Establish a strategy
for your information security
Adapt best practices for better information security management.
We Will Help You
- This service is intended for
- Security administrators or IT experts who are in charge of developing a security system.
- CISOs/CSOs who need to enhance their security approach and guarantee its effectiveness against the latest cyber threats.
- This service will help you
- Better understand the practices, capabilities and performance of today’s security
- Better understand the imperatives, scope, limits and responsibilities associated with your security.
- Set goals for your security state tailored to the context of your organization
- Devise a plan and milestones enabling you to reach your security state goals
- This service will also assist
- CEOs and other business leaders who need to know the components of a solid security strategy.
- This service will allow them to
- Appreciate the value and importance of best security practices.
ISO 27000 series
comprehensive standard providing best practice associated with each controls
PCI-DSS
provides more detailed instruction than most other best practices but not much breadth
NIST SP800 series
provides a detailed list of security controls a long with many implementation best practices intended for federal information systems and organization
COBIT 5 for security
comprehensive standard providing best practice associated with each controls
SANS Twenty Critical
security controls provides a great list of controls for effective cyber defence
Our framework for information is built around many best practices and international standards
Visibility, Control, and Recommendations across your estate
Infrastructure
Microsoft
On premises & Other Clouds
Visibility
Monitor policy compliance across hybrid cloud infrastructure
- Security Updates
- Anti-malware signatures
- Security Configuration
Control
Alert policy violations
Automated vulnerability remediation in Azure (runbooks + native webhooks)
Guidance
Recommended security configurations
Threat intelligence reports and mitigation guidance
Apps and Data
Microsoft Office 365
Visibility
Discover 14,000+ SaaS apps, manage them
Sensitive document classification and tracking (anywhere on internet)
Trends on Tenant and Industry
Control
Single identity across SaaS + Intranet
Alert and take action on policy violation (e.g. quarantine overshared files)
Sensitive document encryption access revocation
Guidance
Risk ratings on 16k + SaaS applications
Office 365 Tailored Security Guidance and Prescriptive Recommentations
Devices
Mobile & Unmanaged
Managed
IoT
Visibility
Measure Device Health and Compliance
- Managed Compliant, (Not Compromised)
Inventory & Manage IoT Devices
Entreprise Configuration Management
Control
Mobile Device & Application Management
Author policies, track deployment & state
Conditional Access to accounts/apps
Guidance
Tailored Security Guidance and Prescriptive Recommendations
IoT Reference Architecture with Threat Modelling, Security Maturity Model, and other Guidance
Step 1: Determine security needs
Introduce Security Management
Template: Information Security Strategy Workbook Template
Understand business and IT strategy plans
Template: Information Security Strategy Workbook Template
Define security imperatives, scope, and limits
Template: Information Security Strategy Workbook Template
Define risk tolerance level
Template: Information Security Strategy Workbook Template
Assess security risk profile
Tool: Security Pressure Posture Analysis Tool
Step 2: Carry out a gap analysis
Assess current security capabilities
Tool: Information Security Program Gap Analysis and Roadmap Tool
Review penetration test results
Prerequisite: Penetration Test Results Report
Define security target state
Tool: Information Security Program Gap Analysis and Roadmap Tool
Step 3: Devise initiatives to close the gap
Identify security gaps
Tool: Information Security Program Gap Analysis and Roadmap Tool
Build initiatives to bridge the gap
Tool: Information Security Program Gap Analysis and Roadmap Tool
Estimate resources needed
Tool: Information Security Program Gap Analysis and Roadmap Tool
Prioritize gap initiatives
Tool: Information Security Program Gap Analysis and Roadmap Tool
Determine start time and accountability
Tool: Information Security Program Gap Analysis and Roadmap Tool
Step 4: Put together a Transition plan
Finalize the security roadmap and action plan
Tool: Information Security Program Gap Analysis and Roadmap Tool
Build a security charter
Template: Information Security Charter Template
Build the security program organizational structure
Template: Security Governance Organizational Structure Template
Create a change and communication plan
Information Security Communication Plan Template
Develop a metrics program
Tool: Security Metrics Tool
Develop a security services catalog
Template: Security Services Catalog
We provide you with different levels of assistance to best meet your needs
DIY Toolkit
Guided deployment
Workshop
Consulting
THINK
Secure Your Business and Instill Trust
