Both locally and globally information security breaches took centre stage in 2013 and the trend seems set to continue based on what we have already seen happen in the early days of 2014. The statistics, the incidents and the attacks are all there to remind us that security breaches are a very real problem from which no-one – from multinationals and government agencies to small companies serving local communities – seems to be immune.
Wards Solutions has been quietly specialising in this area for many years. With a long history of being the trusted information security partner for some of Ireland’s leading companies the team at Ward has built up an impressive degree of expertise and insight into the minefield of information security.
Pat Larkin and Paul Hogan are the founders of Ward Solutions – it’s their pragmatic, systematic and human attitude to information security that makes Ward stand out from the crowd. There are three underlying principles that govern the company’s approach to helping their clients devise and implement practical strategies to protect their organisations and customers.
1. It’s not a flash in the pan
Annual audits, actual incidents or compliance reviews are often factors that bring information security onto the agenda of the executive team and understandably so. But it is this ad-hoc or annual approach that often leaves companies most vulnerable and open to potential incidents. In today’s business world information security needs to be at the forefront of every executive’s mind and systematic in everything that gets done – whether it’s marketing, running a promotion, your finance team altering billing processes or the IT department rolling out mobile devices to their sales force or executive teams.
“What we find in most businesses we work with is that security comes on to their agenda once or twice a year – yet changes to their processes, applications and systems happen on an ongoing basis and new threats arise daily leaving them unintentionally exposed,” according to Larkin. “Every time a company makes a change to a process or application they need to factor into the equation the question of security. Even in a static environment they need to constantly reassess the external risks they face, the vulnerabilities they have and the impact of those risks occurring in their business.”
2. It’s inside and out
Most of the news stories we hear about relate to security incidents that are a result of organised malicious attacks from external sources. The possibility of an external security breach, within any business today, is very real and as a result many companies are actively starting to raise the bar on their information security strategies. While this is commendable, it is equally as important that organisations strike a balance between protecting against malicious threats and the un-intentional internal security breaches. Often companies emphasise their focus on outsiders getting in and forget to look internally at weaknesses in their processes, procedures and systems that also make them vulnerable.
“Hackers, cybercrime and malware are huge threats today and we must do all we can to protect ourselves and our customers if an incident occurs – this is fundamental,” said Ward co-founder, Larkin. “However, equally as important is turning an eye inwards and looking at where the business is exposed to risk through poor practices and processes or through the actions of a rogue insider. The internal loss of a customer database business due to system or information security failure may not always hit the headlines but remains a very serious and damaging security information incident for any organisation.”
3. People plan attacks
Much of today’s externally driven security attacks are executed by highly sophisticated and intelligent technologies. However, it pays to remember that behind the technology there are always people or teams of people totally focused on trying to find weak spots through which to penetrate, normally for very damaging purposes. At Ward, the risk assessments and security testing we carry out combines brains and technology.
We use the industries very best information security solutions in combination with a team of highly-skilled security consultants. Our consultants approach each project from the viewpoint of a professional criminal, internal or external hacker or inadvertent staff member, bringing a degree of rigour and a 360-degree view to the assessment process that only comes with experience, expertise and the human touch.
“Over the years we have built up a team of really smart, savvy and technically astute security consultants. The combination of great talent and technology is without doubt our secret sauce” commented Larkin.
Ward Solutions have been in the business of information security for over 15 years. The company has a team of over 60 security professionals working with over 250 clients in Ireland.
For more information contact Pat Larkin on (01) 642 0100
-
Insights