social engineering by bringing them to the immediate attention of all employees. Through in-depth training and ongoing assessment, the entire company will be made aware of the many different types of security attack surfaces and methods criminals use to penetrate an organization, thereby arming them with the information they require to identify and report suspicious activity before they fall victim to an attack.

The vast library of training content housed in Connective Vigilance has three access training levels and more than 1,000 training items in over 30 languages. This covers cyber threats, such as spear phishing, social engineering, and ransomware, as well as practical steps that team members can take to increase resilience. Tests can be taken before and after training to show how vulnerable users are.

Vigilance includes a selection of more than 5,000 phishing security test templates as well as customizable test templates. Simulated phishing tests are regularly sent to employees to help train them to become more cyber-aware and provide management with a better understanding of corporate, internal cybersecurity risks.

By deploying and using Connective Vigilance any enterprise or institution will realize the following benefits:

Connective Vigilance enables the entire workforce to be transformed into cyber-aware users. Cybersecurity needs to work from the ground up, creating a culture where best security practices are being used throughout the organization every day. This type of approach will reduce the human-risk factor in any organization’s cybersecurity program and lead to much higher returns on security investment. Connective Vigilance brings the most comprehensive, powerful, and reliable platform for security awareness training and simulated phishing. It only takes a single vulnerability to result in a security failure, but such vulnerabilities can be avoided. Achieving security intelligence that extends throughout the organization with no stone left unturned, means lamentable data breaches will be a thing of the past.

As hackers are making use of every method and device, they can exploit every vulnerability. TCP Vigilance will ensure users are made fully aware of the ever-increasing new challenges to security.

Connective Vigilance has measurement and management tools, such as a Phish Prone Percentage™ feature, which tells management how employees perform when sent simulated phishing emails, along with training model statistics to help management understand strengths and weaknesses. This can be tracked over time to identify which users need training in different areas of cybersecurity.