Thomas Ianuzzi, CPP, CISSP, CFE, CCE

Information Security Consultants, Inc.

It Evolved

DATA LOSS -- U.S.More on $275K SettlementThe Register reports on ChoicePoint's settlement with the Federal Trade Commission. ChoicePoint will pay $275,000 and will get independent assessments of its data security

MD Bank Dumps Identities into TrashReported by: Joce Sterman It's a local bank you trust with your money and your personal information.  But the M&T branch in Rodgers Forge didn't shelter all of some peoples' secrets

Lawsuits over Heartland data breach folded into oneBanks, credit unions want to be compensated for breach-related costs Computerworld - A lawsuit consolidating 16 separate class-action complaints brought by financial institutions against Heartland Payment Systems Inc. has been filed in U.S. District Court for the Southern District of Texas.

Federal Web sites knocked out by cyber attack Jul 7 10:04 PM US/EasternBy LOLITA C. BALDOR

Even if you have a comprehensive security program,

there may be serious gaps.

You can stop haphazard development in its tracks

A proactive approach to security will reduce the risk level you experience.

In addition, it can provide your organization with surprising benefits

Investors love it because it reduces their risk.

A comprehensive security program is a major sales tool. Properly documented and presented, it can set you apart from the crowd and cinch crucial sales.

A strong hiring program results in improved morale for all employees, higher productivity and may prevent you from making the costliest mistake a company can make. Hiring the wrong person.

A strong hiring program results in improved morale for all employees, higher productivity and may prevent you from making the costliest mistake a company can make. Hiring the wrong person.

When your customers understand how well you protect their interests, your reputation soars.

When you manage information technology assets securely and proactively, your equipment costs and your downtime drop dramatically.

When you work to protect your employees both on and off the job,  their loyalty protects your business.

When you are prepared for disaster, you strengthen your community as well as your company and your bottom line

With a pervasive security culture, you will see the benefits on the bottom line. Your superior management capability will attract the best customers, investors and employees. Key people who want to be involved in your success

The first step to great security is to know exactly where you stand.

IT standards ISO or others

Accounting controlsHR practicesBusiness continuityBest practices

Levels of Maturity

More Mature

Less Mature

Non Existent Ad hoc Repeatable

but IntuitiveDefined Process

Managed & MeasurableOptimized

• Logical testing (vulnerability and penetration testing)

• Social engineering

• Testing of disaster recovery plans

Initial training and signoff

Refresher training

Training in protecting and using their laptops and home computers.

• Internal Audit• IT Auditor• CPA Audit• SAS 70

– Tier 1– Tier 2

Contact

Information Security Consultants, Inc.

to thoroughly secure your business.