This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Niels_Poulsen
Employee Alumnus
Employee Alumnus
‎2017-11-13 03:28 AM

"Challenge accepted"

Hi folks

So, as I wrote in my first blog-entry, this next one would be about a challenge I got... Though I haven't overcome this challenge yet, I still want to share a bit about it, since it influence what it is that I do as a SE.

As a SE (Security Engineer), I believe that the most important thing, in my daily work, is the ability to tell customers about what Check Point can to to help them secure their infrastructure etc. In that lays the ability to translate the high-technical stuff, to a level where everybody can follow and understand, what it is and why it is important to take it into consideration when they look to secure their environment.  

But I guess that the more you get used to something, the more you talk about a Technic or a product, the more you lean to thing that it's every-mans knowledge which shows in the way you present and talk about IT-security etc. Maybe that's what had happen to me, I don't know... the fact is that I was challenged, even challenged on the one thing that I take the most pride in getting right - so I take it very serious! 

I was challenged during a meeting where I did a presentation of a Security Checkup. In case you guys don't know what that is, I'll start with that...

checkup-icon.jpg

A Security Checkup is a "service" that Check Point offer to any klient, that would like to learn a bit more about what's going on on the network.

To give you an idea of what we look for during a checkup, I'll do a list showing the key things we look for:

  • Downloads of known and unknown malware
  • Access to high-risk web applications
  • Malware-infected computers
  • Exploited vulnerabilities and attacks
  • Data leakage incidents

All in all, what we do, is that we put a Check Point gateway on a SPAN port, which monitors the client network access to and from the internet. We send the traffic through all of our security features and show the findings in a nice report. 

An example of the summary in such a report:

Security Checkup Executive Summary

So why is this a good tool...

  • Immediate awareness to security risks the organization is exposed to
  • Single easy-to-read report that includes all security threats
  • Include recommended remediation steps
  • No risk to the network environment (Mirror Port used)
  • The service is free of charge

Need say more? Smiley Happy

The checkup can be done by a local Check Point rep. or a partner. Both new and existing customer can get a Security Checkup!

If interested, sign up and learn more on this page:

Security CheckUp | Check Point Software 

If already a customer, there's a couple of ways to do the above... if you want to hear more, don't hesitate to contact me and I'll give the introduction and make sure you're guided to the correct people within Check Point.

 

If you'd like to do a "checkup" yourself, you could try running another nice little tool we've got called "CheckMe".

CheckMe runs a series of simulations that test if your existing security technologies can block standard and advanced attacks.

Try it here:

http://www.cpcheckme.com/checkme/ 

So now you know a bit about that Smiley Happy 

Let's go back to the meeting... I was almost through the presentation of a report, generated during a Security Checkup, when the COO looks at me and say; "Niels, I don't understand what it is that you're showing and telling me...?".

This, of course, took me a bit out of focus... Luckily he went on an explained his comment, which gave me some time to regain my focus and continue with the presentation. Though the comment, I had no other way to present the report - the report is what it is - so had to just continue. This was the beginning of the challenge... at the end of the meeting he stood up and said that if we (I) where to change anything... it would be the way we present, it had to be in terms and context that makes sense to the business.

This means I have to tell it another way, so that everyone understands what it is I'm saying and why it's important, to the company, the things that I'm showing. So that's the challenge...

Billedresultat for a challenge I got... challenge accepted

I've decided not to think about the other 40 checkups I've done and afterwards the presentation... did any of them sit back and had the same feeling; what did he just tell me?

So I'm grateful for his comment  - else I'd continued doing it as always!

Maybe this was not a lot about the challenge itself... but hey, that's not where the hard work lies... the hard work lies in the efforts I have to do to overcome the challenge. I've already startet... this blog is one of the steps.

Stay tuned 

Cheers

Niels

4 Replies
Elad_Goldenberg
Employee Alumnus
Employee Alumnus
‎2017-11-14 03:45 AM

Great stuff (as always) Niels!

As discussed, let's work on it!

0 Kudos
Niels_Poulsen
Employee Alumnus
Employee Alumnus
‎2017-11-14 03:53 AM

Deal! Smiley Happy

0 Kudos
Vladimir
Champion
Champion
‎2017-11-14 08:15 AM

Niels,

The presentation of the checkup to the C-level executives could and should, in my opinion, be tailored to the audience in the room.

It is difficult to cater successfully to those with deep technical background and those that got there from operations at the same time.

Even the language should be different.

As someone who was on the receiving side of the checkup as well as someone now presenting my security assessments to management of various companies, I tend to deliver different presentations in each case.

From operations point of view, presenting compliance (or rather non-compliance) findings, tend to strike a note.

To those of deeper technical persuasion, the normal breakdown of the report would mostly work.

And if there are risk management people in the room, language should contain the SLEs, AROs, ALEs and ACS estimates, as well as the correlation of the findings with the impact of similar events on similar companies. Preferably highly publicized.

One of the hot subjects in all regulated industries is the security awareness training. Describing how the UserCheck actions could be employed to improve this process is another great tool. I am not sure if the current checkup includes its use in report's suggestions, but it should.

Regards,

Vladimir

0 Kudos
Niels_Poulsen
Employee Alumnus
Employee Alumnus
‎2017-11-14 11:30 AM

Hi Vladimir

Couldn't agree with you more! As a tool, the checkup is a great icebreaker and easy to "use"  - however it all comes down to how you present the content to the audience. And that is where I got my challenge.
The report that comes out of the checkup is pretty good  - and even improving as we speak - the best I've seen in a built-in event correlation tool. It's a good start but also this I'm looking into - you can always do better 🙂

About the compliance area... yes, it is, and should be, a high priority at many companies. However when it comes to it, when I talk compliance , then that's when I  really start to lose some of them, also at the c-level. Unless you're a big multi-million dollar business, that's not a word used.
Luckily though,  with the GDPR on the doorsteps, compliance has been introduced more broad and the smaller companies has to take it as a priority.
But in the end it comes down to; know your audience! 🙂

Thanks for your thoughts,  Vladimir! 🙂

Cheers

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events