Ransomware Cyber Attack. The real Disaster Recovery Scenario

Cyber-ransomware criminals need to make sure that you cannot simply recover your encrypted data via your backups. They must make it look like paying is your only option. And if you do not have a strategy that takes this into account, unfortunately, you may be up the creek without a paddle. because how do they make their case? Bylooking for ways to infect your backups, way before you find out you have been compromised. 

That means your standard disaster recovery scenarios provide insufficient protection against this type of event. You need to think beyond DRP and give consideration to what John Beattie and Michael Shandrowski call "Cyber Incident Recovery Risk management" (CIR-RM).  

The challenge of corporate security management

  • Buy Link or Shortcode: {j2store}41|cart{/j2store}
  • Related Products: {j2store}41|crosssells{/j2store}
  • member rating overall impact (scale of 10): N/A
  • member rating average dollars saved: N/A
  • member rating average days saved: N/A
  • Parent Category Name: Security and Risk
  • Parent Category Link: /security-and-risk

Corporate security management is a vital aspect in every modern business, regardless of business area or size. At Tymans Group we offer expert security management consulting to help your business set up proper protocols and security programs. More elaborate information about our security management consulting services and solutions can be found below.

Corporate security management components

You may be experiencing one or more of the following:

  • The risk goals should support business goals. Your business cannot operate without security, and security is there to conduct business safely. 
  • Security governance supports security strategy and security management. These three components form a protective arch around your business. 
  • Governance and management are like the legislative branch and the executive branch. Governance tells people what to do, and management's job is to verify that they do it.

Our advice with regards to corporate security management

Insight

To have a successful information security strategy, take these three factors into account:

  • Holistic: your view must include people, processes, and technology.
  • Risk awareness: Base your strategy on the actual risk profile of your company and then add the appropriate best practices.
  • Business-aligned: When your strategic security plan demonstrates alignment with the business goals and supports it, embedding will be much more straightforward.

Impact and results of our corporate security management approach

  • The approach of our security management consulting company helps to provide a starting point for realistic governance and realistic corporate security management.
  • We help you by implementing security governance and managing it, taking into account your company's priorities, and keeping costs to a minimum.

The roadmap

Besides the small introduction, subscribers and consulting clients within the corporate security management domain have access to:

Get up to speed

Read up on why you should build your customized corporate information security governance and management system. Review our methodology and understand the four ways we can support you.

Align your security objectives with your business goals

Determine the company's risk tolerance.

  • Implement a Security Governance and Management Program – Phase 1: Align Business Goals With Security Objectives (ppt)
  • Information Security Governance and Management Business Case (ppt)
  • Information Security Steering Committee Charter (doc)
  • Information Security Steering Committee RACI Chart (doc)
  • Security Risk Register Tool (xls)

Build a practical governance framework for your company

Our best-of-breed security framework makes you perform a gap analysis between where you are and where you want to be (your target state). Once you know that, you can define your goals and duties.

  • Implement a Security Governance and Management Program – Phase 2: Develop an Effective Governance Framework (ppt)
  • Information Security Charter (doc)
  • Security Governance Organizational Structure Template (doc)
  • Security Policy Hierarchy Diagram (ppt)
  • Security Governance Model Facilitation Questions (ppt)
  • Information Security Policy Charter Template (doc)
  • Information Security Governance Model Tool (Visio)
  • Pdf icon 20x20
  • Information Security Governance Model Tool (PDF)

Now that you have built it, manage your governance framework.

There are several essential management activities that we as a security management consulting company suggest you employ.

  • Implement a Security Governance and Management Program – Phase 3: Manage Your Governance Framework (ppt)
  • Security Metrics Assessment Tool (xls)
  • Information Security Service Catalog (xls)
  • Policy Exception Tracker (xls)
  • Information Security Policy Exception Request Form (doc)
  • Security Policy Exception Approval Workflow (Visio)
  • Security Policy Exception Approval Workflow (PDF)
  • Business Goal Metrics Tracking Tool (xls)

Book an online appointment for more advice

We are happy to tell you more about our corporate security management solutions and help you set up fitting security objectives. As a security management consulting firm we offer solutions and advice, based on our own extensive experience, which are practical and people-orientated. Discover our services, which include data security management and incident management and book an online appointment with CEO Gert Taeymans to discuss any issues you may be facing regarding risk management or IT governance.