Why being concerned with information safety?
“Many Czech companies still do not accept cyber attacks as a serious threat and do not think about adequate security measures. However, malware campaigns will not avoid any country and constitute threat also for small companies …” (press release).
According to the recent global survey conducted by Check Point in organisations of average size:
- Every 24 seconds infected web pages is being visited by a PC user.
- Every 34 seconds unknown harmful software has been downloaded.
- Every 1 minute a “bot” (“zombie PC”) communicates with the control centre.
- Every 5 minutes an application constituting high risk is being used (P2P applications, storing data in cloud etc.).
- Every 6 minutes known harmful virus has been downloaded.
- Every 36 minutes sensitive data are being sent from an organisation.
The information is one of the most valuable assets of any company. Having correct information in time means competitive advantage. The information must be protected against misuse, both from exterior and interior of the organisation.
Comprehensive security solution means:
- Resistance against cyber attacks.
- Setting and assuring optimum security.
- Measuring and increasing general level of security.
- Having circulation and availability of information under control.
- Guaranteed efficiency of spent resources.
- Security which does not constitute inconvenience.
Emphasis on customer needs
We will help you in addressing specific areas of security or building up the entire information safety management system (ISMS) as defined in ČSN ISO(IEC 27001.
The information security includes much more than the cybersecurity which is a frequent topic of discussions today. The comprehensive information security design includes wide variety of inter-connected steps which successful implementation requires cooperation of experts in various branches, implementation of appropriate ICT tools and reliable information security technologies.
- PKB – Cybersecurity assessment
- Preparation of the ISVS validation system
- Implementation of information security management systems (ISMS)
- Planning continuity
- assessment of the current level of cybersecurity (comparison with requirements of Act No. 181/2014 Coll., on Cyber Security, and regulations on cyber security),
- identification of possible weak points of the solution,
- proposed removal of the discovered shortcomings
- entry security audit (analysis),
- audit of compliance with requirements of standard ČSN ISO/IEC 27001,
- audit of performance of legal requirements (101/2000, 365/2000, 412/2005),
- penetration tests
- risk analysis (own methodology using the supporting RISKAN tool),
- Business Impact Analysis (BIA) for the creation of so-called continuity plans,
- IS/ICT analysis (clear analysis of the information system management and security)
- security projects (proposal of security measures to reduce/eliminate risks discovered in the risk analysis),
- implementation projects of security technologies
- information security policy (for the whole organization, organizational part),
- system security policy (for the specific information system, application)
- preparation and support of long-term management attestation
- preparation and implementation of an information security management system (ISMS) in compliance with standard ČSN ISO/IEC 27001
- realization of measures designed in the security project,
- implementation of security technologies (SW, HW, monitoring systems, camera systems)
- security directive for different roles in the information system (user, admin, security admin),
- security documentation of the information security management system (ISMS)
- security documentation of the information system of public administration (ISVS)
- procedures for solving emergencies (outages) of the system operation,
- emergency procedures,
- procedures for returning into normal operation,
- transfer of continuity (emergency) plans into the crisis management tool
- information security training,
- training for users/admins of delivered security technologies
Information security technologies and products
We supply the technologies guaranteeing optimum price/value ratio.
We offer wide range of well-tested solutions, technologies and products for comprehensive protection of your data, whether stored in the system or ‟on the way“. We implement the same solutions and technologies for protection of information in the information systems developed by us.
Which private and public entities have already implemented our solutions?
We have been dealing with the information security challenges more than 20 years.
We have implemented many solutions of different sizes in many sectors, including public administration, finances, education, R&D and more.
- Czech National Bank
- Stock exchange, Prague
- Czech Post
- Slovak National Bank
- Ministry of Culture of the Czech Republic
- Ministry of Agriculture of the Czech Republic
- Centre for Educational Evaluation – CERMAT
- State Material Reserves Administration
- Faculty Hospital, Hradec Králové
- Tomáš Baťa University, Zlín
- AHOLD Czech Republic, a.s.
- ČEPRO, a.s.