Many frameworks are starting to enforce better governance for cybersecurity and guide the programs for organizations across the world. For many organizations, a simple guideline such as PCI-DSS, HIPAA, ISO27001 or GDPR and SAMA compliance can be daunting due to the tools, time and personnel required to meet the objective. In this article, we take a look at the Saudi Arabian Monetary Authority (SAMA) compliance and how MDR services can help for the People, Process and Technology required.If you haven't done so, download the SAMA Compliance Framework to familiarize yourself with the objectives.
Managed Detection and Response (MDR) offers a SOC replacement/augmentation service which includes People, Process and Technology as a service. This combines the power of time-sharing, experienced personnel with an award-winning platform to consolidate many different aspects covered by compliance into one approach.
In this article, we highlight the People, Process and Technology you can leverage for SAMA compliance.
Technology and Process:
The graphic below highlights in orange the components of the IntelliGO MDR offering that can be leveraged for aspects of SAMA compliance which require it:
For each section, understanding how these apply can simplify the business case for MDR in your environment. For sections 3.3:
- Human Resources: Our Risk Mitigation Center (RMC) offers security operations personnel who run scans, audit systems and perform incident response. To fully manage SIEM, Scanning, EDR and stay ahead of threats can cost most organizations of 500 users over $1.1 million and is included in the MDR offering.
- Infrastructure Security: Patching, Scanning, updates to AV and checking for zero-day attacks with EDR are also core functions of MDR, typically excluded from MSS and overlooked by internal analysts when running security operations.
- Cryptography: With in-built private key infrastructure, the IntelliGO platform can be used for many aspects of Cryptography from S/MIME encryption, File/Disk Encryption and network authentication.
- Bring Your Own Device (BYOD): using the IntelliGO platform to on-board, secure and segment mobile devices such as Android, Apple iOS, Macintosh and Windows laptops. It also includes segmentation of IoT devices.
- Cybersecurity Event Management: By collecting data from firewalls, anti-virus and other cyber systems in place, the management and success of these tools can be measured with a "Prevention Posture Assessment" on an on-going basis. We also collect data directly from endpoints using EDR to ensure all data collected from the environment is under management.
- Cybersecurity Incident Management: Dealing with incidents requires a qualified team to classify and respond to cybersecurity incidents, which includes the ability to remediate by blocking, quarantining or wiping devices.
- Threat/Vulnerability Management: Our platform constantly scans the environment for vulnerabilities. We also leverage Threat Intelligence to capture IP, DNS and File hash information about threatening command and control servers or zero-day malware. Combined, these help organizations stay on top of known and unknown threats.
MDR provides personnel for security analysis and a Virtual CISO function which provides a guiding officer for the framework and its application. This ensures areas which are heavily driven by policy leverage templates and advice in order to complete initiatives on time and without excess budget concerns.Related Content: Check out our other Regulatory Compliance posts!