Your advice partner for the protection of technical equipment and computer networks.
Every company that uses ICT has obligations in the field of cyber security. Even when ICT only plays a supporting role in the company. A company always has a duty of care for securing its systems.
In view of rapid changes, digital developments and cyber threat, it is becoming increasingly difficult to implement the duty of care, while it is very important to be able to respond quickly to security incidents.
A hack can lead to processes being disrupted, whereby the company is liable and personal data can be stolen. This could have as a consequence a report to the Data Protection Authority regarding data breaches and the privacy law.
After an IT security scan has been carried out, the risks of using the ICT are mapped and based on a cost-benefit analysis it is determined which risks are acceptable. Outdated software replaced, network security measures are being implemented and the risks associated with the software used have become clear
Investing in cybersecurity request financial resources, but also leads to benefits in critical business operations. Collected data can be used for process optimization and improvements.
Your partner for the protection of technical equipment and computer networks.
aXite does an assessment of your organization to scale your organization on a security level, based on the activities below that have already been carried out. aXite will be glad to help you reach a higher security level.
- Hardware interconnected, but not secured
- No standards set for the use of technology
- Little to no backups
- Any control
- Any management systems
- Basic standards for use
- Basic physical security
- Basic password control
- Limited technology and IT architecture support hardware and data
- Basic contingency and business recovery (untested)
- Basic (IT) controls about networking and application use
- Monitoring physical security at IT facilities
- Backups for all services – set up based on user needs
- Formally established architecture for management connectivity and standards for technology use
- Network management technology; installed to monitor activities and check for unauthorized access
- Change control and procedure for all operational services and infrastructure for both internal and external users / suppliers
- Clear standards and policies for network, technology and use
- All devices visible in the network for management (services and monitoring)
- All software licenses under management
- Cyber security awareness program for staff with repetition
- Periodically tested backups and business recovery plan
- Penetration testing schedule
- Test usage and audit results
- Securing and auditing contractually, suppliers follow established standards: the Supply Chain
- Adoption of best industry practice for security of information systems, such as ISO 27001 and ISO 64223
- Periodic and formal audit of all standards, procedures and possible security leaks
- Program of unexpected and independent ethical hacking
- Establish and maintain relationships with risk and intelligence sources