Cyber Security & Information Security
Information and the systems that handle it are critical to the operation of virtually all organizations. Access to reliable information has become an indispensable component of conducting business; indeed, in a growing number of organizations, information is the business. Information Security ensures the Confidentiality, Integrity and Availability of the information.
- Information Security Governance – We Assess, analyse and develop Information Security organizations, strategies, policies and procedures, and align them with enterprise business goals, international standards such as ISO27001, COBIT, and regulatory requirements such as SOX, PCI-DSS, WLA-SCS.
- Information Security, Monitoring and Incident Response Management – We assess
- Identity Management (IDM) – Using our unique methodology, IT Risk Security Analysis and Design on Business Processes (IT-RSA-BUS), we analyse business and IT risks, and identify monitoring rules that should be used with Security Information and Event Management (SIEM) solutions. These solutions enable the collection of information from applications, infrastructure as well as security devices and key-core systems. We define processes, roles and responsibilities for Security Operation Centres (SOC), as well as Incident Response Plan and procedures (IRP)
- Role Management – We assist organizations with efficiently managing access to their organizational information assets using Role-Based Access Control (RBAC). We analyse and define roles (role mining) using both bottom-up and top-down approaches. Using design role management and role authorization processes.
- Information Security Risk Management – Using best practices and standards, we analyse business and technical risks; we evaluate the effectiveness of the existing controls and introduce processes and technologies that can help mitigate the risks.