For Member IT Personnel:
For Member Cooperative End Users:
All GSEC Member Cooperatives, their Employees, and affiliated parties.
Cyber Security Awareness and Vulnerability Mitigation
Onsite or virtual cyber security training focusing on either:
Member Cooperative IT Personnel:
Member Cooperative End Users:
There is no cost to Members.
Conference call on cyber security current events will be held based on availability of topics and GSEC personnel. It is anticipated that the call will occur once per month. Continuation of service is dependent on interest of Members and will be monitored for number of participants.
For onsite activities, Member Cooperatives will designate a project owner for the engagement and provide access to necessary personnel, facilities, systems, documentation, etc., including the following:
Golden Spread Security Operations Center personnel will assist Member with enrollment in Department of Homeland Security program that provides external threat monitoring and intelligence.
Member IT and Security Personnel.
GSEC will contact DHS and request the proper forms to enroll in the free program. GSEC will also work with the member cooperative to collect the external IPs for their network to be scanned for the continuous external vulnerability reports.
DHS will provide a weekly report of the vulnerabilities available to external attackers, trending for the Energy Sector, and improvements and/or digressions in security posture from week-to-week.
Enrollment in the program is free. While GSEC has a strong relationship with the Dept. Of Homeland Security, there is no guarantee that the Department of Homeland Security will accept the Member’s application into the program.
Threat intelligence/DNS Monitoring findings will be communicated within a monthly report.
Official DHS Cyber Hygiene Report will be provided once-per-week after the first two weeks in the program.
Each member cooperative will need to sign a Protected Critical Infrastructure Infromation (PCII) form for DHS. This protects the member cooperative's information and acknowledges that DHS can use trending data but cannot use an entities name in any information disclosures.
The incident response capability offers onsite and remote assistance coordinating, investigating, and responding to cyber incidents. Remote response capabilities are available 24x7x365.
Incident Response Consultants will assist member cooperatives in determining the source, scope, magnitude and impact of incidents and guide them through appropriate mitigation activities.
All Member Cooperatives.
Remote assistance and on site deployment of a Senior Incident Response Engineer to assist with, coordinate, and facilitate the security event and breach investigation. Support could include: malware analysis, log review and analysis, forensics services, communication support with regulators and federal investigators, and indirect access to federal threat intelligence.
The remote support capability will include review and analysis of suspicious files, system log files, network packet captures, network flow analysis, and SIEM data (for customers of the Managed SIEM service).
Upon request, a report will be provided at the conclusion of the analysis that describes the findings (who, what, where, when and why) with additional response guidance, to include suggested short term mitigation actions and recommended long-term remediation activities to avoid reoccurrence.
Pricing will be a pre-negotiated hourly rate for fixed blocks of time:
Onsite:
Remote:
Onsite support will incur travel charges. Onsite blocks of hours can also be used for remote support, but remote support blocks of hours can not be used for onsite support.
Remote assistance available within 8 hours of request, while On-site support will be available within 48 hours of request.
GSEC staff will work with Cooperatives to obtain the artifacts for analysis via: