COMPANY PROFILE REV 4.0



Similar documents
HOSTING. Managed Security Solutions. Managed Security. ECSC Solutions

PAPER-6 PART-1 OF 5 CA A.RAFEQ, FCA

Defensible Strategy To. Cyber Incident Response

Information Security Services

Put into test the security of an environment and qualify its resistance to a certain level of attack.

National Cyber Security Policy -2013

Cyber Security - What Would a Breach Really Mean for your Business?

Cisco Security Optimization Service


Managing business risk

BUSINESS CONTINUITY POLICY

Frontier helps organizations develop and rollout successful information security programs

Protecting your business interests through intelligent IT security services, consultancy and training

ENTERPRISE INFORMATION SECURITY

Security Controls What Works. Southside Virginia Community College: Security Awareness

IT Security. Securing Your Business Investments

INFORMATION SECURITY STRATEGIC PLAN

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Presented by Frederick J. Santarsiere

Executive Cyber Security Training. One Day Training Course

Strategic Plan On-Demand Services April 2, 2015

CONSULTING IMAGE PLACEHOLDER

IBM Internet Security Systems October FISMA Compliance A Holistic Approach to FISMA and Information Security

Business Continuity. Is your Business Prepared for the worse? What is Business Continuity? Why use a Business Continuity Plan?

Guidelines 1 on Information Technology Security

SYMANTEC MANAGED SECURITY SERVICES. Superior information security delivered with exceptional value.

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Preemptive security solutions for healthcare

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Statistical Analysis of Internet Security Threats. Daniel G. James

Information Security Awareness Training

Global Corporate IT Security Risks: 2013

our enterprise security Empowering business

Cyber Security solutions

Issue 1.0. UoG/ILS/IS 001. Information Security and Assurance Policy. Information Security and Compliance Manager

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Application Security in the Software Development Lifecycle

Network Security: Policies and Guidelines for Effective Network Management

SECURITY. Risk & Compliance Services

JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.

Information Security: Business Assurance Guidelines

BUILDING EMPLOYEE LOYALTY AND TRUST: HOW IDENTITY MANAGEMENT AND FRAUD DETECTION SERVICES CAN DELIVER VALUE-ADDED BENEFITS

Information Security & Privacy Solutions Enabling Information Governance

Securing Critical Information Assets: A Business Case for Managed Security Services

Training Catalogue. Ace Service Training Catalogue Ver 7.0. Ace Services

Stepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM

IT Governance: The benefits of an Information Security Management System

5.5. Penetration Tests. Report of the Auditor General of the Ville de Montréal to the City Council and to the Urban Agglomeration Council

Managing IT Security with Penetration Testing

Standard: Information Security Incident Management

IT Security Management 100 Success Secrets

Eliminating Infrastructure Weaknesses with Vulnerability Management

Are your people playing an effective role in your cyber resilience?

Cybercrime Security Risks and Challenges Facing Business

The ICS Approach to Security-Focused IT Solutions

Executive Management of Information Security

Address C-level Cybersecurity issues to enable and secure Digital transformation

Time Is Not On Our Side!

AUTOMATED PENETRATION TESTING PRODUCTS

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Val-EdTM. Valiant Technologies Education & Training Services. 2-day Workshop on Business Continuity & Disaster Recovery Planning

NSW Government Digital Information Security Policy

Business Continuity and Risk Management. Ken Kaberia Principal BCM Officer, Enterprise Risk Safaricom Limited

Cyber security in an organization-transcending way

NNIT Cybersecurity. A new threat landscape requires a new approach

A Detailed Strategy for Managing Corporation Cyber War Security

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

RSA Solution Brief RSA. Encryption and Key Management Suite. RSA Solution Brief

How do you give cybersecurity the highest priority in your organization? Cyber Protection & Resilience Solutions from CGI

Integrating Security into Your Corporate Infrastructure

BSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012

Advanced Threat Protection with Dell SecureWorks Security Services

Information Systems Security Certificate Program

(BDT) BDT/POL/CYB/Circular

Nine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity

A Decision Maker s Guide to Securing an IT Infrastructure

Outsourcing and third party access

Security Solutions Secure your network and minimize the risks

THE EVOLUTION OF INFORMATION SECURITY GOALS

Utica College. Information Security Plan

Business Opportunity Enablement through Information Security Compliance

How To Protect Your Network From Attack From A Network Security Threat

Keeping watch over your best business interests.

Testing the Security of your Applications

Who s trending what? What reputational risk means to companies today and how they are managing it

Compliance Services CONSULTING. Gap Analysis. Internal Audit

Continuous Network Monitoring

Risk Management. Policy

Diligence Management Consultants Company profile. Middle East - Africa - South Asia

Pre Conference Workshops Using AccessData Tools to Solve Computer Forensics Problems, Eric Thompson, AccessData. Free (ISC) 2 Workshop

IT SECURITY EDUCATION AWARENESS TRAINING POLICY OCIO TABLE OF CONTENTS

Simply deliver IT to increase Revenue improve Productivity and cut Cost

I.T. Security Specialists. Cyber Security Solutions and Services. Caretower Corporate Brochure

Course 4202: Fraud Awareness and Cyber Security Workshop (3 days)

EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES

Cyber Security and Information Assurance Controls Prevention and Reaction NOVEMBER 2013

Head of Information & Communications Technology Responsible work team: ICT Security. Key point summary... 2

CyberSecurity Solutions. Delivering

BCP and DR. P K Patel AGM, MoF

Transcription:

COMPANY PROFILE REV 4.0

Company Background and Core Values Secor is a highly innovative company based in Lebanon and Dubai, focusing on the exploding market of the information security in the Middle East and North Africa (MENA). This company is a spin-off of the security division of Computel, a leading Lebanese IT company since 1974. Secor inherited Computel s Network Security and expanded it into Information Security. Since its inception in 2002, Secor was faced with the challenge of expanding beyond the local market by capitalizing on its highly qualified team and his long expertise in the information security field. Few companies in this industry in MENA offer Secor s same full range of comprehensive security services. Secor, being entrusted of the client s highly valuable and classified information, believes that its reputation relies mainly on its commitment to deliver quality of services, and meeting or exceeding the client s expectations while maintaining a solid code of ethics. Secor is also committed towards its community by employing local expertise while preserving international standards requirements. Market Overview The evolution of a new global culture of electronic exchange of the information, and the increasing demand for Internet banking and e-services applications, have posed greater risks on banks, government institutions and companies worldwide. The need for securing organizations information, business processes and technology assets has always been a crucial factor in the implementation of any e-business or e-government solution. The market in the Arab world, in general, is aware of the risks and knows the importance of being secured. In the last few years, companies and governmental institutions have spent heavily on the security infrastructure; however, it turned out to be insufficient to protect them from internal and external threats, such as: Data and Identity Theft, Phishing and Social Engineering attacks, etc Most of the time, the absence of awareness and lack of policies and procedures and internal controls are common vulnerabilities that fraudsters can target. The compliance with IT security and financial standards and regulations, i.e.: BS7799/ ISO 27001, SOX, Basel II, etc, becomes more and more very popular in the region. Hence, the demand for Security Policies and Procedures, Security Awareness, Risk and Vulnerability Assessment, Penetration Testing, Security Audit and Consultancy Services, will definitely be on the rise. 1

Our Vision Secor s vision is to be the recognized leading information security services provider in the Middle East and North Africa, and the driving force in promoting the values of Information, as an important asset, and the vital role it plays in the region s new economy. Our Mission Secor s mission is to capitalize on its long expertise in the information security in MENA region, to bring a peace of mind to people and organizations throughout the Arab world, including banks, governmental institutions, small, medium, and large businesses. This can be achieved by raising the level of security awareness among the different market sectors, and by spreading the culture of Confidentiality, Privacy, and information Integrity and Availability. These are the pillars that Secor uses to build any information security strategy. Secor is committed to providing quality and cost effective information security services and solutions ranging from Security Audit, Developing Policies and Procedures, Risk and Vulnerability Assessment, Penetration Testing, BS7799/ISO 27001 Consultancy, Business Continuity Planning and Training. Team Expertise SECOR has an exceptionally experienced and qualified team. The level of know-how and specialization is extremely high and has been assessed by many international organizations and security consultants. Secor's consultants and security specialists, trained in Europe and the Middle East, have been certified in various subjects and products including the following: CISSP certification from (ISC)2 BS 7799/ ISO 27001 Audit certification from IRCA BS25999 BCM consultancy SCNP certifications from SCP Symantec RSA Security Websense Internet Security Systems (ISS) Microsoft Trend Micro Watchguard Strohl Systems Team Background The strength of Secor's team stems from a combined expertise in information security s technical, operational and management controls. This has produced outstanding results over 2

the past years especially in making people more aware about the threats involved and the importance of being secured. In addition, the leadership and the quick adaptability of our team have resulted in the establishment of broad and flexible goals designed to meet the ever-changing demands of the fast moving marketplace which requires these types of services. This is evident when the team responds to situations requiring new and innovative capabilities. Security Services Security Risk Assessment Risk assessment is a systematic approach for identifying and quantifying the harm related to organizations operations that might occur due to any security breach, taking into account the potential consequences of a loss of confidentiality, integrity and availability. Secor s risk assessment addresses the risks and threats associated to assets, and the countermeasures needed to alleviate them to an acceptable level. IT Security Audit Security Audit is an independent review of internal policies and procedures, network topologies, access controls, hardware, software and utilities that could possibly compromise critical information of an organization, to ensure that appropriate security controls are implemented. Upon defining the audit criteria (ISO 17799, FIPS, customized checklists, etc ), Secor performs a thorough audit of the existing controls, to determine the level of threats that an organization is exposed to, and to provide the proper recommendations. Vulnerability Assessment and Penetration Testing A thorough and regular security assessment for an organization covering corporate systems, network & Internet access is very essential. Penetration testing, being part of the technical audit, locates at a single point of time, the presence of any potential security related vulnerabilities. The examination of each security issue discovered will determine if an actual security risk exists and ensure that the appropriate security improvements will be implemented in order to maintain a good level of security protection. Penetration testing is more like a snapshot in time of the current security of an organization s systems and business processes. Secor s penetration testing utilizes the latest techniques from black to gray-box testing, in addition to a tiger team approach to identify risks and vulnerabilities. A complete detailed report is provided including the countermeasures needed to alleviate the risks and vulnerabilities found. Consultancy Consultancy is a step-by-step set of recommendations of what needs to be done to secure the critical assets of an organization. The information, considered as an important asset, requires suitable protection against various threats. Secor, being specialized in information security, provides organizations with the suitable protection for their information based on their needs. Secor s consultancy will encompass the management, technical and operational controls. 3

Security Policies and Procedures Information security policies are essential and crucial for the operating environment of the organizations. They shape the definition of roles and responsibilities for employees, and sensitize staff to the potential problems associated with modern information systems. They help minimize the cost of security incidents, accelerate the development of new application systems, and assure the consistent implementation of controls across organizations information systems. Procedures are plans, processes or operations that address the details of how to perform a particular action. Security procedures complement and supersede the security policies, they instruct and guide IT staff members on the appropriate execution of tasks in accordance with the security policies using the best practices. Based on security standards, Secor develops customized security policies and procedures for organizations addressing their security needs and requirements. BS7799/ ISO 27001 Consultancy and Audit The BS7799-2/ ISO 27001 standard promotes a systematic and proactive approach to the management of any organization, by building an Information Security Management Systems (ISMS), where risks are anticipated, controlled and monitored. It also promotes the continual improvement of the ISMS and performance through the setting of objectives and the implementation of corrective and preventive actions. In the Middle East, few organizations are BS7799 certified, and very few Information Security companies are capable of delivering such a service. Secor, being a leading company in the Information Security consultancy and services in the Middle East, was among the first to help leading organizations to achieve the BS7799 certification. Business Continuity Management- BS 25999 Business Continuity Management (BCM) is an ongoing process whereby organizations ensure the resiliency, maintenance or recovery of business operations, when confronted with adverse events such as natural disasters, technological failures, human error, or terrorism. In short it is about ensuring that a crisis is managed effectively before it escalates to a disaster and to be able to quickly be back on track to 'business as usual' It involves two distinct areas: Business Continuity Planning (BCP), where a plan is developed, implemented, tested and exercised to ensure that it will perform as anticipated. Disaster Recovery (DR) is the process of getting back to business operations in the shortest delays, based on the BCP. Secor will assist organizations in building and implementing BCM strategies tailored to their business needs in light of BS25999 and Basel II requirements. Security Services & Support Contracts An ongoing review of client security safeguards and procedures will determine compliance with previously set policies and protection against new methods that compromise systems. Information security is a constantly moving target. New methods to break into systems are being discovered every week. Secor recommends an on-going security services and support program. On regular basis, Secor will send to the clients security alerts and updates, monitor their systems for new security holes, and test new hacker methods of penetration and security compromise. Security Training and Awareness Programs The Management, the MIS staff and the end users of a company are the first level of defense against security breaches. They are generally the first to be impacted by security incidents, and their compliance with security policies can make or break a security program. 4

Secor, based on its expertise and knowledge, can provide the following: - Basic and advanced IT security courses for MIS staff. - Management security courses for top executives. - Security awareness campaigns for end users. This complete education program, allows a company to protect itself and to grow securely. 5

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information