|
|
|
Security Risk Assessments? Why do Companies Need Them?
- To Protect
- Company Assets
- Your mission critical data
- Your customer's data
- Company Brand
- Compromised customer data or lack of business continuity can cause or mandate by law public disclosure
- Outside parties can lose access to your Web site or Extranet based upon security breaches and loss of IT continuity
- Use of company IT infrastructure to launch Denial of Service attacks (DoS)
- Employee Productivity
- Lost productivity due to lack of business continuity
- Compliance with Security Regulations
- Applying to you or your partners
Where are the IT Security Threats?
Security threats are caused by external and internal Parties and can be the result of purposeful malicious attacks or even more likely from employees unintentionally putting company information assets at risk.
- External
- Hackers
- Competitors
- Partners (Vendors, Suppliers)
- Consultants
- Internal
- Employees (purposeful and accidental)
- Consultants
What Companies Need Security Risk Assessment?
- Companies with Internet access and web servers
- Companies connecting with Extranet partners
- Companies offering e-commerce services
- Companies who store private consumer data
- Companies offering remote access services to employees
- Companies deploying new applications
- Companies going through acquisitions, mergers, or divestitures
- Companies who need to be compliant with State, Federal or agency security regulations
- Health Organizations: HIPAA
- Consumer data privacy: GLBA,
- Public companies: SOX, CA law 1386
- eCommerce companies or companies with eCommerce
- Banking Organizations: NCUA, FDIC, FFIEC
|
|
|
|
|
