Home

One of the most common problems a CIO/VP information technologies has is understanding what are the most effective security products.   The cost of evaluating a new security technology can be very high, and often an IT manager will need to take a decision to implement a particular type of product (for example two-factor authentication) before she knows if the products will be effective.

If you’re an IT executive you are probably familiar with this predicament:

• You need to provide your CEO with financial justifications in Euro - not high or low risk.
• You need security controls that don’t disrupt the business.

We recommend employing a 7 step  process with the Practical Threat Analysis (PTA) free risk Assessment software that will help you generate financial justification in dollar/Euro terms before the evaluation and implementation

• Step 1 - Assess your assets and valuate them
• Step 2 - Assess and mitigate  threats:
  • Data leakage
  • Data abuse by trusted insiders
  • Network abuse by trusted insiders
• Step 3 - Assess your vulnerabilities
• Step 4 - Identify cost-effective security controls
• Step 5 - Build the financial justification for the CEO. The output of our practical threat analysis process is a financial justification for an effective risk mitigation plan. The plan includes the most cost-effective countermeasures that reduce the risk level to a minimum at a given capital and variable cost.
• Step 6 - Approve implementation plan
• Step 7 - Implement the countermeasures