N R D C Y B E R S E C U R I T Y

Transcription

1 M A R C H, N R D C Y B E R S E C U R I T Y C y b e r s e c u r i t y t e c h n o l o g y c o n s u l t i n g, i n c i d e n t r e s p o n s e a n d a p p l i e d r e s e a r c h c o m p a n y w i t h a f o c u s o n s e r v i c e s f o r s p e c i a l i z e d p u b l i c s e r v i c e p r o v i d e r s, f i n a n c e i n d u s t r y a n d c o r p o r a t i o n s w i t h h i g h d a t a s e n s i t i v i t y. N R D C S. L T

2 A T A G L A N C E NRD Cyber Security is a cyber security technology consulting, incident response and applied research company with a focus on services for specialized public service providers, finance industry and corporations with high data sensitivity. Our mission is to create a secure digital environment for states, governments, corporations and citizens. NRD Cyber Security is controlled by INVL Technology, UTIB - Nasdaq Vilnius listed closed-end investment in IT businesses company. A B O U T U S In addition to specialized services, NRD Cyber Security through its own CIRT provides cyber security consulting, performs security audits as well as compliance and risk assessments, validates and promotes Critical Controls implementations, designs and implements technologies for cybersecurity defense and information system security, and provides training for corporate information security departments. 2 I n r d c s. l t NRD Cyber Security roots go back to 2008 when Baltic Amadeus Infrastructure Services (now - BAIP) started developing cyber security expertise. As a separate company NRD Cyber Security was established in 2013.

3 Our mission is creating a secure digital environment for states, governments, corporations and citizens via technology platforms, workflows and processes, by: Assisting in cyber-defence capabilities own CSIRT/SOC services and capabilities establishment for organisations and nations; Detecting and handling cyber incidents, threat intelligence and information sharing for National CERT, ISPs, government, cyber police, corporations; Monitoring national critical infrastructure with federated cyberdefence model; Law enforcement analytics and defence intelligence automation; Monitoring social and open internet for crime, fraud, attacks, information warfare, brand/opinion analysis ( OSINT) a platform for CERTs, cyber- police, national security services, enterprises. Resolving forensic investigations faster and more efficiently with centralized processing, early case assessment, verification processes for cyber- police, courts, forensic science centres; Effective fraud mitigation for defence against internal, outsider and hybrid fraud. 3 I n r d c s. l t

4 PARTNERSHIPS WE ARE A MEMBER OF RESEARCH PARTNERSHIPS 4 I n r d c s. l t

5 C O R P O R A T E M A N A G E M E N T NRD CYBER SECURITY IS A PART OF INVL TECHNOLOGY GROUP OF COMPANIES. INVL Technology is a closed-end investment company (UTIB) which invests in IT businesses and is listed on Nasdaq Vilnius exchange. INVL Technology managed companies operate in 9 countries and have completed projects in more than 50 countries worldwide. 5 I n r d c s. l t

6 ACCESS TO MARKETS VIA OUR LOCAL OFFICES IN LITHUANIA, LATVIA, ESTONIA, NORWAY, MOLDOVA, TANZANIA, UGANDA, RWANDA AND BANGLADESH, AND PROJEC T EXPERIE NC E IN 50+ COUNTRIES WORLDWIDE. Central and South America South & Southeast Asia Sub-Saharan Africa 6 I n r d c s. l t

7 R E G I O N A L P A R T N E R S H I P S NRD Cyber Security works closely with other INVL Technology managed companies as well as other regional partners. NRD Cyber Security services are also available via local partners in these countries: Lithuania Moldova Rwanda Latvia Norway Uganda Estonia Tanzania Bangladesh 7 I n r d c s. l t

8 N R D C Y B E R S E C U R I T Y I N C I D E N T R E S P O N S E T E A M ( N R D C I R T ) 1 st private Lithuanian cyber security incident response team established in Member of FIRST and Trusted Introducer family. Situational awareness; Security incid e nt investiga tio n a nd ha ndl i ng; Digital forensics; Malware code analysis; Pro-active post-incident response activities; Secure volume storage and image retention capabilities; Mobile Forensics. 8 I n r d c s. l t

9 O U R R E S E A R C H & D E V E L O P M E N T NRD Cyber Security consultants, in cooperation with international institutions and scholar communities in Lithuania and abroad, actively contribute to R&D projects in the field of cyber security. RESEARCH PUBLICATIONS THAT WE HAVE CONTRIBUTED TO: 9 I n r d c s. l t

10 O U R R E S E A R C H & D E V E L O P M E N T National Data Map of Lithuania was created by NRD Cyber Security Intelligence Analysis Experts to develop a model for effective use of data managed by Lithuanian institutions. 10 I n r d c s. l t

11 O U R O W N P R O D U C T S FEDERATED CYBER DEFENCE SYSTEM DEEPEYE. Detect, analyse and remediate threats. OSINT SOFTWARE MODULE INTELEYE. Reduce informational clutter and automate intelligence gathering. 11 I n r d c s. l t

12 O U R K E Y M A R K E T S Central governments Intelligence and law enforcement Critical infrastructure Enterprise security 12 I n r d c s. l t

13 N R D C Y B E R S E C U R I T Y S E R V I C E S NRD Cyber Security assists organizations with every aspect of cyber security. PREVENT RESPOND SECURITY MANAGEMENT CAPACITY BUILDING TRAINING AND AWARENESS 13 I n r d c s. l t

14 14 I n r d c s. l t SERVICES: PREVENT NRD Cyber Security prevention services help organizations increase their resilience and avoid expensive and disruptive incidents through comprehensive security check, information security risk management, network vulnerability assessment (penetration testing), social engineering testing and training and awareness. Comprehensive Security Check Information Security Risk Management Network Vulnerability Assessment (Penetration Testing) Social Engineering Testing SUCCESS STORIES: Comprehensive Security Check for Competition Council of the Republic of Lithuania Certification & Security Audit of Election Management System (Tanzania and Zanzibar)

15 15 I n r d c s. l t SERVICES: RESPOND No organisation is immune to cyber or information security incidents. How you handle the incident determines whether it is complete recovery or total disaster. NRD CIRT is a first private Baltic incident response team that helps organizations properly handle the incidents and investigate them. If you are facing fraud, intellectual property theft, industrial espionage, network compromises, employee misuse or malware, our incident response team will provide a fast and on-site incident handling services in a seamless, professional and timely manner. Incident Handling Digital Forensics SUCCESS STORIES: Services provided to undisclosed law enforcement agencies and private companies

16 16 I n r d c s. l t SERVICES: SECURITY MANAGEMENT Security needs to be managed and information security threats have to be recognized, understood, prevented, discovered, mitigated and contained. Our security management services assist organizations in establishing their own information security management systems or enables them to outsource professional security management services. Information Security Management Security Operating Center (SOC) Services SUCCESS STORIES: COBIT 5 implementation at Banque de la République du Burundi (BRB) Set up of monitoring system at Lithuania s Centre of Registers

17 17 I n r d c s. l t SERVICES: CAPACITY BUILDING Secure digital environment requires proper national, organizational and personal habits and capabilities. NRD Cyber Security helps nations and organizations across the world to assess the level of their cyber security maturity, develop roadmaps or cybersecurity strategies, establish their own CSIRTs, digital forensic labs, boost their cybersecurity by OSINT, data integration or analysis solutions, empower law enforcement agencies with necessary capabilities. CSIRT Establishment OSINT Solutions SUCCESS STORIES: Bangladesh National Computer Incident Response Team Establishment (ongoing) Implementation of Advanced Analysis Solution at the Customs Department of the Republic of Lithuania

18 18 I n r d c s. l t SERVICES: TRAINING AND AWARENESS Technology and processes will not work if skills are absent. NRD Cyber Security is a trusted provider of cyber security, intelligence, OSINT, digital forensics trainings to public and private sector professionals and specialized organizations. We offer a number of analysis training courses that can be tailored to client s unique needs. Cybersecurity Training Intelligence Analysis Training OSINT training SUCCESS STORIES: Cyber Defence Capacity Building annual Cyber Defence conferences held in Lithuania and East Africa.

19 O U R S U C C E S S S T O R I E S NRD Cyber Security assists organizations with every aspect of cyber security. PREVENT RESPOND SECURITY MANAGEMENT CAPACITY BUILDING TRAINING AND AWARENESS 19 I n r d c s. l t

20 B A N G L A D E S H N A T I O N A L C O M P U T E R I N C I D E N T R E S P O N S E T E A M E S T A B L I S H M E N T Bangladesh e-government Computer Incident Response Team (BGD e-gov CIRT) was established at BCC under the project "Leveraging ICT for Growth, Employment and Governance Project (LICT)", financed by the World Bank. Certified BGD e-gov CIRT establishment is the first stage of the National CIRT development process. 20 I n r d c s. l t

21 B A N G L A D E S H C S I R T L A B E S T A B L I S H M E N T A f t e r t h e e s t a b l i s h m e n t o f B G D e - G o v C I R T, t h e n e e d f o r i n c r e a s e d m a t u r i t y w a s i d e n t i f i e d a n d B C C C I R T L A B w a s e s t a b l i s h e d t o p r o v i d e B G D e - G o v C I R T w i t h a d d i t i o n a l O S I N T, i n c i d e n t i n v e s t i g a t i o n, e d u c a t i o n a n d s c i e n t i f i c a p p l i e d a p p r o a c h c a p a b i l i t i e s t h r o u g h d e s i g n, i m p l e m e n t a t i o n a n d t r a i n i n g o f B C C C I R T L A B. T h e L a b o r a t o r y s t r e n g t h e n a b i l i t i e s a n d a u t o m a t i o n o f t h e t e a m, h e l p e d B G D e - G O V C I R T t o f u l f i l i t s f u n c t i o n a l r e s p o n s i b i l i t i e s a n d a s s i s t e d i n p r o v i d i n g C I R T s e r v i c e s i n a l i g n m e n t w i t h l a t e s t F I R S T C S I R T S e r v i c e s F r a m e w o r k. 21 I n r d c s. l t

22 M E T H O D O L O G Y F O R I D E N T I F I C A T I O N O F N A T I O N A L C R I T I C A L I N F O R M A T I O N I N F R A S T R U C T U R E Methodology for identification of national critical information infrastructure was developed and put into law of the Republic of Lithuania. The methodology was successfully applied to produce a list of Lithuania s national critical information infrastructures, which was subsequently approved by the Cabinet. 22 I n r d c s. l t

23 S E C U R E S O F T S E C U R I T Y O P E R TION CENTER M A T U R I T Y A S S E S M E N T Secure Soft company offers cyber security solutions in a couple of South American markets. In order to ensure that the services and solutions they provide would be consistent with international standards, the company wanted to assess the level of maturity of their SOC as well as the capabilities of the technologies they use. NRD Cyber Security team has carried out the assessment using a methodology that combines a broad spectrum of fields such as staff, business goals, technologies and processes. 23 I n r d c s. l t

24 B H U T A N N A T I O N A L C Y B E R S E C U R I T Y I N C I D E N T R E S P O N S E T E A M D E V E L O P M E N T Bringing maturity and stability to Bhutan's digital economy via enhanced cyber security and national BtCIRT establishment. Fully operational BtCIRT was set up within the Department of IT & Telecom in the Ministry of Information and Communications in order to coordinate information flow, respond to and manage cyber threats, and enhance cyber security in the country. 24 I n r d c s. l t

25 S E T U P O F M O N I T O R I N G S Y S T E M A T L I T H U A N I A S C E N T R E O F R E G I S T E R S Lithuania s Centre of Registers administers main state digital registers. The client required a system that could provide a centralised collection of computer events and provide a real-time analysis of security alerts. Configured security information and event management system collects events from physical and virtual server, network devices and applications. 25 I n r d c s. l t

26 I N F O R M A T I O N S Y S T E M S S E C U R I T Y C O M P L I A N C E A S S E S S M E N T Compliance assessment against external information security requirements and ISO 27001:2013 security controls and a detailed report on technological vulnerabilities for the Ministry of Interior of the Republic of Lithuania Report to the management on a general security status, most dangerous vulnerabilities and a list of priority security improvement measures. 26 I n r d c s. l t

27 C O B I T 5 I M P L E M E N T A T I O N A T B U R U N D I C E N T R A L B A N K Implementation of COBIT 5 framework, recognised by central banks and other organisations around the world, will help the Bank of the Republic of Burund to apply the technology more effectively and boost its operational excellence, improving the services to other financial organisations and benefiting the whole economy. NRD Cyber Security experts are contributors to COBIT 5 framework. 27 I n r d c s. l t

28 C Y P R U S C I R T E S T A B L I S H M E N T C y p r u s C S I R T w a s e s t a b l i s h e d i n o r d e r t o c r e a t e a t e a m o f 1 0 p r o f e s s i o n a l s w h o m o n i t o r a n d a n a l y z e c y b e r i n c i d e n t s i n t h e n a t i o n a l d i g i t a l e n v i r o n m e n t o f C y p r u s a n d m a n a g e v a r i o u s s t a k e h o l d e r s t o h a n d l e a n y t h r e a t s. N R D C y b e r S e c u r i t y h a s b e e n c h o s e n d u e t o e x p e r i e n c e i n s i m i l a r s c o p e C S I R T p r o j e c t s. A f t e r s u c c e s s f u l s e t - u p p r o c e s s, N R D C y b e r S e c u r i t y t e a m h a s b e e n i n v i t e d o n c e a g a i n t o e s t a b l i s h a n d s h o w c a s e n e w p r o c e d u r e s. 28 I n r d c s. l t

29 D I G I T A L F O R E N S I C L A B S E T - UP C u s t o m o f t h e R e p u b l i c o f L i t h u a n i a d a i l y i s c a r r y i n g o u t a n u m b e r o f i n v e s t i g a t i o n s, b u t f o r a l o n g t i m e t h e w h o l e p r o c e s s w a s v e r y i n e f f e c t i v e. M a n y p a r t s o f t h e i n v e s t i g a t i o n w e r e p e r f o r m e d b y d i f f e r e n t s t a k e h o l d e r s a n d t h e m o r e o p t i m i z e d p r o c e s s w a s r e q u i r e d. N R D C y b e r S e c u r i t y h a s p r o v i d e d s t a n d a r d i z e d e q u i p m e n t, d i d t h e s e t - u p o f t h e l a b a n d p r o v i d e d t r a i n i n g h e n c e e n a b l i n g t h e o r g a n i z a t i o n t o p e r f o r m m o r e t a s k s i n - h o u s e. 29 I n r d c s. l t

30 C Y B E R D E F E N C E C A P A C I T Y B U I L D I N G In order to assist organisations in developing practical cyber security skills, NRD Cyber Security with NRD Companies have been organising annual Cyber Defence Lithuania and Cyber Defence East Africa conferences since The conference serves as a knowledge sharing, networking and capacity building platform, aimed to address cyber security issues and bring together the Government, the ICT Industry and Academia in efforts to create a better and more secure digital environment for the states, governments, businesses and citizens. 30 I n r d c s. l t

31 S E N S O R T E C H N O L O G Y F O R B A N G L A D E S H N R D C y b e r S e c u r i t y, E u r o p e a n c o m p a n y, h a s s i g n e d t u r n k e y c o n t r a c t w i t h t h e B a n g l a d e s h C o m p u t e r C o u n c i l ( B C C ) f o r t h e s u p p l y, i n s t a l l a t i o n a n d c o m m i s s i o n i n g o f C y b e r S e n s o r s. T h e u l t i m a t e g o a l o f t h e p r o j e c t i s e n a b l e m e n t c y b e r v i s i b i l i t y a n d o v e r s i g h t o f C r i t i c a l I n f o r m a t i o n I n f r a s t r u c t u r e s ( C I I s ) a t n a t i o n a l l e v e l i n B a n g l a d e s h. C y b e r v i s i b i l i t y a l l o w s t i m e l y d e t e c t i o n, m i t i g a t i o n, a n d r e s p o n s e c o o r d i n a t i o n t o c y b e r - a t t a c k s i n C I I s a t n a t i o n a l a n d C I I s l e v e l s. 31 I n r d c s. l t

32 I N F R A S T R U C T U R E I M P R O V E M E N T F O R L I T H U A N I A N C O M M U N I C A T I O N S R E G U L A T O R Y A U T H O R I T Y T h e o r g a n i z a t i o n h a d b e e n e s t a b l i s h e d 1 0 y e a r s a g o a n d s i n c e t h e n t h e y d i d t h e i r p r o g r a m m i n g i n h o u s e a s w e l l a s u s e d o w n d e s i g n t o o l s. I n o r d e r t o a l l o c a t e m o r e t i m e f o r i n c i d e n t h a n d l i n g, t h e o r g a n i z a t i o n w a n t e d t o o p t i m i z e p r o c e s s e s a n d u s e t h e t o o l s t h a t a r e p o p u l a r a m o n g s t o t h e r s t a n d a r d i z e d C S I R Ts. N R D C y b e r S e c u r i t y h a s b e e n p a r t o f C S I R T c o m m u n i t y f o r a l o n g t i m e a n d w a s a b l e t o p r o v i d e t h e m o s t r e l e v a n t a n d u p - to- d a t e t o o l s a n d a s s i s t a n c e. 32 I n r d c s. l t

33 C Y B E R S E C U R I T Y R I S K A S S E S S M E N T F R A M E W O R K A N D A S S O C I A T E D C O M P L I A N C E M O N I T O R I N G S Y S T E M On-going. C y b e r s e c u r i t y r i s k a s s e s s m e n t f r a m e w o r k f o r Bangladesh CIIs and associated CII cyber security compliance monitoring system is being developed to strengthen the resilience of national CIIs and define roles and responsibilities in national CIIP. The project is financed by the World Bank. 33 I n r d c s. l t

34 KEY TECHNOLOGY FOR CYBERSECURITY RESILIENCE 34 I n r d c s. l t

35 KEY TECHNOLOGY FOR LAW ENFORCEMENT 35 I n r d c s. l t

36 KEY TECHNOLOGY FOR CIRT/SOC & CYBER DEFENCE 36 I n r d c s. l t

37 O U R G U I D I N G P R I N C I P L E S From our experience these factors are the key to success of any project: UNDERSTAND UNIQUE CLIENT NEEDS 37 I n r d c s. l t We allocate time and resources to collect information, analyse and engage with our clients and the context in which our solution or services will be deplo y e d. OFFER EFFECTIVE SOLUTIONS We are vendor-independent company which means that we can always offer you several alternative solutions, including open -source and tailor- mad e, to fit your particu l ar situation. BUILD SUSTAINABLE ORGANISATIONS We are not interested in selling you another expensive box that no - one knows how to use. We transfer knowledge, train your team and provide continuous post-project support to create real long -term value to your organisation. BE RESEARCH DRIVEN We contribute to global cyber security research, invest in our own research and development projects and disseminate this information to all our projects. We follow internationally accepted methodologies and standards. USE LOCAL DEPLOYMENT TEAMS When delivering projects around the globe, we are organised around special deployment teams that are headed by project leaders experienced in multicultural environments.

38 O U R L E A D I N G C O N S U L T A N T S We are proud to be the home for some of the brightest individuals in information technology and consulting fields. 38 I n r d c s. l t

39 39 I n r d c s. l t O U R L E A D I N G C O N S U L T A N T S ABOUT PROF. VILIUS BENETIS AREAS OF EXPERTISE PROF. VILIUS BENETIS CEO Vilius Benetis specializes in law enforcement e-crime optimization platforms, digital surveillance (OSINT), incident response capability establishment, public sector information security consulting, IT infrastructure architecture, IT security automation, and telecommunications engineering and compliance management. Prof. Benetis is also a researcher and a promoter of Critical Security Controls for Effective Cyber Defense, who has twenty years of experience in the IT sector and ten years of experience in IT project management, IT auditing, and IT consultancy. Vilius is the chairman of ISACA Lithuania Chapter. Dr. Vilius Benetis graduated from Kaunas Technical University, as well as from Danish Technical University in BSc in Computer Science, MSc and PhD in Tele-traffic Engineering. Cyber Security ICT Governance & Audit SOC/SCIRT Establishment Public Sector Information Security Consulting IT Infrastructure Architecture MEMBERSHIP IN PROFESSIONAL ASSOCIATIONS CISA, CRISC by ISACA Vice-president and Cyber Security Director of ISACA Lithuanian Chapter

40 40 I n r d c s. l t O U R L E A D I N G C O N S U L T A N T S ABOUT ROMUALDAS LEČICKIS AREAS OF EXPERTISE ROMUALDAS LEČICKIS CHIEF CONSULTING OFFICER Romualdas Lečickis is a senior consultant, focused on enterprise IT governance, cyber security, business continuity management, and security transformation projects. Mr Lečickis has fifteen years of experience in the IT sector. Previously, Romualdas established and lead Information Technology Department at the National Paying Agency under the Ministry of Agriculture. Under his management the National Paying Agency of Lithuania was successfully certified for ISO Romualdas has extensive experience in using and implementing the COBIT5 framework. He has performed many assessments of the maturity of COBIT5 processes, establishment of the links between enterprise goals, IT goals and COBIT processes in the IT audit projects. Corporate Governance of Information and Cyber Security IT Governance and Implementation of COBIT Risk Assessment and Audit MEMBERSHIP IN PROFESSIONAL ASSOCIATIONS CISM, CISA, CGEIT, CRISC by ISACA PRINCE 2 Certification Director & Education Chair of ISACA Lithuanian Chapter

41 41 I n r d c s. l t O U R L E A D I N G C O N S U L T A N T S ABOUT DARIUS DULSKAS AREAS OF EXPERTISE DARIUS DULSKAS HEAD OF SALES Darius Dulskas is cyber security consultant and certified international project manager, focused on cyber security technologies. Darius is responsible for leading sales processes at NRD Cyber Security. Previously, Darius worked in the public sector - as IT specialist at the National Health Insurance Fund under the Ministry of Health, Republic of Lithuania. Before that, he was a Customer Service Representative for Technical Support (Microsoft products) at Arvato services. Darius holds a Bachelor degree in Applied Informatics from Vilnius University. Cyber Security Technology IT Project Management Cyber Security Business Development Vendor Relationship Management MEMBERSHIP IN PROFESSIONAL ASSOCIATIONS CompTIA Project+ certificate ITIL v3 Foundation certificate

42 42 I n r d c s. l t O U R L E A D I N G C O N S U L T A N T S ABOUT AKVILĖ GINIOTIENĖ AREAS OF EXPERTISE Mrs. Akvilė Giniotienė is a security governance expert with a broad knowledge and extensive experience in state governance, public sector transformation and change enablement to increase national resilience against multi-faceted threats. National Cyber Security Policies and Strategies IT Governance National Critical IT Infrastructure AKVILĖ GINIOTIENĖ SECURITY GOVERNANCE EXPERT Mrs. Giniotienė provides consultancy services to public and private organizations on cyber security policies and strategies, legislation, good practices implementation, critical information infrastructure protection, IT governance and information security. Prior to joining NRD Cyber Security, Mrs. Giniotienė held a number of senior management positions in the Government of the Republic of Lithuania and international organizations, where she dealt with many complex issues and focused on increasing national and international resilience to emerging threats.

43 43 I n r d c s. l t O U R L E A D I N G C O N S U L T A N T S ABOUT RIMTAUTAS ČERNIAUSKAS AREAS OF EXPERTISE RIMTAUTAS ČERNIAUSKAS TECHNICAL CYBER SECURITY CONSULTANT, INVESTIGATOR Mr. Rimtautas Černiauskas has 25 years of experience in the field of information technology. Prior to work at NRD Cyber Security, Mr. Černiauskas was the Head of National Cyber Security Center of Lithuania. Mr. Černiauskas also served as Director of Cyber security and telecommunication service under Ministry of Defense of Lithuania, and held other senior management positions at the Government of the Republic of Lithuania. National Information and Cyber Security National Cyber Security Centre Establishment and Operation Cyber Security Laws and Regulation MEMBERSHIP IN PROFESSIONAL ASSOCIATIONS CISSP ITIL Foundation PRINCE2 Foundation MCT, MCSA, MCITP, MCTS, MCP

44 44 I n r d c s. l t O U R L E A D I N G C O N S U L T A N T S ABOUT MARIUS URKIS AREAS OF EXPERTISE MARIUS URKIS NRD CIRT LEAD, CYBER SECURITY INCIDENT RESPONSE AND FORENSICS EXPERT Marius Urkis is a senior consultant researcher, with 20 years of experience in the IT sector. At NRD Cyber Security he is responsible for commercial services for security incidents prevention, detection, triage and recovery, SIEM, vulnerability and compliance management, National defense intelligence solutions, Counter fraud management solutions, Intelligent Law Enforcement and Forensic investigations laboratory, among other things. Prior to work at NRD Cyber Security, Mr Urkis was team lead at LITNET (Network of academic research and other nonprofit organizations) CERT for 14 years. He led the establishment and management of LITNET CERT, development and deployment of incident handling related processes, and deployment of security related tools. He also assisted in successful FIRST certification process for 4 CERT organisations. SOC/CSIRT Establishment and Operations National Critical Information Infrastructure Identification Vulnerability and Compliance Management Forensic Investigations

45 45 I n r d c s. l t O U R L E A D I N G C O N S U L T A N T S ABOUT RŪTA JAŠINSKIENĖ AREAS OF EXPERTISE RŪTA JAŠINSKIENĖ INTELLIGENCE ANALYSIS EXPERT Mrs. Rūta Jašinskienė is an intelligence analysis expert and trainer with an extensive background in international police cooperation and investigations, intelligence monitoring, tactical and strategic analysis. Prior to joining NRD CS team, Mrs. Rūta Jašinskienė had been working at the police units for 20 years. She was responsible for drug control and organized crime investigations, including tactical and strategic analysis. For the last ten years she lead a unit in charge of national competence and coordination role among police units as well as law enforcement agencies in drug control and intelligence analysis area. She also contributed to setting up an intelligence and public data management process at Lithuanian police. Intelligence analysis Monitoring, tactical and strategic analysis International police cooperation and investigations MEMBERSHIP IN PROFESSIONAL ASSOCIATIONS IALEIA (International Association of Law Enforcement Intelligence Analysts) IACA (International Association of Crime Analysts)

46 46 I n r d c s. l t O U R L E A D I N G C O N S U L T A N T S ABOUT SIGITAS ROKAS AREAS OF EXPERTISE SIGITAS ROKAS CORPORATE GOVERNANCE OF INFORMATION SECURITY EXPERT Mr. Sigitas Rokas, CISM is Information Security and Continuity Management expert and GRC professional, specialised in preparation, management and implementation control of complex and multiorganisational information security programs and international projects. Sigitas has 15 years' of experience in IT sector and 7 years' of experience in the energy sector as the Chief information security officer at national company Lithuanian energy. Sigitas worked in various industries, including biggest Scandinavian bank Swedbank. Mr. Sigitas Rokas is civil cyber security expert in NATO and has significant experience in protection of national critical infrastructure like electricity grids and nuclear power plants. Corporate Governance of Information Security SOC/CSIRT Establishment Information Security Standards and Good Practices MEMBERSHIP IN PROFESSIONAL ASSOCIATIONS ISACA member, CISM

47 47 I n r d c s. l t O U R L E A D I N G C O N S U L T A N T S ABOUT KAZIMIERAS SADAUSKAS AREAS OF EXPERTISE KAZIMIERAS SADAUSKAS OSINT EXPERT Mr. Kazimieras Sadauskas is an OSINT (Open Source Intelligence) expert with broad knowledge in OSINT gathering and analysis techniques. He provides consultancy services to public and private organizations on information gathering, information monitoring techniques as well as gives training for government and private organizations on OSINT methodologies, information analysis and information security topics. Prior to joining NRD CS, Kazimieras gained vast experience in information gathering and analysis, strategic planning and management as a marketing expert and top-level manager in various commercial organizations. OSINT Gathering and Analysis Techniques Strategic Planning and Management Marketing Management MEMBERSHIP IN PROFESSIONAL ASSOCIATIONS National Defence Volunteer Forces

48 48 I n r d c s. l t O U R L E A D I N G C O N S U L T A N T S ABOUT ŠARŪNAS VIRBICKAS AREAS OF EXPERTISE ŠARŪNAS VIRBICKAS INFORMATION SECURITY LEGAL EXPERT Mr. Šarūnas Virbickas is an Information security legal adviser a legal expert with a focus on Information Technology. He has a broad geographical knowledge of different legal systems and regulations as Mr. Šarūnas Virbickas holds a Master s degree in Law (LMM) from Vytautas Magnus University (Commercial Law) and Stockholm University (Law and Information Technology) and certificate in Transnational Law from Michigan State University. Prior to joining NRD CS team Mr. Šarūnas Virbickas has used to work in Public sector as a Chief specialist / Adviser at Governmental Representative Office and Ministry of the Interior of the Republic of Lithuania where he was involved in legislation process by drafting various acts and Administrative supervision of municipalities. Legal Aspects of Information and Cyber Security Data protection E-Commerce regulation MEMBERSHIP IN PROFESSIONAL ASSOCIATIONS PRINCE2 Foundation in PM Certified AccessData Examiner (ACE) Member of the ISACA Lithuania Chapter Member of Corporate Lawyers Division of the Lithuanian Lawyers' Association

49 C O N T A C T U S NRD CS, UAB Phone: info@nrdcs.lt Gynėjų str. 14, Vilnius LT-01109, Lithuania Company code: VAT code: LT Dr. Vilius Benetis, Directo r vb@nrd.no 49 I n r d c s. l t