ICE CONSULTING
🇬🇧
In English
In English
Practice Known Questions
Stay up to date with your due questions
Complete 5 questions to enable practice
Exams
Exam: Test your skills
Test your skills in exam mode
Learn New Questions
Popular in this course
Learn with flashcards
Manual Mode [BETA]
Select your own question and answer types
Other available modes
Complete the sentence
Listening & SpellingSpelling: Type what you hear
multiple choiceMultiple choice mode
SpeakingAnswer with voice
Speaking & ListeningPractice pronunciation
TypingTyping only mode
ICE CONSULTING - Leaderboard
ICE CONSULTING - Details
Levels:
Questions:
37 questions
🇬🇧 | 🇬🇧 |
SIEM | Security information and event management |
SIEM | Security information and event management |
CHALLENGES | • Frustrated by the time and resources it takes to PROPERLY scale their IT operations • Challenged by the complexities over the current government regulations with regard to the various regulatory compliance requirements • Concerned protecting their organizations against the current “CYBER PANDEMIC” we are experiencing is starting to place too much of a burden on their IT staff |
SIEM | Security information and event management |
Crisis | A series of incidents (or a serious incident) can become a Crisis. The definition of a Crisis varies from business to business – but a large part of what makes a Crisis is its scope. If an incident, or series of incidents, significantly disrupts day-to-day activities, it’s probably a Crisis and demands assembling the Crisis Response or Crisis Management Team. There’s no one size fits all definition. It’s important for a business to have its own threshold for defining if something is a problem, incident or crisis. Without set rules, you lose valuable time deciding how and when to escalate and take action. |
SIEM | Security information and event management |
COMPLIANCE REQUIREMENTS | NIST (National Institute of Standards and Technology) Hitrust (Health Information Trust Alliance) HIPAA (Health Insurance Privacy and Portability Act) GDPR (General Data Protection Regulation) CLIA ( Clinical Laboratory Improvement Amendments) ISO 27001 - ISO 27002 |
WHY OUTSOURCING CAN BE A GAME CHANGER? | ❑ Saves money and gives you peace of mind ❑ Let’s you focus on growing your business, while we manage your company’s IT operations ❑ Provides deeper technical expertise, a team of specialized engineers assigned to each client ❑ 24x7x365 IT services ❑ Customized IT agreement based on your budget ❑ One stop source for all IT services |
SECURONIX SNYPR | Centralized Log Collector maintains all logs from the connected devices and services for extended time periods for forensic analysis, legal reasons, etc SIEM and UEBA in a single package Threat Analyzer with a cloud based-AI engine analyzes, reports, suggests remediation, and documents all threats received. SNYPR is compatible with most major applications and services (Okta, Azure, AWS, O365, Palo Alto Firewalls, Cisco Umbrella, Windows Servers, Web Servers, etc…) |
Why Clients Value ICE? | » always working hard to be your trusted IT partner » solutions tailored to your business and budget » one stop for all your IT needs » reduced cost, increased expertise » award-winning customer service |
WHAT SEPERATES ICE? | » transparent and accountable service » 24x7 live help desk support and NOC services » complete IT documentation » IT management portal designed especially for clients » no long-term contract required |
THE SPECIALIST WE PROVIDE | NETWORK & SECURITY ENGINEER WINDOWS ENGINEER LINUX ENGINEER ACCOUNT MANAGER CLIENT SUPPORT STAFF HELP DESK SUPPORT VOICE/PHONE SUPPORT DATABASE ADMINISTRATION |
SERVICES WE PROVIDE | » Complete managed IT services agreements » Comprehensive IT audit and solutions » Network, systems & security design and implementation » High-performance computing (HPC) » Specializing in advanced Linux systems design and administration » VMWare and Microsoft hyper-V virtualization solutions » Windows and Mac systems administration » Storage, backup and disaster recovery » Private and public cloud services » Design, implement and manage AWS and Microsoft Azure cloud » Migrate servers to AWS cloud and Microsoft Azure cloud » Single sign-on and two-factor authentication » Implement and manage all cloud services » Design and manage data center on premise and colocation |
SOC, NOC, ITIL, SIEM | SOC (Security Operations Center) NOC (Network Operations Center) ITIL (Information Technology Infrastructure Library) SIEM (Security information and event management) |
SECURITY ISSUES | WHO reported a 5 fold increase in cyberattacks in 2020 Average cost of 1 data breach: 3.86 million Average total cost of data breach for companies with < 500 employees: 2.67 million PII (Personally Identifiable Information) was the most frequently compromised type of record, and the costliest at $150 a record. - The Ponemon Institute and IBM Security 48% of businesses have reported a security breach since the outbreak of COVID-19 Another 8% said that they do not know - Secure Age Loss of intellectual property Years of research down the drain Damage to your brand and reputation Cancelled deals and partnerships Millions in lost productivity and legal/remedies expenses Disclosure requirements imposed by your clients and governments intellectual property |
SOC-AS-A-SERVICE (4 BENEFITS) | MONITOR ANALYZE RESPOND ESTABLISH |
MONITOR | Anti-Virus • Encryption • Firewalls • Single Sign-on • Multi-factor authentication • Wireless Authentication • Servers and Storage (Cloud or On-Prem) • E-mail Services • Cloud-Based Services • Remote connections |
ANALYZE | Centralized Log Collector to collect and store logs from services and devices for analysis. Risk management process that reduces chances of security breaches. |
RESPOND | Respond immediately to cyber-attacks to avoid security breach |
ESTABLISH | Incident Response Plan (IRP) |
SOC-AS-A-SERVICE | SOC AS A SERVICE Provides 24/7/365, real-time visibility into your IT infrastructure Staffed by a global team of trained professionals SIEM (Security Incident and Event Management) subscription includes industry-leading processes and security tools Proactive remediation of threats before damage is caused One of the most cost-effective and impactful ways to elevate any organization’s security posture as compared to developing these services in-house ICE security professionals respond to all alerts instantly to reduce the exposure and limit the damage a security breach might otherwise cause ICE SOC team will work with your organization to establish incident response teams (IRT), formulate Incident Response Plans (IRP), and perform the necessary actions to remediate threats in a timely manner, as required by many compliances’ frameworks |
SOC 2 | (System and Organization Controls 2) is a type of audit report that attests to the trustworthiness of services provided by a service organization. It is commonly used to assess the risks associated with outsourced software solutions that store customer data online. |
INCIDENT vs PROBLEM | One blue screen - 5 blue screens |
SPECIALIZED SERVICES FOR BIOTECH | High Performance Computing (HPC) Large-Scale Data Storage and Management (Big Data Science) Cybersecurity Services including SIEM (Security Information & Event Management) services Linux Systems Design, Administration & Management Provide NIST, Hitrust, HIPAA, GDPR, CLIA, ISO 27001 & 27002, SOC-2, and other Compliance Requirements |
BASIC SERVICES | • 24X7X365 support services • Systems and network security • Cloud services and integration • Cybersecurity • Servers and storage • SSO/MFA (single sign-on/multi-factor authentication) • MDM (mobile device management) • Onsite user support and helpdesk • Security Operations Center (SOC) cutting edge technology to monitor real-time Cybersecurity • Security Information Event Management (SIEM) Realtime security monitoring with AI capabilities, one of our solutions against attacks and hacks • NOC (Network Operations Center) We continually help our clients best meet regulatory requirements such as GDPR, HIPAA, CLIA, ISO27001, ISO27002, HITRUST, NIST, and others. |
4 TYPES OF SERVICES | STRATEGIC TECHINICAL SUPPORT ADMINISTRATION |
IT STRATEGIC SERVICES | 1. Provide IT Director services 2. Design IT Infrastructure On-Premises and Cloud 3. Implement Process & Procedures based on IT best practices 4. Meet compliance requirements 5. Handle office build-out, migration & expansions |
IT TECHINICAL SERVICES | 1. Firewall, Switching & Routing 2. Linux, Windows & Mac servers & systems 3. Cybersecurity 4. Virtualization & Storage 5. Backup & Disaster Recovery 6. Wireless solutions 7. Single sign on (SSO) & Multifactor Authentication 8. Mobile Device Management (MDM) 9. Cloud services management 10. Onboarding & offboarding employees & contractors 11. Printing & phone services |
IT SUPPORT SERVICES | 1. Onsite technical services 2. Helpdesk-live tech support 24x7x365 including holidays 3. Proactive weekly Preventive Maintenance o Network Security o Network Infrastructure o Systems Infrastructure o Endpoints (Desktops, Laptops & Mobile devices) 4. NOC (Network Operation Center) 24x7x365 5. Provide IT training to users |
IT ADMINISTRATION | 1. Regular IT meeting 2. Project Management 3. Ticket Management 4. Client Satisfaction Reporting 5. Weekly & Monthly IT Reporting 6. Key Performance Index (KPI) Reporting 7. Hardware & Software procurement 8. Asset Management 9. Vendor management 10. Cabling services 11. IT Room, Cooling, HVAC 12. IT Documentation |
ICE BACKGROUND | ICE Consulting, Inc. specializes in providing Managed Information Technology (IT) services to small and medium sized companies. Certification: SOC 2 Year Established: 1996 (25+ years in business and going strong!) Client Satisfaction Score (CSAT): 97% (Industry standard 75%) CLSA Member Discount: 20% on hourly rate & 50% on IT Assessment |
CSAT SCORE | 97 compared to 75 over 7,000 reviews |
Why It’s Important to Work with a SOC-2 Compliant Partner? | Many of our clients today have different compliance requirements such as ISO, HIPAA, Hitrust, CLIA, GDPR, NIST, and others. All of these require that the IT service provider be SOC-2 compliant, yet we’ve found that more than 95% of our competitors are not SOC-2 certified, and we believe this really differentiates ICE. In fact, more and more organizations are asking that their managed service provider (MSP) undergo a SOC-2 audit before engaging with them. This makes perfect sense to us—organizations want to know how secure an outside vendor really is. The SOC-2 certification is a coveted and hard to obtain information-security certification, and it demonstrates that an independent accounting and auditing firm has examined an organization’s non-financial reporting control objectives and activities, and has actually tested those controls over time to ensure that they are operating securely and effectively. |
What is SOC-2? | Developed by the American Institute of CPAs (AICPA), SOC stands for Service and Organization Control. It defines criteria for managing customer data based on five “trust service principles”—security, availability, processing integrity, confidentiality, and privacy. |
5 TRUST PRINCIPALS | AVAILABILITY INTEGRITY CONFIDENTIALITY SECURITY PRIVACY |
IF THEY ALREADY HAVE AN IT DEPARTMENT | Compliment and supplement them, help them in the areas after hours, specialists, new SOC real-time cyber security monitoring, threat prevention, response services |
PURCHASING POWER PROGRAM | Accepted by CLSA based on our experience working with Biotech for 24 years 24 x 7 x 365 SUPPORT SOC NOC SIEM ITIL |
CHALLENGES | 1. Burdened by the time and resources it takes to scale their IT operations, which shifts focus away from their core business 2. Challenged by the complexities of the government’s compliance requirements regarding data management, privacy, and security 3. |
SECURONIX | Delivers a next-generation security analytics and operations management platform for the modern era of big data and advanced cyber threats and was named a leader in the 2021 Gartner Critical Capabilities for SIEM (for Security Information and Event Management) |
SECURONIX SNYPR | Centralized Log Collector maintains all logs from the connected devices and services for extended time periods for forensic analysis, legal reasons, etc SIEM and UEBA in a single package Threat Analyzer with a cloud based-AI engine analyzes, reports, suggests remediation, and documents all threats received. SNYPR is compatible with most major applications and services (Okta, Azure, AWS, O365, Palo Alto Firewalls, Cisco Umbrella, Windows Servers, Web Servers, etc…) |
INCIDENT vs EVENT | An incident is an unplanned interruption or a sudden reduction in the performance of an IT service. An event is a slight change in the state of the system or service in the IT infrastructure. |
Event | An event is any observable occurrence in your IT infrastructure. An event can be something as benign and unremarkable as typing on a keyboard or receiving an email. Each time that happens, it counts as an event. An event doesn’t have to be a problem; updating your firewall is an event. Security Events are events that could affect your information security specifically. Businesses will face many of these – security measures deal with most of these and are unnoticed or not acted upon. |
Alert | An alert is a notification that an event has happened. The alert goes to those responsible for taking action (if needs be). Not every event demands an alert – just those that will require action. If you set your threshold too low, you’ll be buried in alerts and won’t see real issues through the noise. Set the threshold too high and you won’t have enough warning to take preventative action. |
Problem | A problem is the cause, or potential cause, of an incident. A problem can be flagged before it has caused an incident. It’s a lot better than reviewing after an incident has taken place. Active monitoring and up to date resilience measures help nip potential incidents in the bud. This is why a problem is not the same as an event – an event can be routine and benign and not require action or escalation. A problem needs addressing, ideally before it becomes an incident. |
Incident | Not all events are incidents, but all incidents are events. Like how all thumbs are fingers, but not all fingers are thumbs. An incident is an event that negatively affects IT systems and impacts on the business. It’s an unplanned interruption or reduction in quality of an IT service. For example, a DDoS attack, or flooding of a server room are both incidents. Events don’t have to be negative – incidents always are. A Security Incident has a similar relationship to a Security Event. It specifically affects a business’ information security – normally by damaging or breaching it. Again, while the majority of Security Events don’t need dealing with, a Security Incident requires action. |
Crisis | A series of incidents (or a serious incident) can become a Crisis. The definition of a Crisis varies from business to business – but a large part of what makes a Crisis is its scope. If an incident, or series of incidents, significantly disrupts day-to-day activities, it’s probably a Crisis and demands assembling the Crisis Response or Crisis Management Team. There’s no one size fits all definition. It’s important for a business to have its own threshold for defining if something is a problem, incident or crisis. Without set rules, you lose valuable time deciding how and when to escalate and take action. |
UEBA | User and Entity Behavior Analytics |
SIEM | Security information and event management |