CyberProtectSM

Advanced Cyber Defense and Response

Product

Product

Your institution is under constant attack from agile and well-funded adversaries. Protecting sensitive data from increasingly targeted cyberattacks and fast-moving threats is critical to maintaining your position as a trusted financial services provider.

CyberProtect from Fiserv offers a level of protection previously available to only the largest banks and government agencies. Designed by veterans of the financial services and cybersecurity industries, CyberProtect is offered in partnership with BlueVoyant to safeguard financial institutions through world-class cybersecurity expertise.

Setting the Cybersecurity Standard

CyberProtect provides proactive detection combined with real-time remediation, advanced cybersecurity tools, an interactive portal and compliance solutions. World-class cybersecurity experts in geographically diverse security operations centers (SOC) deliver 24/7 network monitoring.

Unrivaled VisibilityEvery second counts when your institution is under attack. CyberProtect includes a customizable portal that delivers a single, comprehensive vantage point into your institution’s cybersecurity status – whether you want to know about active threats, actions taken to protect you or recommendations to prevent recurrences.

Next-Generation Protection

CyberProtect monitors your network 24/7 from SOCs across the globe, protecting you against cyberattacks that specifically target your institution’s vulnerabilities. CyberProtect enables you to focus valuable IT resources on business growth and strategic opportunities rather than monitoring, managing and maintaining disparate cybersecurity modules.

Key Benefits

• Reduce risk – By orchestrating activity across previously disparate modules, CyberProtect strengthens defenses

• Gain efficiencies – Automated and remote remediation frees you to focus resources on building business value

• Respond faster – Intelligible and actionable alerts eliminate cybersecurity noise and uncoordinated alerts

• Simplify vendor management – By monitoring and managing all network cybersecurity solutions, CyberProtect lowers costs, reduces complexity and strengthens security

• Ease regulatory burdens – Portal built specifically for your financial institution provides easy access to the information auditors demand

• Find the best fit – From our must-have Essentials to the recommended Advanced option, CyberProtect scales to accommodate your evolving needs

“Prior to CyberProtect it was as if we had four or five Lamborghinis that we didn’t know how to drive, and now they have been replaced by one Tesla that drives itself! We have already seen a 40 perecent reduction in costs and 100 percent increase in security awareness and incident response.”

Brandon HarveySenior Director of Technology Northwest Community Credit Union

Your staff can provide free-form answers and upload evidence for all controls. In addition, items covered either in full or partially by the CyberProtect solution are designated with instructions about how to gather evidence or provide guidance on the control. The assessment results in a full report that can be shared with your organization and regulators. It also provides the capability to track your improvements year over year.

Optional Professional Services

External Vulnerability Assessment

Our external vulnerability assessments identify any security weaknesses in your publicly facing networks, systems and applications. Vulnerabilities are prioritized based on criticality with detailed descriptions of impact and affected hosts. This service adds organizational context to event detection and resolution while highlighting network segments that will benefit from customized detection and analytics.

Deeper Intelligence for Quick Response

CyberProtect can increase your protection levels, offering access to exclusive threat intelligence including dark web and host-based threat data. Real-time incident response, internet-scale threat intelligence and security event automation promote quick and decisive action. Intelligible and actionable alerts are easy to understand so you can respond quickly and efficiently. The solution also enables you to identify unauthorized systems, applications and use of privileged credentials– in real time, across your network.

With CyberProtect, you can stop breaches before they occur and protect your organization against both malware and non-malware attacks.

Compliance Self-Assessment and Regulatory Reporting Tools

Purpose built for financial institutions, CyberProtect includes a cybersecurity compliance self-assessment module based on the Federal Financial Institutions Examination Council (FFIEC) Cyber Assessment Tool and National Credit Union Administration Automated Cybersecurity Examination Tool (NCUA ACET) controls.

Gain an immediate understanding of cyberthreats, actions taken and remediation.

Most traditional managed security service providers offer siloed detection and response and pass the remediation on to you. Fiserv provides early detection to full remediation to save you time and keep you secure and compliant.

Dashboard

Gain an immediate understanding of cyberthreats, actions taken and remediation.

Most traditional managed security service providers offer siloed detection and response and pass the remediation on to you. Fiserv provides early detection to full remediation to save you time and keep you secure and compliant.

Advanceddiagnostics

Security events

24/7triage

Automatedreal-time response

Resolution updates

Triage Containment Life Cycle

Client Network

Managed Detection and ResponseEarly detection to full remediation through a single portal

Incident Response Plan

Our incident response plans provide you with recommended processes for a streamlined response to each critical incident. This involves defining the incident and severity level, identifying stakeholders and point-of-contact information and developing communication templates to improve response times and information sharing. When added to CyberProtect, incidence response plans bridge the gap between technical and nontechnical incident response processes so that you can address cybersecurity threats more quickly and efficiently.

NIST Cybersecurity Assessment

The National Institute of Standards and Technology (NIST) Cybersecurity Framework is the defacto standard used to identify, assess and mitigate cybersecurity risk

worldwide. The NIST standard uses a holistic approach that measures your organization’s effectiveness across the incident response life cycle. When this service is implemented alongside CyberProtect, our experienced consultants will document the added maturity of our solutions while identifying prioritized gaps to help your institution protect against the threats most applicable to you.

Cybersecurity for Today and Tomorrow

In an increasingly connected and digitally dependent world, every financial institution must achieve the highest levels of cybersecurity. CyberProtect allows you to cost-effectively leverage leading cybersecurity professionals formerly with the NSA, FBI and British and Israeli intelligence agencies. Put our cybersecurity expertise to work for your institution.

“Years ago, we used products that delivered cybersecurity protection relative to known attacks. With CyberProtect, we are able to identify and monitor not only known attacks, but also activity identified as potential risks to the bank. CyberProtect tells us not only what those threats are, but eliminates them at the time of the threat.”

Elizabeth MaciasChief information Security OfficerPonce Bank

24/7 Security Operations Centers

Security Orchestration and Automation

Client Portal

Advanced Threat Intelligence

CyberSecurity Compliance Self-Assessment

Features Benefits

From "must-have"

Essentials to the

recommended Advanced

and even Comprehensive

modules, CyberProtect

scales to meet your

evolving needs.

CyberProtect Essentials

CyberProtect Advanced

CyberProtect Comprehensive

Options

Geographically diverse, cloud-based SOCs staffed by former government operators and supported by the CyberProtect platform provide 24/7 coverage with full resiliency. SOCs minimize the impact of attacks and lower costs with real-time remediation and faster response times, continuously strengthening your security posture.

CyberProtect Essentials includes endpoint-based managed detection and response (MDR) utilizing either Carbon Black’s CB Defense or CrowdStrike Falcon Prevent™ powered by our cloud-based security orchestration, automation and response platform. CyberProtect Essentials is managed 24/7 from geographically diverse security operations centers. Alerts are generated, prioritized and investigated with full transparency through our client portal, enabling our customers to review ongoing security alerts and investigations in near real time and review historical trends on the network.

CyberProtect Advanced goes beyond CyberProtect Essentials to include security information and event management forms. This service can either be cloud-based security event monitoring powered by Splunk® or a full cloud-based, co-management of Splunk. The combined services enable us to collect, aggregate and correlate across all data sources (endpoint, network and critical applications) to provide comprehensive visibility and detection across your on-premises and cloud environments.

CyberProtect Comprehensive includes professional services and threat intelligence offerings that can be combined with the the above packages or used as a standalone service to fit specific needs. Professional services include National Institute of Standards and Technology cybersecurity assessments, external vulnerability assessments and incident response planning. Our threat intelligence offerings include services to protect your bank identification numbers, credentials and brand.

Orchestration and automation of security events and alerts integrates unrelated security systems, allowing the streamlined aggregation and prioritized analysis of incoming data and alerts. Expert analysts identify the alerts that really matter so you can focus on what to do next. This process significantly reduces mean time to resolution, reducing your exposure.

Our web-based portal delivers complete visibility and an easy to understand representation of your environment and security program. See the full context of incidents, assets, vulnerabilities and ongoing investigations while communicating in near real time with our security operators.

Proprietary, open-source and dark web intelligence is leveraged to expedite, triage and enrich investigations conducted by the SOC. This service provides intelligence reports detailing new detections with classifications of threat indicators. Greater threat intelligence translates into faster identification and remediation of security events. It also reduces the risk of data loss and business disruption due to successful attacks.

Purpose-built for financial institutions, the Cyber Security Compliance Self-Assessment module is based on both the FFIEC cyber assessment tool and NCUA ACET controls. Users can provide free-form answers and upload evidence for all controls. Items fully or partially covered by the CyberProtect solution are pre-loaded into any new assessment, reducing time spent gathering evidence and allowing your team to focus on your business. The module accelerates your assessment maturity, eases the examination process and includes documentation and evidence management for CyberProtect supported controls.

Features

CyberProtect Feature Matrix

Product CyberProtect Essentials forSmall to Mid-Sized Institutions

CyberProtect Advanced forMid-Sized to Larger Institutions

Service Features Protected Endpoint Managed Detection and Response

Detection as a Service (DaaS)

Managed SIEM

Security Operations Center • • • •

Automation + Orchestration Support • • • •

Client Experience Team • • •

Investigation & Notification • • • •

Threat Detection • • • •

Malware Prevention • • • •

Endpoint Response • • •

Endpoint Health Monitoring • • • •

Software Upgrades • • • •

CyberSecurity Compliance Self-Assessment Module

• • •

Endpoint Response: Remote Intrusion Response

• • •

Threat Detection: Threat Hunting • • •

Vulnerability Management: Import • • • •

Vulnerability Management: Service • • • •

Log Collection • •

Security Event Monitoring • •

Device Health Monitoring • •

Log Retention & Archiving • •

Access to Best-of-Breed, Scaled Search and SIEM Platform

•

Full Event Visibility •

Dedicated and Fully-Managed Infrastructure

•

Support to Generate Custom Correlation and Content

•

Access to SIEM and Security Detection and Response Experts

•

*Red = Optional

Connect With UsFor more information about CyberProtect, call 800-872-7882, email getsolutions@fiserv.com or visit www.fiserv.com.

About Fiserv Fiserv is driving innovation in Payments, Processing Services, Risk & Compliance, Customer & Channel Management and Insights & Optimizing. Our solutions help clients deliver financial services at the speed of life to enhance the way people live and work today. Visit fiserv.com to learn more.

800-872-7882 262-879-5322getsolutions@fiserv.com www.fiserv.com

Fiserv, Inc.255 Fiserv Drive Brookfield, WI 53045

© 2019 Fiserv, Inc. or its affiliates. All rights reserved. Fiserv is a registered trademark of Fiserv, Inc.

Other products referenced in this material may be trademarks or registered trademarks of their

respective companies.

384619 06/19