Traditional approaches to information security are no longer adequate to protect information networks from modern threats
Dimension Data offering to help organisations assess the maturity of their security architecture, the underlying security safeguards that protect their human assets from cyber-attacks, and their processes and technologies.
Matthew Gyde, Dimension Data’s Group Executive – Security, says cyber threats are still flourishing, and traditional approaches to information security are no longer adequate to protect information networks from modern threats. “Even employees are not safe from variety of threats including drive-by and watering hole attacks which often occur over a weekend. In addition, we’re seeing a low level of maturity in some large enterprises – many of which have spent millions of dollars on security technology.
“When assessing the robustness of an organisation’s security, we cannot leave out the employee. In fact, it’s essential that employees understand their role as both an asset and a potential security liability in an organisation,” explains Gyde.
Guido Crucq, Dimension Data Asia Pacific’s General Manager – Security, says another key area that organisations need to focus on is to link their security strategy to the vision of the company, and have a robust set of policies around vulnerability and threat management, as well as incident response processes and procedures. “Organisations must be able to address root cause issues and apply the right resources and controls in the most effective way to protect key assets,” he says and points out that Dimension Data’s security assessment was designed to be a globally consistent, consulting engagement framework that’s vital for organisations which have a global footprint.
Other insights that Dimension Data’s security architecture assessment offers are:
the ability to determine capability and maturity of key architecture controls around people, processes and technology using industry standard metrics
a security roadmap linked to the business objectives of the organisation
validation or enhancement of the security strategy and architecture programme
ability to manage security to industry standards such as ISO27000
standardise and control best practice across systems and locations
share metrics with the business to align IT security with the rest of the organisation