Data security and privacy
Cybersecurity is an enabler of digitalization that all industries such as finance, manufacturing, and retail companies and the public sector are currently driving
Organizations are giving cybersecurity increased priority, and discussions by top management teams often converge on the following three challenges:
BearingPoint fights cybercrime with our agile Cyber Resilience Framework that evaluates customers’ ability to anticipate, withstand, recover, adapt to persistent adversaries, and to transform their security posture. The approach must include a unified assessment of the overall security governance framework, data protection mechanisms, efficient incident management, business continuity plans, and crisis management processes.
In the diagram below we present ONE example how our framework works:
Our agile Cyber Resilience Framework must be complemented with deep-dive assessments of the applications’ attack surface generated by internally developed or supply-chain provided software through a comprehensive stack of security controls, which are one of the most used channels for major disruptions.
Organizations spend a lot of time and effort to assess and prepare their compliance effort, which is usually multiplied by a large number of standards and regulations. They are also audited many times on similar activities. As a result, people in security are often living between audits and their preparations, which take a big slice from their resources that might be allocated elsewhere to increase overall business resiliency.
Building synergies between ensuring compliance and implementing security should follow a phased approach:
It’s a great opportunity for experienced security professionals to identify and even redefine common controls required by applicable standards and regulations, optimizing the compliance effort of the organization via a security-compliance optimized process. And all these should still allow security professionals enough time to watch trends, follow innovative concepts, and implement modern and disruptive concepts to secure the organization against unknown and unpredictable threats.
Sergiu Zaharia, Lead of BearingPoint Cyber Security Center of Excellence, Romania