IT SECURITY FUNDAMENTALS: INFORMATION SECURITY RISK ASSESSMENT
You’ve heard the term Risk Assessment often enough. But cutting through the IT-speak, what is it exactly? What does it encompass?
Consider a risk assessment like checking the doors and windows on your network. With all of the confidential corporate and customer information in your database, you would never consider leaving those doors and windows open. But beyond the entryways that are easy to see, are there other access points that are not so obvious? Is your network at risk of experiencing a devastating breach?
An Information Security Risk Assessment will provide your organization with an objective evaluation of the security of your information infrastructure. It is your organization’s first step in your IT Security Health Check and Get Well Plan.
THE GET WELL PLAN: RISK ASSESSMENT COMPONENTS
ICS can help you determine which Risk Assessment components are most appropriate for your organization based on your specific needs and resources.
Information Security Risk Assessment
Includes threat and vulnerability identification, risk determination and impact analysis.
Gap Analysis
A follow-up to measure improvements that have been made following the initial assessment. Deficiencies are identified, prioritized, and remediation strategies provided.
Security Policy Review
A review of organizational security policies as compared to relevant standards (e.g., NIST, ISO, COBIT).
Policy Development
To ensure the integrity and availability of organizational data.
AN EFFECTIVE PARTNER:SECURITY-FOCUSED, BUSINESS-MINDED
A sound reputation, experienced consultants with reach-back to the ICS virtual team, business-minded and security-focused. Those are just a few of the ICS differentiators.
ICS has conducted more than 150 comprehensive Risk and Technical Security Assessments using industry best practices and standards including ISO 27002, National Security Agency Information Assurance Methodology, and National Institute of Standards and Technology SP800-series. We also offer a full portfolio of security-focused IT solutions, including: staff augmentation and support, network penetration testing, application vulnerability testing, disaster recovery and business continuity planning, risk assessments, WAN optimization, forensics, and incident response services.
DID YOU KNOW?
In 2008, a reported 285 million records were breached. Average cost per record: $202.
In 2009, the average cost per Personally Identifiable Information (PII) record compromised rose to $11,000.
The average organizational cost of a data breach continues to rise
with an increase of 35% over the last 3 years.
2006: $5M
2007: $6.35M
2008: $6.65M
2009: $6.75M
For more information download this free resource.