Your SlideShare is downloading. ×
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Gainful Information Security 2012 services
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Gainful Information Security 2012 services

988

Published on

Gainful Information Security is an information security and systems development firm established in Harare, Zimbabwe in 2007 to partner with African private and public sectors for a secure, efficient …

Gainful Information Security is an information security and systems development firm established in Harare, Zimbabwe in 2007 to partner with African private and public sectors for a secure, efficient and cost-effective information lifecycle.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
988
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Gainful Information Security Solutions Presentation www.gis.co.zw
  • 2. IntroGainful Information Security is an information security andsystems development firm established in Harare, Zimbabwe in2007 to partner with African private and public sectors for asecure, efficient and cost-effective information lifecycle.We OfferCustomised: 2
  • 3. Information Security Business CaseAn event that A conduit that couldcould have a Threats Vulnerability be exploited by adetrimental effect threaton an asset An item of Asset value The effect on a business of a Risks risk being realised BUSINESS IMPACT 3
  • 4. How your information is attacked 4
  • 5. Whats attacking your Information Viruses Employee ErrorRogue Insiders Software Bugs Corporate Spies Script Kiddies Web Defacements Password Network vulnerabilities CrackersDenial of Service “SneakerNet” War Drivers Backdoors Worms Trojans Buffer Overflows “Blended Threats” 5
  • 6. Attack Methodology Threat + Motive + Method + Vulnerability = ATTACK! Good security Security controls can stop Controls & certain attacks PoliciesNon-MaliciousThreats Methods Poor Security and Policies could Tools Let an attack through ASSETS Motives MethodsMalicious and andThreats Goals Tools Vulnerabilities Methods and Tools NO security policies or controls could be disastrousNaturalDisasters 6
  • 7. 7
  • 8. Are You Secure ???? Information Assets Risky CurrentThreats + Vulnerabilities = Risks = Position !!!!!! Existing Controls 8
  • 9. We partner with you to mitigate your information risk Through our project based service package of: 9
  • 10. We partner with you to assess your risk through:Penetration TestingVulnerability AssessmentWireless Penetration TestingSecurity Test and EvaluationInformation System AuditingWeb-Based Application testingProcedure-Policy Gap-AnalysisRisk Assessment is the first process in theinformation-centric methodology. We userisk assessment to determine the extent ofthe potential threat and risk associated withan IT system throughout its SDLC, systemdevelopment life cycle. The output of thisprocess helps to identify appropriatecontrols to mitigate or militate risk duringthe risk mitigation process. 10
  • 11. We partner with you to mitigate your risk throughRISK MITIGATION SOLUTIONS Risk Mitigation is the second process of risk management involvesContent Security Products prioritizing, evaluating, and implementing theNetwork Security Products appropriate risk-reducing controls recommended from the risk assessment process. Because theAccess Control & Biometrics elimination of all risk is usually impractical orSecurity Standards Compliance close to impossible, it is the responsibility ofInformation security governance senior management and functional and business managers to use the least-costCyber-Intelligence and Forensics approach and implement the mostIn-house Training and Awareness appropriate controls to decrease mission risk toComputer Crime Expert Witness an acceptable level, with minimal adverse impact on organizational resources & mission 11
  • 12. What we aim for : PolicyYou Get a SDl FirewallsSecure Intrusion Detection EventCost-Effective Audit Management Network Security& Efficient Train Pen Test ingLife-Cycle AC&IM AV 12
  • 13. We provide a comprehensive security package: Vetting / References Business InformationDisciplinary Interfaces Security PoliciesProcedure Build Standards Awareness Training IT/IS/ Threat Modelling Anti-Virus Development Patch Security in SDLCManagement ApplicationVulnerability Assessment Data Storage Testing PenetrationConfiguration Testing Reviews Access Control Encryption Ecommerce Reviews Site Firewalls Legislative Compliance Intrusion Detection 13
  • 14. The way forward: Holistic Security Program Implementation 14
  • 15. Partner with us to protect your information Contact us on: Add: 4th floor Exploration Hse Cnr 145 R.G Mugabe/5th St Harare , Zimbabwe Tel: +236 733 782 490 +263 773 796 365 +263 -4- 733 117 Eml: info@gis.co.zw cade@gis.co.zw Web: www.gis.co.zw 15

×