Information Security

The Human Touch in Information Security

Why

Over the last 10 years, Information Security (IS) has become a business-enabler, transversal over all IT-powered business functions and roles. That is why it is strategic and every organization must keep engaged in IS awareness and related choices.

IS awareness means the ability to measure, analyze and control continuously the real and virtual environment, where IT represents just a portion, contemplating organizational, behavioral, cultural as well as infrastructural issues, being aware of related risks and allowing an organization to guarantee the right IS measures are in place.

So our mission is to bring our expertise and knowledge in this area because we think that every business consulting offering must be complemented by a coherent IS strategy in order for it to be really effective.  It is impossible to have a functioning enterprise that is not able to monitor and protect its own sources of revenue, its Intellectual Property and the information and know-how embedded in its data, processes and procedures.

This need is reinforced by incoming new European Community Data Protection Regulation, General Data Protection Regulation (GDPR), that will place IS control and postures under a lot of pressure.

How

 

We are at and dedicated to keeping at the state of the art in our professional consulting services, supported by technology and on IS domain. Our team is composed of experts with long experience on large-scale projects and they are constantly researching issues to which solutions must be found either by implementing our own services/products or by identifying integrable ones from third parties.

Furthermore, our integration with MAYS S&O unit gives us a distinct advantage when delivering solutions that will take into account all the business aspects of the organization.

Our “hands-on” approach starts right from the IS requirements identification and the analysis of the actual posture of the customer’s organization, two aspects that far too often just do not match. Following our analysis, we share the outcomes with our client’s dedicated departments and Board, annexed with our proposed intervention plan, normally laid out in phases, that includes the significant metrics needed to evaluate expected advantages and improvements, also as regards required compliance issues. Finally, the approved plan is executed in concert with the client’s organization’s team and the metrics are constantly and periodically monitored and reported.

What

 

Our focus is mainly on design and implementation of management and infrastructural models, that, supported by the right technologies, make a difference in an organization’s ability to handle the continually evolving IS scenario.

In particular, our services and technologies aimed at a continuous monitoring of the transit of communications and data.  This process will supply the knowledge to analyze existing gaps between needs and current posture in the monitoring and protection of data and systems.

We have established partnerships with some of the strongest European companies in IS technologies and services, that allows us to use, in support of our services, state of the art systems for on-field analyses of the security posture of IT-related systems.

Implementing our solutions, with their ability to constantly monitor the organization’s IT environment, will make it possible to detect suspicious and anomalous behaviors of users and systems and allow to promptly activate the correct countermeasures.

Profile reference

Filippo Natoli

Managing Partner

Italy | Rome

He is a manager with solid professional experience of international breadth acquired while covering various roles in a number of business and cultural contexts. He has mostly worked in high-tech, capital intensive companies, both public and private, in the aerospace sector as a manager of important...Read more

Our Solutions

Design and installation of protected network infrastructure, disaster recovery and business continuity

  • This activity requires significant interaction with the Client Organization’s departments to share the needed info about status, goals and constraints.  Normally it develops as a co-working project with multiple interactions with the client's organization departments, on project requirements and developments, using our infrastructure together with other tools to assess ongoing developments.

Training courses, to be held on premises supplied by the Customer, with different levels of expertise, from Malware for Analysts to Awareness for Users and to IS Governance and Management Issues for C-suite/Board.

  • Aside from the catalogue courses, we are able to develop specific training courses as required by the customer.

Consulting on IT systems regarding the application of the new European Community Data Protection Regulation, General Data Protection Regulation (GDPR), Information Security Posture and Compliance on norms and regulations:

  • Consulting is carried out with the support of the internal team and customer’s legal team and a Gap Analysis is produced showing the differences between required GDPR compliance and the current security posture, our proprietary analysis tool will be used;

Consulting on the definition of framework for Information Security Awareness

  • This service aims at creating the right environment for Information Security Awareness in order to let client’s organization able to keep in place an adequate protection regime. 

Support in choosing the right Cyber Insurance policy

  • An important part of Risk Management regards risk-transfer and the most common and safest way is to take out a cyber insurance policy.  Cyber Insurance is a rather new sector and there is a wide variety of policies on the market, so it is fundamental to understand all the conditions and requirements so as to avoid additional risks and waste of money.

Related Insights

Machine Learning

The complexity and quantity of generated data are growing and a new approach, actually it is from the recent past, is needed, Machine Learning (ML), a branch of Artificial Intelligence, delivers tools that can classify vast amounts of data, in order to detect hidden patterns that could shed on past events and help predict their evolution.Read more