Gainful Information Security 2012 services
-
Upload
cade-zvavanjanja -
Category
Technology
-
view
1.070 -
download
1
description
Transcript of Gainful Information Security 2012 services
Gainful Information SecuritySolutions Presentation
www.gis.co.zw
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
Your Partner for Secure, Cost Effective & Efficient information Lifecycle 2
Gainful Information Security is an information security and systems development firm established in Harare, Zimbabwe in 2007 to partner with African private and public sectors for a secure, efficient and cost-effective information lifecycle.
We Offer Customised:
Intro
3
An event that could have a detrimental effect on an asset
A conduit that could be exploited by a threat
An item of value
The effect on a business of a risk being realised
BUSINESS IMPACT
Asset
Threats Vulnerability
Risks
Information Security Business Case
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
4
How your information is attacked
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
5
Web Defacements
Software Bugs
Buffer Overflows
Backdoors
Viruses
Denial of Service
Worms“SneakerNe
t”
Corporate Spies Script Kiddies
Employee Error
War Drivers
Trojans
Password Crackers
“Blended Threats”
What's attacking your Information
Rogue Insiders
Network vulnerabilities
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
6
Natural Disasters
SecurityControls &Policies
Vulnerabilities
Good security controls can stopcertain attacks
Poor SecurityPolicies couldLet an attackthrough
NO security policies orcontrols could be disastrous
MaliciousThreats
Non-MaliciousThreats
Motivesand Goals
MethodsandTools
MethodsandTools
MethodsandTools
ASS
ETS
Threat + Motive + Method + Vulnerability = ATTACK!
Attack Methodology
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
7 Your Partner for Secure, Cost Effective & Efficient information
Lifecycle
8
Information Assets
Threats Vulnerabilities Risks=
Existing Controls
Risky Current Position
!!!!!!=+
Are You Secure ????
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
9
We partner with you to mitigate your information riskThrough our project based service package of:
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
10
Penetration TestingVulnerability AssessmentWireless Penetration Testing Security Test and EvaluationInformation System AuditingWeb-Based Application testing Procedure-Policy Gap-Analysis Risk Assessment is the first process in the information-centric methodology. We use risk assessment to determine the extent of the potential threat and risk associated with an IT system throughout its SDLC, system development life cycle. The output of this process helps to identify appropriate controls to mitigate or militate risk during the risk mitigation process.
We partner with you to assess your risk through:
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
11
Risk Mitigation is the second process of risk management involves prioritizing, evaluating, and implementing the appropriate risk-reducing controls recommended from the risk assessment process. Because the elimination of all risk is usually impractical or close to impossible, it is the responsibility of senior management and functional and business managers to use the least-cost approach and implement the most appropriate controls to decrease mission risk to an acceptable level, with minimal adverse impact on organizational resources & mission
Content Security ProductsNetwork Security ProductsAccess Control & BiometricsSecurity Standards Compliance Information security governanceCyber-Intelligence and ForensicsIn-house Training and AwarenessComputer Crime Expert Witness
RISK MITIGATION SOLUTIONS
We partner with you to mitigate your risk through
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
12
You Get a
Secure
Cost-Effective
& Efficient
Life-Cycle
Policy
Firewalls
Intrusion Detection Event
Management
Network Security
Pen Test
AC&IM
Training
SDl
AV
Audit
What we aim for :
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
13
Ecommerce Site
Data Storage
Business Interfaces
IT/IS/Developme
ntAnti-Virus
Firewalls
Encryption
Security in SDLC
Threat Modelling
Build Standards
Information Security Policies
Legislative Compliance
Configuration Reviews
Patch Management
Access Control Reviews
Application Testing
Penetration Testing
Intrusion Detection
Vulnerability Assessment
Vetting / ReferencesDisciplinary Procedure
Awareness Training
We provide a comprehensive security package:
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
14
Sign a NDA with us
Risk Assessment
Risk Mitigation
HolisticSecurityProgramImplementation
The way forward:
Your Partner for Secure, Cost Effective & Efficient information Lifecycle
15
Partner with us to protect your information Contact us on:
Add: 4th floor Exploration Hse Cnr 145 R.G Mugabe/5th St Harare , Zimbabwe
Tel: +236 733 782 490 +263 773 796 365 +263 -4- 733 117
Eml: [email protected] [email protected]
Web: www.gis.co.zw Your Partner for Secure, Cost Effective & Efficient information
Lifecycle