Home Contact Sitemap


Managed Information Security Services


Risk Management

Risk is defined as the effect of uncertainty on objectives (whether positive or negative). Risk management can therefore be considered the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events. Risks can come from uncertainty in financial markets, project failures, legal liabilities, credit risk, accidents, natural causes and disasters as well as deliberate attacks from an adversary.

Risk Analysis and Risk Assessment

imgA "risk analysis" is the process of arriving at a risk assessment, also called a "threat and risk assessment". A risk analysis helps integrate security program objectives with the company's business objectives and requirements. The more the business and security objectives are in alignment, the more successful the two will be. The analysis also helps the company draft a proper budget for a security program and its constituent security components. Once a company knows how much its assets are worth and the possible threats they are exposed to, it can make intelligent decisions on how much money to spend on protecting those assets. Risk analysis, which is a tool for risk management, is a method of identifying vulnerabilities and threats, and assessing the possible damage to determine where to implement security safeguards. Risk analysis is used to ensure that security is cost effective, relevant, timely and responsive to threats.How we can help LEARN MORE>>

PCI Companies can experience significant financial losses due to fines, lawsuits and unbudgeted expenses (such as notification costs). The damage to a retailer’s reputation is also costly.

Vulnerability Assessment

imgThe Internet provides unparalleled opportunities for interaction and data exchange among health care providers, patients, payers and researchers. Hospitals and providers benefit from integrated systems where lab results, diagnoses, charges, and personal information can be brought together to provide better patient care with lower costs of delivery. However, the advances provided by the Internet are accompanied by an increased risk to the integrity and confidentiality of highly sensitive information. How we can help LEARN MORE>>

HIPAA regulations mandate that patient information be kept confidential and that the systems housing sensitive information be kept secure from hackers.

Penetration Testing

imgFinancial Institutions are pressured to manage the bottom line while providing increasingly convenient online services and maintaining personalized and intimate customer relationships. Customer confidence in the bank's ability to secure personal financial information is a prerequisite for implementing the integrated services that ultimately provide satisfaction and cost-effectiveness. How we can help LEARN MORE>>

Core Impact CORE IMPACT Pro is the most comprehensive software solution for assessing the security of web applications, network systems, endpoint systems, email users and wireless networks. Backed by Core Security’s ongoing vulnerability research and leading-edge threat expertise, IMPACT Pro allows you to take security testing to the next level by safely replicating a broad range of threats to your organization’s sensitive data and mission-critical infrastructure.

Disaster Recovery

img With the increasing importance of information technology for the continuation of business critical functions, combined with a transition to an around-the-clock economy, the importance of protecting an organization's data and IT infrastructure in the event of a disruptive situation has become an increasing and more visible business priority in recent years. It is estimated that most large companies spend between 2% and 4% of their IT budget on disaster recovery planning, with the aim of avoiding larger losses in the event that the business cannot continue to function due to loss of IT infrastructure and data.How we can help>>

Of companies that had a major loss of business data, 43% never reopen, 51% close within two years, and only 6% will survive long-term. This results in a majority of failed businesses.(stats from 2001)

Business Continuity

img In plain language, BCP is working out how to stay in business in the event of disaster. Incidents include local incidents like building fires, regional incidents like earthquakes, or national incidents like pandemic illnesses. BCP may be a part of an organizational learning effort that helps reduce operational risk associated with lax information management controls. This process may be integrated with improving information security and corporate reputation risk management practices. How we can help>>

A completed BCP cycle results in a formal printed manual available for reference before, during, and after disruptions have occurred. Its purpose is to reduce adverse impacts determined by both the disruption's scope (who and what it affects) and duration (how bad, implications last for hours, months etc).

Security Training


Information Security Training for senior executives and key personnel. How we can help LEARN MORE>>

CEO's Do you know what to ask your IT deptartment? Questions like, "What encryption have they deployed and why?" Be prepared for your regulatory audits.

Comments (11) . 07 Jan 2010 . 02:56