As malware and hackers become more sophisticated, the corresponding security solutions needed to combat these threats are becoming more complex and need to be continually updated. The potential for gaps and vulnerability is increasing.
Organisations are increasingly asking – are we safe? The answer to this question requires process, policy, proof. Common, objective methods of ‘proof’ include ASD Maturity level, the NIST Framework, ISO 27001 certification and PCI DSS compliance.
Kytec can work with you to perform a security gap analysis for your security infrastructure where key business flows are determined, along with the corresponding ‘IT journey’ – gaps in capability and functionality are then identified. The process consists of information gathering and the preparation of a comprehensive report, which prioritises critical issues and corresponding recommendations.
Who can benefit from a Gap Analysis?
Security risk impacts a variety of roles because ultimately, IT security risk translates into business risk.
The Kytec Gap Analysis will have benefits for anybody who is responsible for IT security, and anybody impacted by IT security, for example:
• IT Manager
• Senior Executives including CFO
• The Board
Customers, Partners and Suppliers also have a stake in your security as they need their information to be protected
Objectives of the Kytec Gap Analysis
1. To identify vulnerabilities in process and information flow that could lead to security breaches, resulting in direct financial loss, loss of information/IP, damaged reputation, no access to resources and data and penalties from lack of compliance. The Gap Analysis aims to mitigate against the three primary attack vectors – Email, web & end point.
2. Assist in the fulfilment of common compliance requirements. (ASD, ISO 27001, NIST and PCI-DSS)
3. Help organisations to understand their current state (security posture), their ideal s