Cybersecurity Confidentiality Integrity Aavalability

SELECTED PROJECTS

 CONFIDENTIALITY, INTEGRITY & AVAILABILITY

Client

Trusted Client


Categories

Security Risk Assessment, IT Services


Completed

March 31, 2011


Project Budget

$775,000


Project length

9 months

Project Details

BACKGROUND


An organization had identified dependencies on several different infrastructure system and needed a risk assessment of their current environments to be transformed into a new built data centre environment. Cybersecurity focus was to ensure Confidentiality, Integrity and Availability (CIA) of the systems data before, during & after transformation.


Upon client requested, a seperate project was launched to remediate and/or implement new requirements, in order to conform to the organizations cybersecurity strategy.


The project scope in transition and remediation plan included work to design a new security risk protection process and procedures that included requirements of specific data in all identified system, network, data bases and application for data protection. The transition project also created the project schedule, task list and resource estimates and budget for the tranformation project to perform remediation of informationsystem.



  Assessment of Security CIA

  Maturity and Strength

Do you need similar expert help?


Contact Fogel Consulting through the contact form to receive further information and possibility to present your own case and business needs.

CHALLENGE

This organizations business was under transformation from several different operating systems to become one unified standard för the whole organization. During the transformation, there was a need to develop en implement a new cybersecurity risk assessment process that enabled the business to merge the right systems to the righ data repositories as there were a mix of different data stored together and needed to be segregated from each other. 


Core challenge was to review and perform an assessment of the organizations security monitoring process, including recommendations for process improvements (such as detection, prevention, remediation and business continuity) and if the organization ha capability to ensure that Confidentiality, Integrity and Availability (CIA) remained uncompromized during all phases.

SOLUTION


The project was divided into 6 sperate tracks to remediate and/or implement new requirements as agreed in organizations specified requirements.


To ensure the core goal of achieving Cinfidentiality, Integrity and Availability (CIA), the projects tracks was designed to includ work for new security risk protection requirements on client system, network, data bases and application to protect data.


The 6 tracks goal and scope was:

  1. Re-design and implementation of a new Information System Security Control Strategy Architecture Road Map.

  2. Design and implementation of IDP/IDS services

  3. Review and assessment of security risks monitoring process, including recommendations for process improvements 

  4. Design and implementation of new system security check procedure and tools for monitoring.

  5. Design and implementation of new tools and processes for monitor of privileged users

  6. Develop and implementation of a detailed Information system Security Controls Document (ISCD)

RESULT


All deliverables created, impemented and handover was: 

  •  A new Information System Security Control Strategy Architecture Road Map.
  • New archiytect tools and proceeses for IPS/IDS (intrusion prevention and detection services). 
  • Full assessment of security risks monitoring process, including recommendations for process improvements implemented.
  • New system security check procedure and tools for monitoring requirements on client system, network, data bases and applications for sustained data protection
  • New tools and processes for monitor of privileged users on all Windows, Unix & Linux systems
  • New detailed Information system Security Controls Document (ISCD) that defines client agreed security controls requirements, to be maintained by supplier in relation to services.