SlideShare uma empresa Scribd logo

Gainful Information Security 2012 services

Cade Zvavanjanja
Cade Zvavanjanja

Gainful Information Security is an information security and systems development firm established in Harare, Zimbabwe in 2007 to partner with African private and public sectors for a secure, efficient and cost-effective information lifecycle.

Tecnologia
1 de 15
Baixar para ler offline
Gainful Information Security Solutions Presentation www.gis.co.zw
Intro Gainful Information Security is an information security and systems development firm established in Harare, Zimbabwe in 2007 to partner with African private and public sectors for a secure, efficient and cost-effective information lifecycle. We Offer Customised: 2
Information Security Business Case An event that A conduit that could could have a Threats Vulnerability be exploited by a detrimental effect threat on an asset An item of Asset value The effect on a business of a Risks risk being realised BUSINESS IMPACT 3
How your information is attacked 4
What's attacking your Information Viruses Employee Error Rogue Insiders Software Bugs Corporate Spies Script Kiddies Web Defacements Password Network vulnerabilities Crackers Denial of Service “SneakerNet” War Drivers Backdoors Worms Trojans Buffer Overflows “Blended Threats” 5
Attack Methodology Threat + Motive + Method + Vulnerability = ATTACK! Good security Security controls can stop Controls & certain attacks Policies Non- Malicious Threats Methods Poor Security and Policies could Tools Let an attack through ASSETS Motives Methods Malicious and and Threats Goals Tools Vulnerabilities Methods and Tools NO security policies or controls could be disastrous Natural Disasters 6
7
Are You Secure ???? Information Assets Risky Current Threats + Vulnerabilities = Risks = Position !!!!!! Existing Controls 8
We partner with you to mitigate your information risk Through our project based service package of: 9
We partner with you to assess your risk through: Penetration Testing Vulnerability Assessment Wireless Penetration Testing Security Test and Evaluation Information System Auditing Web-Based Application testing Procedure-Policy Gap-Analysis Risk Assessment is the first process in the information-centric methodology. We use risk assessment to determine the extent of the potential threat and risk associated with an IT system throughout its SDLC, system development life cycle. The output of this process helps to identify appropriate controls to mitigate or militate risk during the risk mitigation process. 10
We partner with you to mitigate your risk through RISK MITIGATION SOLUTIONS Risk Mitigation is the second process of risk management involves Content Security Products prioritizing, evaluating, and implementing the Network Security Products appropriate risk-reducing controls recommended from the risk assessment process. Because the Access Control & Biometrics elimination of all risk is usually impractical or Security Standards Compliance close to impossible, it is the responsibility of Information security governance senior management and functional and business managers to use the least-cost Cyber-Intelligence and Forensics approach and implement the most In-house Training and Awareness appropriate controls to decrease mission risk to Computer Crime Expert Witness an acceptable level, with minimal adverse impact on organizational resources & mission 11
What we aim for : Policy You Get a SDl Firewalls Secure Intrusion Detection Event Cost-Effective Audit Management Network Security & Efficient Train Pen Test ing Life-Cycle AC&IM AV 12
We provide a comprehensive security package: Vetting / References Business Information Disciplinary Interfaces Security Policies Procedure Build Standards Awareness Training IT/IS/ Threat Modelling Anti-Virus Development Patch Security in SDLC Management Application Vulnerability Assessment Data Storage Testing Penetration Configuration Testing Reviews Access Control Encryption Ecommerce Reviews Site Firewalls Legislative Compliance Intrusion Detection 13
The way forward: Holistic Security Program Implementation 14
Partner with us to protect your information Contact us on: Add: 4th floor Exploration Hse Cnr 145 R.G Mugabe/5th St Harare , Zimbabwe Tel: +236 733 782 490 +263 773 796 365 +263 -4- 733 117 Eml: info@gis.co.zw cade@gis.co.zw Web: www.gis.co.zw 15

Recomendados

Responding to and recovering from sophisticated security attacks
Responding to and recovering from sophisticated security attacksResponding to and recovering from sophisticated security attacks
Responding to and recovering from sophisticated security attacksIBM
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilienceSymantec
 
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitThe Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitShawn Tuma
 
Rm
RmRm
Rmansulag19
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securitybethpatrick
 
Whitepaper - Data Security while outsourcing
Whitepaper - Data Security while outsourcingWhitepaper - Data Security while outsourcing
Whitepaper - Data Security while outsourcingRaghuraman Ramamurthy
 
Improving Your Information Security Program
Improving Your Information Security ProgramImproving Your Information Security Program
Improving Your Information Security ProgramSeccuris Inc.
 
Fns Incident Management Powered By En Case
Fns Incident Management Powered By En CaseFns Incident Management Powered By En Case
Fns Incident Management Powered By En Casetbeckwith
 

Recomendados

Responding to and recovering from sophisticated security attacks
Responding to and recovering from sophisticated security attacksResponding to and recovering from sophisticated security attacks
Responding to and recovering from sophisticated security attacksIBM
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilienceSymantec
 
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitThe Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitShawn Tuma
 
Rm
RmRm
Rmansulag19
 
Cyber Security
Cyber SecurityCyber Security
Cyber Securitybethpatrick
 
Whitepaper - Data Security while outsourcing
Whitepaper - Data Security while outsourcingWhitepaper - Data Security while outsourcing
Whitepaper - Data Security while outsourcingRaghuraman Ramamurthy
 
Improving Your Information Security Program
Improving Your Information Security ProgramImproving Your Information Security Program
Improving Your Information Security ProgramSeccuris Inc.
 
Fns Incident Management Powered By En Case
Fns Incident Management Powered By En CaseFns Incident Management Powered By En Case
Fns Incident Management Powered By En Casetbeckwith
 
Symantec_2004_AnnualReport
Symantec_2004_AnnualReportSymantec_2004_AnnualReport
Symantec_2004_AnnualReportfinance40
 
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Seema Sheth-Voss
 
Dod IA Pen Testing Brief
Dod IA Pen Testing BriefDod IA Pen Testing Brief
Dod IA Pen Testing BriefDavid McGuire
 
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze DataExchangeAgency
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approachtschraider
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecuritySvetlana Belyaeva
 
Continuous Monitoring and Real Time Risk Scoring
Continuous Monitoring and Real Time Risk ScoringContinuous Monitoring and Real Time Risk Scoring
Continuous Monitoring and Real Time Risk ScoringQ1 Labs
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Servicestsaiblake
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research CSSaunders
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...DFLABS SRL
 
InfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 AInfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 AWard Pyles
 
Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics EMC
 
IBM Immune System
IBM Immune SystemIBM Immune System
IBM Immune SystemLuke Kenny
 
Information Security Cost Effective Managed Services
Information Security Cost Effective Managed ServicesInformation Security Cost Effective Managed Services
Information Security Cost Effective Managed ServicesJorge Sebastiao
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
Introduction to Computer Security
Introduction to Computer SecurityIntroduction to Computer Security
Introduction to Computer SecurityKamal Acharya
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Ricardo Resnik
 
Outlook emerging security_technology_trends
Outlook emerging security_technology_trendsOutlook emerging security_technology_trends
Outlook emerging security_technology_trendswardell henley
 
Information Security By Design
Information Security By DesignInformation Security By Design
Information Security By DesignNalneesh Gaur
 
CISSP Summary V1.1
CISSP Summary V1.1CISSP Summary V1.1
CISSP Summary V1.1christianreina
 

Mais conteúdo relacionado

Mais procurados

Symantec_2004_AnnualReport
Symantec_2004_AnnualReportSymantec_2004_AnnualReport
Symantec_2004_AnnualReportfinance40
 
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Seema Sheth-Voss
 
Dod IA Pen Testing Brief
Dod IA Pen Testing BriefDod IA Pen Testing Brief
Dod IA Pen Testing BriefDavid McGuire
 
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze DataExchangeAgency
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approachtschraider
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecuritySvetlana Belyaeva
 
Continuous Monitoring and Real Time Risk Scoring
Continuous Monitoring and Real Time Risk ScoringContinuous Monitoring and Real Time Risk Scoring
Continuous Monitoring and Real Time Risk ScoringQ1 Labs
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Servicestsaiblake
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research CSSaunders
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...DFLABS SRL
 
InfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 AInfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 AWard Pyles
 
Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics EMC
 
IBM Immune System
IBM Immune SystemIBM Immune System
IBM Immune SystemLuke Kenny
 
Information Security Cost Effective Managed Services
Information Security Cost Effective Managed ServicesInformation Security Cost Effective Managed Services
Information Security Cost Effective Managed ServicesJorge Sebastiao
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFLABS SRL
 
Introduction to Computer Security
Introduction to Computer SecurityIntroduction to Computer Security
Introduction to Computer SecurityKamal Acharya
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Ricardo Resnik
 
Outlook emerging security_technology_trends
Outlook emerging security_technology_trendsOutlook emerging security_technology_trends
Outlook emerging security_technology_trendswardell henley
 

Mais procurados (20)

Symantec_2004_AnnualReport
Symantec_2004_AnnualReportSymantec_2004_AnnualReport
Symantec_2004_AnnualReport
 
Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012Fs isac fico and core presentation10222012
Fs isac fico and core presentation10222012
 
Dod IA Pen Testing Brief
Dod IA Pen Testing BriefDod IA Pen Testing Brief
Dod IA Pen Testing Brief
 
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze FROM STRATEGY TO ACTION - Vasil Tsvimitidze
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approach
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
 
Continuous Monitoring and Real Time Risk Scoring
Continuous Monitoring and Real Time Risk ScoringContinuous Monitoring and Real Time Risk Scoring
Continuous Monitoring and Real Time Risk Scoring
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Services
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 
Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research Professor Martin Gill, Director, Perpetuity Research
Professor Martin Gill, Director, Perpetuity Research
 
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
Cyber Crime Conference 2017 - DFLabs Supervised Active Intelligence - Andrea ...
 
InfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 AInfraGard Webinar March 2016 033016 A
InfraGard Webinar March 2016 033016 A
 
Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics
 
IBM Immune System
IBM Immune SystemIBM Immune System
IBM Immune System
 
Information Security Cost Effective Managed Services
Information Security Cost Effective Managed ServicesInformation Security Cost Effective Managed Services
Information Security Cost Effective Managed Services
 
DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013DFlabs corporate profile 01-2013
DFlabs corporate profile 01-2013
 
Introduction to Computer Security
Introduction to Computer SecurityIntroduction to Computer Security
Introduction to Computer Security
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
 
Damballa automated breach defense june 2014
Damballa automated breach defense june 2014Damballa automated breach defense june 2014
Damballa automated breach defense june 2014
 
Outlook emerging security_technology_trends
Outlook emerging security_technology_trendsOutlook emerging security_technology_trends
Outlook emerging security_technology_trends
 

Semelhante a Gainful Information Security 2012 services

Information Security By Design
Information Security By DesignInformation Security By Design
Information Security By DesignNalneesh Gaur
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksMatthew Rosenquist
 
Information Systems Policy
Information Systems PolicyInformation Systems Policy
Information Systems PolicyAli Sadhik Shaik
 
Data Integrity Protection
Data Integrity ProtectionData Integrity Protection
Data Integrity Protectionproitsolutions
 
Ta Security
Ta SecurityTa Security
Ta Securityjothsna
 
TA security
TA securityTA security
TA securitykesavars
 
ISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTINGISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTINGArul Nambi
 
Hacktive Security - IT Security Services
Hacktive Security - IT Security ServicesHacktive Security - IT Security Services
Hacktive Security - IT Security ServicesFrancesco Mormile
 
Hacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesHacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesCarlo Pelliccioni, CISSP
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...Andris Soroka
 
Csirs Trabsport Security September 2011 V 3.6
Csirs Trabsport Security September 2011 V 3.6Csirs Trabsport Security September 2011 V 3.6
Csirs Trabsport Security September 2011 V 3.6David Spinks
 
BCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk BusinessBCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk BusinessGareth Niblett
 
Information Security Intelligence
Information Security IntelligenceInformation Security Intelligence
Information Security Intelligenceguest08b1e6
 
Cyber Threat Management Services
Cyber Threat Management ServicesCyber Threat Management Services
Cyber Threat Management ServicesMarlabs
 
Information risk management
Information risk managementInformation risk management
Information risk managementAkash Saraswat
 
Massbiz Consulting Crede Sed Proba
Massbiz Consulting Crede Sed ProbaMassbiz Consulting Crede Sed Proba
Massbiz Consulting Crede Sed ProbaJames McDonald
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
Presentation crafting your active security management strategy 3 keys and 4...
Presentation crafting your active security management strategy 3 keys and 4...Presentation crafting your active security management strategy 3 keys and 4...
Presentation crafting your active security management strategy 3 keys and 4...xKinAnx
 

Semelhante a Gainful Information Security 2012 services (20)

Information Security By Design
Information Security By DesignInformation Security By Design
Information Security By Design
 
CISSP Summary V1.1
CISSP Summary V1.1CISSP Summary V1.1
CISSP Summary V1.1
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
 
Information Systems Policy
Information Systems PolicyInformation Systems Policy
Information Systems Policy
 
Data Integrity Protection
Data Integrity ProtectionData Integrity Protection
Data Integrity Protection
 
Ta Security
Ta SecurityTa Security
Ta Security
 
TA security
TA securityTA security
TA security
 
ISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTINGISO 27001 - IMPLEMENTATION CONSULTING
ISO 27001 - IMPLEMENTATION CONSULTING
 
Hacktive Security - IT Security Services
Hacktive Security - IT Security ServicesHacktive Security - IT Security Services
Hacktive Security - IT Security Services
 
Hacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking ServicesHacktive Security - Ethical Hacking Services
Hacktive Security - Ethical Hacking Services
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
 
Csirs Trabsport Security September 2011 V 3.6
Csirs Trabsport Security September 2011 V 3.6Csirs Trabsport Security September 2011 V 3.6
Csirs Trabsport Security September 2011 V 3.6
 
BCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk BusinessBCS ITNow 201406 - The Risk Business
BCS ITNow 201406 - The Risk Business
 
Information Security Intelligence
Information Security IntelligenceInformation Security Intelligence
Information Security Intelligence
 
Cyber Threat Management Services
Cyber Threat Management ServicesCyber Threat Management Services
Cyber Threat Management Services
 
Information risk management
Information risk managementInformation risk management
Information risk management
 
Massbiz Consulting Crede Sed Proba
Massbiz Consulting Crede Sed ProbaMassbiz Consulting Crede Sed Proba
Massbiz Consulting Crede Sed Proba
 
VSD Infotech
VSD InfotechVSD Infotech
VSD Infotech
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
 
Presentation crafting your active security management strategy 3 keys and 4...
Presentation crafting your active security management strategy 3 keys and 4...Presentation crafting your active security management strategy 3 keys and 4...
Presentation crafting your active security management strategy 3 keys and 4...
 

Mais de Cade Zvavanjanja

Cade zvavanjanja saigf cybercrime & security online
Cade zvavanjanja saigf cybercrime & security onlineCade zvavanjanja saigf cybercrime & security online
Cade zvavanjanja saigf cybercrime & security onlineCade Zvavanjanja
 
Cade zvavanjanja iot afigf online
Cade zvavanjanja iot afigf onlineCade zvavanjanja iot afigf online
Cade zvavanjanja iot afigf onlineCade Zvavanjanja
 
Cyber Security 2016 Cade Zvavanjanja1
Cyber Security 2016 Cade Zvavanjanja1Cyber Security 2016 Cade Zvavanjanja1
Cyber Security 2016 Cade Zvavanjanja1Cade Zvavanjanja
 
A case for multi-stakeholder cybersecurity by zvavanjanja
A case for multi-stakeholder cybersecurity by zvavanjanjaA case for multi-stakeholder cybersecurity by zvavanjanja
A case for multi-stakeholder cybersecurity by zvavanjanjaCade Zvavanjanja
 
Saigf 15 thematic-paper 7 - A case for multi-stakeholder partnerships for cri...
Saigf 15 thematic-paper 7 - A case for multi-stakeholder partnerships for cri...Saigf 15 thematic-paper 7 - A case for multi-stakeholder partnerships for cri...
Saigf 15 thematic-paper 7 - A case for multi-stakeholder partnerships for cri...Cade Zvavanjanja
 
Cloud computing & service level agreements
Cloud computing & service level agreementsCloud computing & service level agreements
Cloud computing & service level agreementsCade Zvavanjanja
 
Web application attacks using Sql injection and countermasures
Web application attacks using Sql injection and countermasuresWeb application attacks using Sql injection and countermasures
Web application attacks using Sql injection and countermasuresCade Zvavanjanja
 
Introduction to IT Security
Introduction to IT SecurityIntroduction to IT Security
Introduction to IT SecurityCade Zvavanjanja
 

Mais de Cade Zvavanjanja (10)

Cade zvavanjanja saigf cybercrime & security online
Cade zvavanjanja saigf cybercrime & security onlineCade zvavanjanja saigf cybercrime & security online
Cade zvavanjanja saigf cybercrime & security online
 
Cade zvavanjanja iot afigf online
Cade zvavanjanja iot afigf onlineCade zvavanjanja iot afigf online
Cade zvavanjanja iot afigf online
 
comesa cybersecurity
comesa cybersecuritycomesa cybersecurity
comesa cybersecurity
 
Cyber Security 2016 Cade Zvavanjanja1
Cyber Security 2016 Cade Zvavanjanja1Cyber Security 2016 Cade Zvavanjanja1
Cyber Security 2016 Cade Zvavanjanja1
 
A case for multi-stakeholder cybersecurity by zvavanjanja
A case for multi-stakeholder cybersecurity by zvavanjanjaA case for multi-stakeholder cybersecurity by zvavanjanja
A case for multi-stakeholder cybersecurity by zvavanjanja
 
Saigf 15 thematic-paper 7 - A case for multi-stakeholder partnerships for cri...
Saigf 15 thematic-paper 7 - A case for multi-stakeholder partnerships for cri...Saigf 15 thematic-paper 7 - A case for multi-stakeholder partnerships for cri...
Saigf 15 thematic-paper 7 - A case for multi-stakeholder partnerships for cri...
 
Cloud computing & service level agreements
Cloud computing & service level agreementsCloud computing & service level agreements
Cloud computing & service level agreements
 
Web application attacks using Sql injection and countermasures
Web application attacks using Sql injection and countermasuresWeb application attacks using Sql injection and countermasures
Web application attacks using Sql injection and countermasures
 
Introduction to IT Security
Introduction to IT SecurityIntroduction to IT Security
Introduction to IT Security
 
Top online frauds 2010
Top online frauds 2010Top online frauds 2010
Top online frauds 2010
 

Último

A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 

Último (20)

A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 

Gainful Information Security 2012 services

  • 1. Gainful Information Security Solutions Presentation www.gis.co.zw
  • 2. Intro Gainful Information Security is an information security and systems development firm established in Harare, Zimbabwe in 2007 to partner with African private and public sectors for a secure, efficient and cost-effective information lifecycle. We Offer Customised: 2
  • 3. Information Security Business Case An event that A conduit that could could have a Threats Vulnerability be exploited by a detrimental effect threat on an asset An item of Asset value The effect on a business of a Risks risk being realised BUSINESS IMPACT 3
  • 4. How your information is attacked 4
  • 5. What's attacking your Information Viruses Employee Error Rogue Insiders Software Bugs Corporate Spies Script Kiddies Web Defacements Password Network vulnerabilities Crackers Denial of Service “SneakerNet” War Drivers Backdoors Worms Trojans Buffer Overflows “Blended Threats” 5
  • 6. Attack Methodology Threat + Motive + Method + Vulnerability = ATTACK! Good security Security controls can stop Controls & certain attacks Policies Non- Malicious Threats Methods Poor Security and Policies could Tools Let an attack through ASSETS Motives Methods Malicious and and Threats Goals Tools Vulnerabilities Methods and Tools NO security policies or controls could be disastrous Natural Disasters 6
  • 7. 7
  • 8. Are You Secure ???? Information Assets Risky Current Threats + Vulnerabilities = Risks = Position !!!!!! Existing Controls 8
  • 9. We partner with you to mitigate your information risk Through our project based service package of: 9
  • 10. We partner with you to assess your risk through: Penetration Testing Vulnerability Assessment Wireless Penetration Testing Security Test and Evaluation Information System Auditing Web-Based Application testing Procedure-Policy Gap-Analysis Risk Assessment is the first process in the information-centric methodology. We use risk assessment to determine the extent of the potential threat and risk associated with an IT system throughout its SDLC, system development life cycle. The output of this process helps to identify appropriate controls to mitigate or militate risk during the risk mitigation process. 10
  • 11. We partner with you to mitigate your risk through RISK MITIGATION SOLUTIONS Risk Mitigation is the second process of risk management involves Content Security Products prioritizing, evaluating, and implementing the Network Security Products appropriate risk-reducing controls recommended from the risk assessment process. Because the Access Control & Biometrics elimination of all risk is usually impractical or Security Standards Compliance close to impossible, it is the responsibility of Information security governance senior management and functional and business managers to use the least-cost Cyber-Intelligence and Forensics approach and implement the most In-house Training and Awareness appropriate controls to decrease mission risk to Computer Crime Expert Witness an acceptable level, with minimal adverse impact on organizational resources & mission 11
  • 12. What we aim for : Policy You Get a SDl Firewalls Secure Intrusion Detection Event Cost-Effective Audit Management Network Security & Efficient Train Pen Test ing Life-Cycle AC&IM AV 12
  • 13. We provide a comprehensive security package: Vetting / References Business Information Disciplinary Interfaces Security Policies Procedure Build Standards Awareness Training IT/IS/ Threat Modelling Anti-Virus Development Patch Security in SDLC Management Application Vulnerability Assessment Data Storage Testing Penetration Configuration Testing Reviews Access Control Encryption Ecommerce Reviews Site Firewalls Legislative Compliance Intrusion Detection 13
  • 14. The way forward: Holistic Security Program Implementation 14
  • 15. Partner with us to protect your information Contact us on: Add: 4th floor Exploration Hse Cnr 145 R.G Mugabe/5th St Harare , Zimbabwe Tel: +236 733 782 490 +263 773 796 365 +263 -4- 733 117 Eml: info@gis.co.zw cade@gis.co.zw Web: www.gis.co.zw 15