The Problem

Most businesses today acknowledge the value in connecting to the Internet and providing services over the Web. However, many businesses are also finding that connecting to the Internet is not simply a matter of buying a server and turning it on. International surveys conducted by the FBI/CSI in the US, and AusCERT and Australian State and Federal police in Australia, report that security is an ever growing concern for internet connected businesses.  These surveys have found that the rate of internet based attacks, and the losses businesses are suffering through security breaches, are both increasing.

The question is: how can this be the case when 98% of respondents indicate that they have firewalls in place? 
The answer is: security is more than technology - it is about people, processes and policy

Clearly businesses have come to grips with technology - yet often they have failed to establish a full security management framework to ensure that their technology functions as designed, and improves to keep up with the increasing sophistication of attacks. Problems caused by failing to address IT security requirements can be compounded when software developers and vendors deliver insecure applications and services.

The eRisk Solution

At eRisk consulting ltd our mission is to assist businesses and their service partners to address these IT security issues.

Security cannot be set and forgotten. It requires a cycle of assessment, enhancement and maintenance.

 

  Activities within each of these steps are:

Assess

Enhance

Maintain
 
  • Review and assess the project and project design from a technical perspective
  • Review operational and maintenance risks
  • Conduct security assessment
  • Assess standards compliance
  • Design technical solutions
  • Provide identity management and access control solutions
  • Develop the e-business and web services security model
  • Provide risk management training and seminars
  • Restructure the organisation of system security
  • Maintain a standards based security policy environment
  • Maintain intrusion detection solutions and operational policies and procedures
  • Maintain security awareness
  • Maintain security management and reporting frameworks
  • Provide ongoing security training
 


eRisk consulting ltd can see the bigger picture and help you to fully understand your security requirements.  We offer targeted, specific security consulting and mentoring on a project-by-project basis. We will ensure that your deliverables are secure and complete up front.

Benefits

  • Better understanding of your, or your client’s, security needs
  • Better understanding of technical risks and issues
  • Enhanced ability to meet or exceed audit requirements
  • Reduced need for reworking due to security or audit related issues
  • Reduced overall cost of security measures

    •