Cyber Security Works does not install any appliances on your network to monitor your information. This means your enterprise’s information will never be on the internet outside of your enterprise.
We do not install any software’s on your systems or networks. This will give you the confidence that we are not using your systems to run our tests.
Our presence on your network will be transparent to all your users in your enterprise.
Enterprises are required to address compliance and regulations that govern your industry. With a growing number of government and corporate security policies, standards and regulations; enterprises might have to satisfy multiple compliance and security requirements.
Cyber security works unified compliance assessment assists enterprises to identify gaps within an enterprise that are required by the organizations that govern your enterprise. Once gaps are identified our engineers assist enterprises to develop, implement and manage, enterprise-wide information security program to ensure current compliance with applicable industry regulations and ongoing protection of information and systems.
Most information security compliance programs and governing bodies require preservation of confidentiality, integrity, availability, and accountability of information and information systems. Our security experts map requirements to industry standards and best practices for security control such as ISO 27002, ITIL, and Co BIT. Cyber security works unified compliance; comprehensive mapping assists enterprises to comply with multiple compliance's and security requirements through a consistent, repeatable, scalable, enterprise-wide information security program. A few of the key mappings are listed below.
|
 |
 |
Risk assessment |
|
Security policy |
|
Asset management |
|
Human resources security |
|
Physical and environmental security |
|
Communications and operations management |
|
Access control |
|
Information systems acquisition, development and maintenance |
|
Information security incident management |
|
Business continuity management |
|
Compliance |
|
Cyber security works unified compliance service offers assessment and mapping of the following compliance and the figure below illustrates how the compliance assessment results can be used to map to multiple governing and regulatory bodies.
Information security compliance assessment and audit as per international guidelines and industry best practices
|
|
International Organization for Standardization/ International Electro technical Commission (ISO/IEC) 27002 standard and best practices: information technology - security techniques - code of practice for information security management |
|
The Information Technology Infrastructure Library |
|
Control Objectives for Information and related Technology |
|
Payment Card Industry Data Security Standard (PCI) |
|
Visa Cardholder Information Security Program (CISP) |
|
Communications and operations management |
|
Master Card Site Data Protection program (SDP) |
|
Gramm-Leach-Bliley Act (GLBA) |
|
Information security incident management |
|
Sarbanes-Oxley (SOX) |
|
Health Insurance Portability and Accountability Act (HIPAA) compliance |
|
EU Data Protection |
|
Federal Financial Institutions Examination Council (FFIEC) and Bank regulatory guidelines |
|
Federal Information Security Management ACT (FISMA) |
|
Federal Information Processing Standards (FIPS) |
|
Management of Federal Information Resources (OMB Circular A-130) |
|
Requirement mapping as recommended by (NIST-sp 800-53 High impact systems:
Recommended Security Controls for Federal Information Systems) |
|
Centers for Medicare and Medicaid Services (CMS) compliance |
