This article can also be found in the Premium Editorial Download "Information Security magazine: Nine tips to guarding your intellectual property."
Download it now to read this article plus other related content.
MANAGED SECURITY SERVICES NEWS
Managed Security Services
When is a vulnerability trivial? When the chance of exploit is next to nothing and/or compromising the vulnerable
Prioritizing threats based on three key factors--the presence of a vulnerability, the likelihood of a successful exploit and, perhaps most important, the value of the asset to the company--is nothing new. Companies apply it in their risk management processes, and many security products, from vulnerability management systems to SIMs, incorporate it.
But companies that use managed security services will be hard-pressed to evaluate threats without help from their providers. That's why Cybertrust's enhanced services, introducing what they call "triangulation" of threats, vulnerabilities and assets, is an important added value to their customers. "This will give us real-time event correlation," says Isabelle Theisen, CSO for First Advantage, a global risk mitigation and business solutions provider. "We will be able to identify security events and anomalies for fraud detection.
"We're a new group trying to build something. If I had to do it myself, I would need a team of 22 people. I have six."
Theisen, who reports to the CEO, is developing a security model from the center out.
"We set the direction, the compliance and risk management work," she says. "We identify security liaisons or champions within the business units. Cybertrust's road map is fully aligned with our strategy," she adds. "They have a holistic approach to manage security issues."
This was first published in May 2007