Dunbar has integrated the latest technologies to help our customers navigate the challenges of cybersecurity and protect the confidentiality of their information. Due to the growing number of threats in the digital space, the need for compliance and operational transparency has never been greater. As a managed services provider, we empower businesses to become compliant with all relevant laws, regulations and industry-best frameworks.
Dunbar implements CIS in our own Security Operations Center and for our clients through our managed security services.
The CIS Controls are a defined set of practices that reduce the vast majority of your organization’s vulnerabilities and most prevalent cyber-attacks. These guidelines provide a foundation for addressing additional security standards such as HIPAA, PCI DSS, and ISO/IEC 27002.
Security Standards for the Protection of Electronic Protected Health Information (e-PHI) to maintain the Confidentiality, Integrity and Availability of data that is held or transferred in electronic form. The Health Insurance Portability and Accountability Act (HIPAA) Security Rule requires covered entities to maintain reasonable and appropriate administrative, technical, and physical safeguards for protecting e-PHI.
Minimum requirements for protecting credit card account data, set by the Payment Card Industry Security Standards Council to mitigate risks and ensure security controls are properly implemented. The Payment Card Industry Data Security Standard (PCI DSS) safeguards cardholder transactions and maintains security when storing, processing and transmitting data.
Dunbar provides intrusion detection, prevention and vulnerability scanning to fulfill specific compliance and reporting requirements. Dunbar’s 24/7 Security Operations Center (SOC) is staffed by experienced, certified professionals to ensure that key controls relevant to a broad range of compliance mandates are met.
Log management collects and normalizes log data from the entire IT infrastructure and presents it through an intuitive web interface. Our review service adds daily reporting by security analysts with eyes for detail and brains for finding the meaning in vast amounts of log data. Security Information and Event Management (SIEM) solutions provide real-time analysis, logging and reporting of security alerts generated by network hardware and applications.
Web Application Firewall (WAF) blocks web application attacks with a combination of signature-based detection and application behavior profiling, stopping unauthorized activity before an attack compromises an application. Dunbar provides 24/7 monitoring and incident escalation with ongoing WAF tuning and management.
Published by the National Institute of Standards and Technology (NIST) to ensure that federal controlled unclassified information (CUI) is protected when processed, stored, and used in non-federal information systems and organizations.
Best practice recommendations by the International Organization for Standardization (ISO) for information security management including the selection, implementation and maintenance of information security management systems (ISMS).
Select controls within the process of implementing an ISMS based on ISO/IEC 27001;
Implement commonly accepted information security controls;
Develop their own information security management guidelines.
The Federal Financial Institutions Examination Council (FFIEC) is a formal interagency body who advocates for uniform principles, standards and report forms in support of established financial institutions.
In recent years, the FFIEC has taken the necessary steps to raise cybersecurity awareness on behalf of third-party service providers. Effective June 2013, the FFIEC announced the creation of the “Cybersecurity and Critical Infrastructure Working Group” to enhance communication, increase readiness and identify gaps in examination procedures to strengthen the oversight of cybersecurity.