Cyber Security

Avineonics

Cyber Security Readiness, Response, and Recovery (CSR3)

Cyber threats are more rampant than ever before, with some research indicating more than 16,000 web sites are affected every day. A cyber attack can impact the performance of an enterprise or compromise sensitive data within minutes. To avoid this, government, critical infrastructure (CIKR), and commercial organizations must implement preventive measures and develop a plan that enables rapid response and recovery through collaboration with customers and service providers.

Many organizations have invested in tactical tools for detection, monitoring, alerts, event management (SIEM), forensics, and governance (GRC). Such tools can be very effective in addressing the technical, compliance, and reporting requirements for standards such as FISMA, FERC, and NERC CIP. However, they do not provide the process assurance necessary to ensure that your organization's plans for physical security, business continuity, IT security, and crisis management are executed in a cohesive and effective manner on every occasion.

The Avineonics Cyber Security Readiness, Response, and Recovery (CSR3) suite provides this assurance to management and other stakeholders. CSR3 leverages business process management technology to deliver a well-defined, documented, and controlled response to complex cyber threats and vulnerabilities.

CSR3 Helps Organizations Improve the Effectiveness of Information Assurance, Cyber Security, and IT Security Related Programs

Any organization with a significant IT infrastructure must stay prepared to deter cyber threats and respond to those that do occur. CSR3 can measure readiness, define emergency roles, encourage sharing of information, and increase situational awareness during incidents.

In addition to automating business processes associated with cyber security, CSR3 supports process definition and automation to practice the observe, orient, decide, and act (OODA) lifecycle for cyber incident management. The capability results in well documented operations for:

  • Analyzing and declaring alert levels and status
  • Activating response centers, teams, and partners
  • Centralized tracking of the response and recovery missions

CSR3 provides real-time dashboards and collects process metrics associated with tasks carried out before, during, and after the event. After-action reports (AAR) can be generated using templates customized for your organization.

Benefits

Improves Common Operational Picture

CSR3 helps in improving the common operational picture (COP) by assuring all stake holders have access to up-to-date information. Increased situational awareness of readiness, response, and recovery activities leads to better decisions and quicker reactions.

Enables Compliance with Standards and ICS Guidelines

CSR3 supports processes that are consistent with Incident Command System (ICS) guidelines, a proven system for singular and unified response developed by the U.S. Federal Emergency Management Agency (FEMA).

Drive Continuous Readiness, Response, and Recovery Process Improvement

CSR3's process-centric approach enables users to define and execute physical security, IT security, and business continuity plans from within a single comprehensive application that communicates with legacy systems.

Applied Technologies

CSR3 can integrate with the following systems to enable more effective governance of security programs:

  • Wireless monitoring and detection tools
  • Security information and event management tools
  • Encryption and cloaking tools
  • IT service management tools
  • Vulnerability analysis and visualization tools