Menu Close

    Over the past couple decades, due to immense breakthroughs in technology and our reliance on that technology, Information Security has assumed the top spot when it comes to security functions.  Information Security is the protection of information through mitigation solutions and strategies to prevent unauthorized use, corruption, destruction, theft or any other types of malicious acts from occurring.  While information security has become virtually synonymous with the technological forms of information, it also covers the physical forms of information: personnel records,Information Security - Global Risk Defense Solutions trade secrets, business records, computers, external hard drives, etc.  The physical forms of information can be protected and secured through normal physical security practices such and locking devices, safes, sensors and the likes.  However, technological information requires components such as antivirus software, encryption software, firewalls, passwords and authentication software.

     Information is vital to a business as well as an individual.  When we talk about information security, we are ultimately describing information assurance.  Assurance that the information has not been compromised in any way and also of what has become to be know as the CIA triad: confidentiality, integrity and availability.

  • Confidentiality – The assurance that the information kept is private, will not be made public and will only be disclosed to individuals authorized to view it.
  • Integrity – The assurance that all information is accurate and complete and has not been corrupted, modified or manipulated in any way.
  • Availability – The assurance that the information will be available to authorized personnel whenever it may be required and through whichever medium used.

     While the CIA Triad remains the key concept of, and the basis for the CNSS Model of Information Security, other key concepts have emerged that must be addressed, due to changes in technology and how we currently view the process of Information Security: Privacy, Identification, Authentication, Authorization and Accountability.

    Information Security - Global Risk Defense SolutionsMost organizations will be required to comply with regulations established to ensure the proper handling of sensitive information.  The first step in developing an Information Security Program will be to determine which regulations must be followed to ensure compliance.  Once the proper regulations are identified, the design of the Information Security Program will focus on the protection of information while ensuring to the adherence of the 8 key concepts established in the CNSS Security Model, maintenance and management of the program, vulnerability testing, contingency planning and recovery.  Information Security Programs require constant testing, appropriate and timely upgrades and threat intelligence updates from legitimate and trustworthy cybersecurity organizations.

     Information Security - Global Risk Defense SolutionsWe have the knowledge and experience to develop a professional and effective information security program and information security systems for anyone concerned about their information system security, sensitive information and compliance.  We will work with you and provide expert advise so you can make the correct decision for your organization’s information security requirements.  If you would like more information on how we can assist with your Information Security needs, please visit our CONTACT PAGE for a preliminary discussion and to setup a consultation.

INFORMATION SECURITY
SERVICES AND CAPABILITIES

____________________

Information Security Program and System

  • Design, Engineering, Implementation and Management (SDLC)
  • Program/System Vulnerability and Integrity Analysis
  • Enhancement Assessment
  • Program/System Operational Audit
  • Gap Assessment
  • Metrics Curriculum Development

Information System Security Contingency Planning

  • Business Impact Analysis
  • Incident Response Planning
  • Disaster Recovery Planning
  • Business Continuity Planning

Information Security Regulatory Compliance Assessment

Physical Security System and Component Integration and Integrity Survey

Information Security Program and System Resiliency Planning

Information Security Systems Design and Implementation