Our Approach2018-11-28T04:42:34+00:00

INITIATION.

  • Ensure upper management support
  • Define the mission, vision and goals of the security program
  • Review all current corporate policies, standards and guidelines
  • Conduct an inventory
  • Begin development of comprehensive risk management program
  • Review regulated data controls
  • Review strategic data controls
  • List all third parties that the company is doing business with
  • Assess Threats, Vulnerabilities and Risks
  • Identify existing people and tools that could be brought in to support security
  • Write security objectives
  • Write security charter

INITIAL OPERATING CAPABILITY.

  • Ensure upper management support
  • Lay out an integrated foundation and framework for expanding the program in alignment with strategic business objectives
  • Complete comprehensive risk management program
  • Write corporate security policies, if necessary
  • Implement Security Controls
  • Deploy production sensor capabilities to the initial set of monitoring points
  • Begin development of security standard operating procedures and run books
  • Develop training classes, exercises and seminars for employees, contractors, executives and/or board members
  • Develop ongoing security awareness plan
  • Establish an incident tracking/case management capability
  • Begin sustained detection, analysis, and response operations
  • Develop plan for executive reporting on metrics and security maturity
  • Write Information Security Standards and Guidelines

FULL OPERATING CAPABILITY.

  • Ensure upper management support
  • Solicit feedback from the business units
  • Adjust operations procedures and capabilities, if necessary, given the deltas between the initial vision of security and the operational, resourcing and policy realities
  • Create an Incident Management and Business Continuity Plan (including Disaster Recovery Plan)
  • If necessary, expand to 24×7 operations
  • Deploy monitoring capabilities to an expanded set of monitoring points as appropriate
  • Expand log collection and analytics
  • Optimize system functionality and update documentation

Let Glacier5 take your security program to the next level.

Let’s Talk