| Roadmap Strategy Development |
|
Problem Statement Many organizations do not have a 1-2 year security roadmap that takes into account security over all technologies in place, technologies that will be needed and the people and processes needed to implement and maintain accurate security requirements. A comprehensive roadmap needs to be in place to help the organization anticipate future risk and the mitigating controls necessary to minimize risk. Gaps in the current architecture first need to be addressed and ensure that the future strategy does not allow for these gaps. Solution The Roadmap Strategy is client-focused and very specific to your environment, business goals and forward looking progress. It maps to your business objectives and develops practical solutions to your concerns. A short and long term approach is taken to move the security posture of your organization over the next 1-2 years. The transition plan looks at all departments, how they interoperate with the security teams and their individual requirements. The specific culture of your organization is integral to the Roadmap and at the same time, a comprehensive Roadmap will shape your future security culture. You will not get a generic template but custom results for people, process and technology needs around the identification of the risks associated with areas of noncompliance and recommendations on the minimum baseline standards for an acceptable level of risk. Key aspects of a Roadmap include: · Validation of "foundational" IT infrastructure security · Current Security processes reviewed · Gap analysis and closure methods identified · Future risk forecasting · Anticipated security toolkit
How the Process Works Our staff will be onsite and begin with an interview process of security and IT staff. All major technology owners will be interviewed and all major business functions will be analyzed. Business functions will be correlated to current and future security requirements. All technologies will be analyzed for security implications and all future projects proposed will be considered in developing the new Roadmap. A detailed plan will be produced with a 1-2 year time horizon on changes needed in the environment to be secure. A security toolkit will be proposed to implement and maintain a secure posture over time. Future threats can be anticipated and mitigating controls put in place according to business processes |
- Apple issues Safari 4.0.5 to fix 16 vulnerabilities
- Troyak shutdown signals short-lived win against Zeus
- Pennsylvania CISO out of a job following RSA Conference appearance
- Twitter to vet links with goal of curbing phishing attacks
- India, Mexico, Brazil have most Mariposa bots
- Microsoft offers two fixes, but reveals a zero-day bug
- Report: Federal cybersecurity plan facing barriers
- Energizer software found to open backdoor
- China to prosecute Google hackers if evidence shows
- Microsoft readies two patches for Windows, Office flaws