Have you assessed your security architecture recently?
Cyber-security has been a trending topic for some months now, especially in the wake of attacks against big name organisations such as Sony, JPMorgan Chase and Home Depot. These attacks have brought the cyber-security debate front and centre, and have raised questions about the effectiveness of information security in the private sector.
There are many things organisations need to stay on top of when monitoring their security: Technology, processes and people are some of the key considerations here. An appropriate security policy would ideally include:
- The ability to determine capability and maturity of key architecture controls around people, processes and technology using industry standard metrics
- A security roadmap linked to the business objectives of the organisation
- Validation or enhancement of the security strategy and architecture programme
- Ability to manage security to industry standards such as ISO27000
- Standardise and control best practice across systems and locations
- Share metrics with the business to align IT security with the rest of the organisation
Traditional approaches to information security are no longer adequate to protect information networks from modern threats, which is why we’ve recently announced our new assessment model that helps organisations assess security threats, the maturity of their security architecture, the underlying security safeguards that protect their human assets from cyber-attacks, and their processes and technologies.