Security
The information security comes to another maturity phase of requirements. The business activities are now more conscient of operational risks. Some recent security events made the proof of some security concepts. Some of these concepts were sometimes considered as nice to have in the past. Rogue trading, and non compliancy to regultions gave financials urgent reasons to implement security services. By extension, providing reliable information (financial, business, ...) is a mandatory requirement.
|
The context
|
Business responsabilitites
More than ever, business are requiring some efficient and less intrusive solutions. To answer these questions, security people ask to generalise risk assessement. business that are currently under cost and budget pressure, are of course looking for some cost benefits... Risk assessement, counter measures, security breaches inventory,
security policy, instrusions detections, contigency plan . . . We are trained in organizing and offering professional services on these subjects. |
Defining the security objectives
There has been a lot of exemple of technical implementations without any securirty policy consistency.
This has sometimes given some non efficient implementations regarding to the operational risk coverage. The different effort must be driven by a general security policy. Even if it won't ensure a 100% efficiency of initiated project, it will offer relevant executive gouvernance elements.
|