Security Management Control Area
Securing the systems connected to the network means understanding everything on the network. This is a key aspect of Cyber-security defence and part of ISO27001/NIST security frameworks. Rebasoft delivers extensive capabilities to support processes in the Information Security Management (ISM) Control Area, reducing risk and cost.
Traditional asset systems are not designed for security and leave gaps due to their inherent method of working. These gaps could result in vulnerabilities and security breaches.
- Can I be sure I’ve not missed anything connected to my network?
- If I find an unknown, or unauthorised end device, how can I understand whether its criticalality justifies investigation?
- Can we identify critical systems and monitor them?
- I believe my network is secure, but how can I be sure that my 3rd Party supplier connections are secure?
The ISM Control Area aims to identify and maintain the business importance of all IT assets, effective risk identification and robust security controls for third party suppliers. This is so that the business can focus on the most critical elements of security.
Rebasoft provides discovery and classification to augment exiting asset data that delivers metrics and coverage information on all assets. Automated controls, covered in adjacent control areas can provide remediation.
The result is a single system that can provide KPIs to the “C” suite, together with detailed data to allow subject matter experts (SMEs) to work more effectively remediating risk, reducing errors, and improving time to recover.
ISM-1: Identify all the assets to ensure they are adequately secured
Covering all end points, infrastructure, applications and IoT systems
ISM-2: Identify the most critical assets
Ensure prioritisation of security remediation and improvement activities
ISM-3: Manage 3rd party connections
Identify, maintin a list of all external, third party connections and monitor behaviour