Embed Size (px)
Citation preview
VIPDDR CYBERSECURITY FRAMEWORK
SMSAM SYSTEMS LTD is a disruptive PAN African advanced cybersecurity services firm- with a mission to securing
Africa's digital assets and critical infrastructures organizations, against ALL of form of cyber-attacks.
Headquartered in Nigeria and with presence across many African countries, we deliver on our mission by leveraging
t h e V I P D D R C y b e r S e c u r i t y F r a m e w o r k d e v e l o p e d b y u s . T h e m o t i v a t i o n b e h i n d t h e
framework is to have a practical and realistic cybersecurity program with proven security rather than vaguely assuming
same. The ultimate mission of the framework is to STOP BREACHES as we leverage of automated, best-in class, AI /ML
powered technologies to DISRUPTS, FRUSTRATES and SLOW DOWN the adversaries (External and Internal).
CATEGORIES OF ORGANIZATIONS SERVICED
1 - Telecoms and ISP Organizations. We focus on helping MNOs and Internet service providers in preventing and
mitigating the exploitation of inherent security flaws found in the SS7/Diameter signaling protocols. We also offer
services around the security of subscribers cellular networks, i.e preventing IMSI Catcher attacks, Man-in-themiddle
attacks, port infection attacks, phishing, fundamental cellular network loopholes amongst others.
2 - SCADA/ICS/OT Organizations. We provide a Platform that enables operational engineers and Cybersecurity
personnel to gain control over industrial-networks, detecting malicious activities, identify unauthorized changes,
troubleshoot problems caused by control device mis-configuration or firmware updates, and address compliance and
change management requirements.
3 - Enterprise Organizations. We assist organizations across Financial, Education, Government, Insurance, etc in
implementing proven Cyber security program with the end game of STOPPING BREACHES.
In the final analysis, this framework empowers CISOs, CIOs and Security managers in PROVING to their respective
managements and boards - HOW SECURE IS THE ORGANIZATION AT ANY TIME?
THE VIPDDR CYBER ATTACK KILL CHAIN
RECONNAISSANCEINITIAL
COMPROMISECOMMAND & CONTROL
LATERAL MOVEMENT
TARGET ATTAINMENT
EXFILTRATION, CORRUPTION
& DISRUPTION
PROACTIVE PROTECTION AND DETECTION AUTOMATED CONTAINMENT AND PROTECTION
The first stage in reconnaissance is
identifying potential targets (companies or
individuals) that satisfy the mission of the attackers
(e.g. financial gain, targeted access to
sensitive information, brand damage, etc.).
Once the target or targets are identified, the
attackers determine their best mode of entry.
The initial compromise is usually in the form of
hackers bypassing your perimeter defenses and, in one way or another, gaining access to your
internal network through a compromised system or
user account. Compromised systems
might include your externally facing servers
or end-user devices, such as laptops or desktops.
The compromised device is used as a beachhead into your organization.
Typically, this involves the attacker surreptitiously
downloading and installing a remote-access Trojan
(RAT) so they can establish persistent, long-
term, remote access to your environment.
Once the attacker has an established (persistent)
connection to your internal network, they seek to compromise additional
systems and user accounts. First, they take over the user account on the compromised system. This account helps them
scan, discover, and compromise additional
systems from which additional user accounts
can be stolen.
At this stage of the Kill Chain, the attacker
typically has multiple remote access entry points and may have
compromised hundreds (or even thousands) of
your internal systems and user accounts. They have mapped out and deeply
understand the aspects of your IT environment of
highest interest to them.
The final stage of the attack kill chain, and is
where cost to your business rises
exponentially if the attack is not defeated. This is the stage where the attacker
executes the final aspects of their mission, stealing intellectual property or other sensitive data,
corrupting mission-critical systems, and generally
disrupting the operations of your business.
VISIBILITY ISOLATION PREVENTION DECEPTION DETECTION RESPONSE
DIGITAL ASSETS & IT'S CRITICAL INFRASTRUCTURES!
CYBER ATTACKS AFRICA’SONPROVEN CYBER DEFENSES AGAINST
VIPDDR CYBERSECURITY ARCHITECTURE
RECOMMENDED TECHNICAL CONTROLS
FOR VIPDDR CYBERSECURITY FRAMEWORK
a. PEOPLE (EMPLOYEES/USERS, CUSTOMERS, VENDORS/3RD PARTIES)
Ÿ Email Authentication (DMARC), www.dmarcian.com
Ÿ File Sanitization (CDR), www.votiro.com
Ÿ Email Security Gateway (SaaS/CASB) - and On-Premise www.avanan.com www.ironscales.com
Ÿ Vendors Risk Management (VRM), www.securityscorecard.com
Ÿ Cyber Threat Intelligence (CTI), www.intsights.com
Ÿ Email and File Encryption - www.echoworx.com
b. NETWORKSŸ Threat Intelligence Gateway (TIG), www.ixiacom.com/products/threatarmor
Ÿ IT Assets Management (ITAM), www.axonius.com
Ÿ Anti IP Hijack (AIH), www.bgprotect.com
Ÿ Visibility Fabric Architecture (VFA), www.ixiacom.com/solutions/visibility-architecture
Ÿ Multi Factor Authentication (MFA), www.silverfort.io
Ÿ Browser Isolation Technology (BIT), www.ericomshield.com
Ÿ Zero Trust Software Defined Perimeter (ZT- SDP), www.safe-t.com
Ÿ Insider Threats Monitoring Platform (ITMP), www.teramind.co
Ÿ Network Access Control (NAC), - i.e. Supports IPAM, DHCP and L2 Preventionwww.genians.com
c APPLICATIONSŸ Network Based Website Security (NBWS), - i.e. supports BOT/DDoS, WAF and www.reblaze.com
Traffic Management
Ÿ Interactive Application Security Testing (IAST), www.contrastsecurity.com
Ÿ Runtime Application Self Protection (RASP), www.contrastsecurity.com
Ÿ Next Gen AI Powered SIEM (aiSIEM), www.seceon.com
d ENDPOINTSŸ Active Directory Security (ADS), www.javelin-networks.com
Ÿ Endpoint Protection Platform and Endpoint Detection/Response (EPP/EDR),
www.sentinelone.com
Ÿ Logon Management Platform ( LMP), www.isdecisions.com
e AUTOMATED & CONTINUOS CYBERSECURITY ASSESSMENT PLATFORM (ACCAP)Ÿ IT Assets Management (ITAM), www.axonius.com
Ÿ Breach and Attack Simulation (BAS), www.cymulate.com
Ÿ Vulnerability Risk Management (VRM), www.cronus-Cyber.com
Ÿ Automated Penetration Testing Platform (APTP), www.pcysys.com
f INDUSTRIAL CYBER SECURITY PROGRAM (ICSP)
Ÿ SCADA/ICS/OT, www.indegy.com
Ÿ Telcoms - SS7 Assessment Services, www.ptsecurity.com
Ÿ SAP Security, www.erpscan.com
j CYBERSECURITY EDUCATION PROGRAM (CSEP)
Ÿ Cyber Security Capacity Building
Accra, GhanaAdentan – Frafraha, Accra, Ghana.Tel: +233 244 865815
Addis Ababa, EthiopiaEnat Tower 901-3 Kazanchis, Addis Ababa, EthiopiaTel: +251 947313735
Conakry, GuineaKipe T2, Commune de Ratoma, BP :249 | GUINEE - Conakry, Appelez Nous.Tel: +224 660 846 484, + 224 655747676
Dakar, Senegal4 Cite COMICO - 3 VDN | BP : 5841Dakar - SenegalTel: +221 776399565
Douala, CameroonRue Joffre Byblos plus building at the 3th floor, Akwa, Douala, Cameroon.Tel: +237 651 448 283, +237 666 925 663
Harare, Zimbabwe1st floor Zimpost House, Harare, Zimbabwe. Tel: +263 733 782490, +263 773796365
Kampala, UgandaPlot 8 Kanjokya, Kampala, UgandaTel: +256 772712259
INTERNATIONAL OFFICES
GLOBAL HEADQUARTERS
Lagos, Nigeria
131, Obafemi Awolowo Way, Alausa, 100212, Ikeja, Lagos – Nigeria.
+234 80 999 SMSAM (+234 80 999 76726)+234 818 781 3483, +234 802 632 5087, +234 809 999 2009
[email protected] www.smsam.net
Kigali, RwandaKN 2 AV 2 Nyarugenge, Kigali, Rwanda.Tel: +250 783108740, +250 788682433
Lusaka, ZambiaLubambe Rd, Lusaka, ZambiaTel: +260 965791347
MalawiBox 459, Blantyre, Malawi Tel: +265 999 561003
Nairobi, KenyaWestlands Court, Hse 12, Mangu Gardens, Church Road, off Waiyaki Way, Westlands.Tel: +254 722102854
The Gambia6 Kairaba Avenue, Serrekunda, KSMD, The GambiaTel: +220 2005885
CAMEROON | ETHIOPIA | GHANA | GUINEA | KENYA | NIGERIA
MALAWI | RWANDA | THE GAMBIA | UGANDA | ZAMBIA | ZIMBABWE
Contact Information
