Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
SECURITYSOLUTIONS & SERVICES                Offering Overview
S e c u r i t y S o l u tion & ServicesS e curity Solution & Servic e sIf we take a look at the Organisations today, we ca...
S e c u r i t y S o l u tion & ServicesC ROSSOVER Security Co n s u l t i n gInformation security is a top-down process re...
S e c u r i t y S o l u tion & ServicesC ROSSOVER ICT SecurityThis area of expertise contain all building block to ad-   B...
S e c u r i t y S o l u tion & ServicesC ROSSOVER Security Co m p l i a n c eSecurity Compliance means to adhere to securi...
S e c u r i t y S o l u tion & ServicesC ROSSOVER Security Tra i n i n gOne of the greatest security threat come fromwithi...
SECURITY                                    SOLUTIONS & SERVICESw ww.crossoverweb.it - ww w . c r o s s o v e r w e b . e ...
Upcoming SlideShare
Loading in …5
×

Cit security offering-overview_20111123

212 views

Published on

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

Cit security offering-overview_20111123

  1. 1. SECURITYSOLUTIONS & SERVICES Offering Overview
  2. 2. S e c u r i t y S o l u tion & ServicesS e curity Solution & Servic e sIf we take a look at the Organisations today, we can CROSSOVER Italy believes that Information Security With this view in mind CROSSOVER Italy developedsee that they face a new and important challenge Management is a systemic, holistic and dynamic a package of security solutions, within four mainto protect their information, their services, based on approach, that involves Organization, Processes, areas, that allow to our Clients to implement or com-those information, and, at the end, their mission. Technology and People, with a continuous Program plement their Information Security program to man- Improvement activity that addresses the protection age tactically and strategically the protection of theirThe fragmentation of the Organization set up col- of information, throughout the life cycle of the infor- mission critical information.laborations and sharing with many external entities, mation and its use within the organisation.the new technologies, as Cloud Computing andMobile, and the new collaborative means as SocialNetworking have changed the concept of “physicalboundary” making possible to have an “extendedenterprise” model.But this new model, if makes available many inter-esting opportunities, have also many risks for thebusiness because these new possibilities can makeavailable new attack vectors. Last but not leastthere is the “human factor” that can be identified as“insider threat” or wrong or missing behaviours (i.e.through Social Engineering attacks).Many new laws and regulations have been designedto force improvement in organizational security, con-trol, transparency, information retention and privacybut Compliance not always means Security and ouropinion is that we need a new and more proac-tive and adaptive approach to manage correctly allrisks that can threat the Company Information hav-ing a run time evolution of the Information SecurityManagement System. SECURITY SOLUTIONS & SERVICES 2
  3. 3. S e c u r i t y S o l u tion & ServicesC ROSSOVER Security Co n s u l t i n gInformation security is a top-down process requiringa comprehensive security strategy that is explicitlylinked to the organisation’s business processes andstrategy. Security must address entire organisationalprocesses, both physical and technical, from endto end.Within CROSSOVER Security Consulting you canfind all necessary building block, that can be con-sidered as foundations to start the implementationof a formal security strategy by developing, deploy-ing and maintaining a comprehensive set of securitypolicies that reflect the objectives of the organisationand address each element of the strategy. As wellas specific procedures and standards along withassigned roles and responsibilities, classification andassignment of ownership of information assets andassessments of risks and business impact analyses.In this area of expertise you will find all the impor-tant elements to set up or have a more effectiveimprovement of your Information Security System. 3
  4. 4. S e c u r i t y S o l u tion & ServicesC ROSSOVER ICT SecurityThis area of expertise contain all building block to ad- Beside the specific security product selection anddress specifically security technology and services deploy support, CROSSOVER Italy can provide youmatters. “Security is a process and not a product”, activities that are related to the control of the Infor-we heard about this many times and we strongly mation Security Systems and that you can use tobelieve in this sentence. However security products highlight vulnerabilities in the security processes (i.e.:are necessary to put in place planned countermeas- incident management process assessment) or in theures or to tactically solve some specific problems. systems and organization (i.e.: vulnerability assess-But we need to consider that every technological ment, penetration test, ethical hacking) as well assolution can generate dangerous feelings of “false post incident activities as log analysis, attack track-sense of security“ and that, to be effective, needs ing and forensic analysis.other components as roles, responsibilities and pro-cedures defined, information and training and physi-cal security.CROSSOVER Italy can help you in the identificationof the security products, “best of breed” on the se-curity market, giving you all the necessary advisorysupport to have an efficient and effective deploy ofthe complete solution. As an example we can helpyou to define how to manage your mobile phoneplatform in your company guaranteeing the securityof information that is within them, understanding theneeds, defining the policy, procedures, the hw iden-tification, the needed sw platform and providing thetraining and awareness for all the users that need tohave those mobile phone. 4
  5. 5. S e c u r i t y S o l u tion & ServicesC ROSSOVER Security Co m p l i a n c eSecurity Compliance means to adhere to securitystandards, law and regulations, and other require-ments (ie. Internal policies, procedure...). Compli-ance is, in some way, also strictly linked to the trustthat your company can have for the clients. Se-curity Standards help to build a management sys-tem around Information Security (i.e. the ISO 27001).Standards are, generally, flexible, laws are not flex-ible so your first priority should be on the safe sideof the law (i.e.. Data privacy protection). So if youbreak the law compliance you break the trust andyou could put at risk your business also in this case.CROSSOVER Security Compliance address the riskof no-compliance and has all the necessary build-ing block to perform compliance service assessmentfor all most important security standards and locallaw as well as we can provide an Unified Compli-ance System in which, we can build a ComplianceProcess around that specific standard or local lawproviding a complete framework that could be filledwith the plug-in related to that specific compliance.In this way you can have a really effective tool thatautomatically could assess, in the same time, thecompliance to ISO 270001, PCI-DSS, Data PrivacyProtection, internal policies and procedures, andmany other. 5
  6. 6. S e c u r i t y S o l u tion & ServicesC ROSSOVER Security Tra i n i n gOne of the greatest security threat come fromwithin. Today, in our connected word, the insiderthreats are greater than ever. Technologies such associal networks, mobile, blogs, and email increasethe organization’s internal security challenges and,in some cases, employees unintentionally releasesensitive information (i.e. Social engineering attack)without realizing the potential consequences. Thismeans that one of the most priority needs to protectthe organization from itself. So, the human factor insecurity can never be ignored.An effective Information Security Training and Aware-ness Program is a continuous internal process de-signed to change behaviours or reinforce good se-curity practices that involve all employees.CROSSOVER Italy can develop, design and deploya complete Information Security Training and Aware-ness Program that helps our clients to manage therisks associated with actions of people. The Pro-gram will build starting from the needs and require-ments and using the most adequate technologiesand techniques to make effective the program itself.Specific evaluation metrics to measure the resultsof the Program will be performed allowing, in thisway, to have the knowledge of the level of securityawareness of all the organization. 6
  7. 7. SECURITY SOLUTIONS & SERVICESw ww.crossoverweb.it - ww w . c r o s s o v e r w e b . e uc o ntact@crossoverweb.it

×