CyRAACS-logo-black-Orignal

Information Security Assessment for German Data Monetization Company

Problem Statement

Customer pursued CSA STAR certification and a review of the Information Security program to address Investor and customer requirements on information security and cloud security.

Services Delivered

  • Conducted a comprehensive risk assessment, identified risks across organization (Engineering, Facilities, Human Resources, IT Infrastructure etc.) and provided recommendations
  • Reviewed SDLC practices, IT infrastructure setup, regulatory requirements etc. and identified opportunities for improvement.
  • Conducted Business Impact Analysis to identify critical services/products and business operations.
  • Provided CSA STAR Certification Readiness Assessment, identified gaps against Control Areas and provided recommendations.
  • Conducted Vulnerability Assessment and Penetration Testing (VAPT) for IT Infrastructure and Web Applications, identified vulnerabilities and provided recommendations for mitigation.

Value Provided

  • Customer received Silver Certification for CSA STAR
  • Provided the customer A Single Repository for Risks with controls mapping to ISO 27001, CSA STAR, NIST 800-53, COBIT 5.0
  • Identified critical products and services as well as recovery requirements as part of Business Impact Analysis
  • Enhanced Security Posture by identifying security flaws such as authentication, authorization, session management, input validation etc. in applications and infrastructure

Article Written by CyRAACS Team
© COPYRIGHT 2022, ALL RIGHTS RESERVED
crossmenu linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram