Determining firm current Capabilities

This slide portrays information regard ing assessment of current cybersecurity framework on certain
standards.

Key Enablers Minimum St a Evolving St rength Best in

ndard Class
Asset Management 0

@)---- Identify Governance e

Add text here e
o Data Security 0

I
Protect Access Control e

®r
Add text here 0
Threat Intelligence e

®.r l
Detect Continuous Monitoring

Add text here

Commun ication
e

e
@)---- Response Response Planning 0
Add text here e
o Inciden t recovery e
1 Recovery Add text here 0
Add text here e
@Pr

VRfli• This sli<e is lo:>% editable. Adapt it t o your needs and

capture you r audience'sattention.

•
Optimizing Cybersecurity Framework Roadmap
Thisslide portrays information regardingoptimization of current cybersecurityframework. The ITdepartment will require to fulfill
crucial activitiesin specifictimeframe.

Immediate (0-6 Months} Short Term (3-12 Months} Long Term ( 12-> Months}

Implement enterprise »» >» 0

security program Test ingof incioent >
Incident response plan Risk
response p lan
management
Add text Add text here Add text here
here
Add text Add text Add text here
here here

Implement control
>» »» 0

l
envi ronment
Network upgrajat ion > Record management Platform upgr<dation

Logging & monitoring Add text here Netw ork upgr<dation

Add text Add text here Add text

here here
Add text here

Implement security »» »» 0
processes Security assessment
Handlingthreats Patch management
&
maintenance
Add text Add text
here here Add text here
Add text here Add text here Add text
here

> Governance strategy planning

'
Add
Skills text here plann ingandtraining '
development
This slke is lo:>% editable. Adapt it to your needs and captureyour
audience'sattention.
Timeframe for Incident Management
Thisslide provides information regarding entire duration of incident handling process which occur in various
phases.

Phase Description

Incident logg ing Through - emails, alls, SMS, live chat

phone messages

) Incident
Ticket creation ) Service request

@ Incident categorization u High

u Medium
u Low

u Critical
u High
,_ Incident prioritization
u
Medium
u Low

EB Incident resolution Add text here

1
6 Incident closure Add text here

This sli<e is lo:>% editable. Adapt it to your needs and captureyour

audience'sattention.
 Essential Contingency Plan Strategies
This slide portrays information contingency considerations and solu t ions.The considerations consists of technicalrequirement;that assist contingency solut ion and contingency solution are
used t o im plement contingency strategy.

I I
lillll
Local area W ide area
network Mainframe network
systems
Contingency plan

l
./ ./ ./ ./
coordination with syst em ./
security controls
Vendors coordination ./ ./ ./

Syst ems, configurat ions &

./ ./ ./ ./ ./ ./
vendor information
documentation
Add text ./ ./
here

Add text ./ ./ ./
here

Single points of failures ./ ./

detection
Redundancy implementation
./ ./
in critical components

Syst em ./ ./ ./ ./ ./
backups
Remot e access and ./ ./
wireless technologies
integration
Add text here ./ ./

Add text here ./ ./ ./

VRlfiall• This sli<e is lo:>% editable. Adapt it to your needs and captureyour
audience'sattention.
 Cybersecurity Maintenance Checklist
Thisslide providesinformation regarding service maintenance checklist that is prepared for the client and the activities menticned will be performed on daily, weekly, monthly orqcarterly
basis.

0 0 0 0

Daily Weekly Monthly Quarterly

./
System Monitoring - Real
time ./

+ Back up
monitoring ./ ./

... [ ] Preventive
Maintenance ./
.. .
[ )
Virus
Scanning ./ ./
G,;:J Security
Patches

•
./
Disk Error
Checking ./ ./
Executive
6' Reporting ./ ./
Review and Planning
Meeting
111111111111111111111111111111 1111111111111111111111111111111111111111111111111111111111111111111111111111111 1111111111111111111111111111111111111111111111111111111111111111111111111111111 1111111111111111111111111111111111111111111111111111111111111111111111111111111 111111111111111111111111111111

This sli<e is lo:>% editable. Adapt it t o your needs and capture your audience's
attention.
 Dashboard - Incident Tracking
Thisslide portrays information regardingthe dashboard that firm willtra:k various incidents detected. These incidents will be managed in order to avoid cybersecurity
risks.

[@ Application White listing

1111111111111111111111 111111111
Q Patch Applications
111111111111111111111111111 1111

-
!!!!! Pa tch Operating Systems
11111111111111111111111111111111
13 I Restrict Admin
Privileges
11111111111111111111111111111111

- - - -
To p 4 To p 4

lHr 24Hr lHr 24Hr A lerts lHr

High a 6 High a a High a
a High a 3
Med ium a a Medium a a Medium a 4 Medium
a a
Low a 1 Low a a Low a 1 Low
a a

Incidents Open 0 Cl o sed O Incidents » Open 0 Cf oscd 0 Incidents Open 0 Cl osed O Incidents >' O p en 0 Closed 0
>> >>

Disable untrusted
Microsoft Office Macros User Application Hardening Multi-Factor Authentification Daily backup of important data

A lerts lHr 24Hr A lerts lHr 24Hr A lerts lHr 24Hr A lerts lHr 24Hr

High a a High a a H igh a a H igh a a

Medium a a Medium a Medium a a Medium a a

a
Low a a Low a 0 low a a
Low a a

Incidents Open- a Clos ed- a Incidents Open- a Closed- a Incidents Open- a Clos e d- a Incidents Open- a Clos e d- a

* M M¥f* This sli<e is lo:>% editable. Adapt it to your needs and captureyour
audience'sattention.
Cyber Security Governance
Thisslide portrays information about how firm will assess different alternate siteson certain parameters such asimplementati3n cost, hardware and telecommunication connection
requirement, setup time, location.

Senior Management Business Strategy Organisation objectives

Steering Committee
Risk Management/Information Security Security Requirements
and Executive
Strategy
Management

CISO/ Security Action Plan, Policies, Security Programmes

Steering Committee Standards

Implementation

Security Objectives

Monitor/Metrics
Reporting Trend Analysis
I