In June the aircraft parts manufacturer ASCO made headlines when it became the victim of a cyber-attack. It took a full month before all 1000 employees could get back to work. The damage to business amounted to millions of euros. Meanwhile, almost 40 operations at the Jan Yperman Hospital in Ypres planned for the summer were cancelled due to IT problems.
The continuous digital transformation around us is making us increasingly dependent on IT. Moreover, IT regulations can cause additional headaches. So, are you wondering whether your organisation is sufficiently secure? If you are at risk, are you aware of the potential impact of security problems? Do you know where there may be security gaps in your systems? Do you know how to identify them and how your security can be improved quickly? Or confirm that your security is as good as you think it is? Or are you reluctant to have it examined because this could take weeks and thousands of euros? Then you are not alone.
Recommendations
At Devoteam, we now work with the Cyber Security Assessment Tool (CSAT) from QS Solutions to give you a quick and clear insight into the vulnerabilities in your Microsoft environment, on-premises and in the cloud. We use an agentless tool combined with a questionnaire to perform a thorough security analysis and provide you with a report on the security status and recommendations based on CIS 20 v7, with solutions ranked according to priority. All this within a very short time frame – less than a week.
You can combine the report with your risk matrix to quickly see how to eliminate risks. We can also help you build your risk matrix.
As a trusted cyber security and Microsoft partner, we contribute to making the right decisions, implementing solutions in an agile way and guiding you to create your security roadmap.
We selected CSAT because we evaluated seven tools and the CSAT software came out on top. A specialised tool such as CSAT uncovers vulnerabilities that can remain under the radar with other tools. As for QS Solutions, the company is also selective when it comes to its partners.
Clear report
The information in the CSAT report is designed so that a CIO, CISO or DPO can clearly demonstrate to the CEO, CFO and other members of management what the exact security issues are and how they can be resolved. Management often has an incomplete picture of the security level in their organisation and is insufficiently aware of the dangers. You can use the report’s findings to clearly demonstrate the problems, thus making it much easier to work out a budgeted action plan for resolving the issues in order of importance.
Consider the following key questions: What is the danger and potential impact? What are the chances that this will get you in trouble? How much could it cost the company and what is the cost of eliminating risks? With CSAT, our risk management expertise and the hybrid cloud we can answer these questions for you.
Of course, a one-time assessment is not enough. You should continuously monitor the security status of your infrastructure. That is why we offer CSAT as a managed service. It gives you a clear overview of your status, including when changes are made.
Joint responsibility
Contrary to popular belief, companies and governments remain partly responsible for the security of their IT environment. Software manufacturers and cloud providers take care of their area of responsibility. But if, for example, you don’t use a recommended patch or perform updates, your vendor cannot be held responsible for the resulting security risk. The same goes for the cloud. We have transitioned into something called a ‘shared responsibility model’.
Microsoft is focusing a lot of attention on security and is increasingly becoming a security vendor. However, if you don’t use the tools or services to bridge security gaps, or if you don’t install security patches on your operating system, then that is your responsibility, not that of the vendor. Sometimes, in an effort to quickly move forward and keep ahead of the competition, security is neglected. Nevertheless, it is essential that security is an integral part of everything your IT department does for your organisation.
Partnerships
At Devoteam, my team and I work closely with our colleagues from Devoteam Management Consulting, Cyber Security, Digital Workplace, Open Source and DevOps practices because we believe this is the best way to fill the security gaps you face as a customer.
With our strong partnerships with Microsoft, CyberArk, ForgeRock and Red Hat, we can cover almost all your infrastructure needs. We are not there to sell products but to create relationships that ensure that you, as a client, trust us to help you evolve in this digital revolution.
