With the advent of the BoG Cybersecurity framework, both Financial and non-financial institutions are required to fulfill regulatory compliance by getting certified according to the regulatory body which they are under.
For the Banking industry, it means getting certified for PCI DSS, ISO 27001 and complying with the requirements in the BoG Cybersecurity Framework.
The spirit of the ITSAS goes beyond certification. The Assessment compares your Cybersecurity Posture with Available technology on the international market that can score you a better Cybersecurity posture.
As an example, one of the Domains (Cyber defense) in the BoG Cybersecurity framework, requires two-factor-Authentication. For most Audits, the two factor authentication offered by Microsoft will suffice although it works only with Microsoft solutions, other vendors offer two factor authentication that can be used with microsoft, non-microsoft, web and cloud applications, so a more holistic and advance approach to user authentication for the totality of your Apps. Similarly, the same domain requires a Data Loss Prevention solution. Office365 offers DLP for email, but the question is: Is email the only channel through which Data can be breached? The answer is No. There are other channels like Network, endpoint, Cloud, Storage through which data loss is possible, they should also be looked at. So in word, the DLP for email will suffice to "tick the box" for the audit, but is the company fully protected on that control?
The Assessment endeavors to point the customer to all these "holes" that exist in his ecosystem despite successful certifications to reduce his exposure to Cybersecurity.
Essentially, Professional Services involve the usage of a range of different skills to provide support to businesses in the form of advice or performing tertiary (Conception, Design, Implementing of IT Solutions) roles with the aim of helping clients manage, support and grow their businesses, by deploying new and better technology, by re-purposing older infrastructure for newer services and for optimising existing processes.
These services that provide the design and delivery of enterprise digital solutions help to accelerate time to value across the enterprise.
Training involves disbursing information about a subject matter to clients either formally or informally. With all game changing solutions deployed by us, formal training either on premise or at a training centre is provided. We believe in continuing the learning journey for that subject matter by planning and running workshops half yearly to coach our clients by way of transferring of Knowledge and as such, deepen the knowledge acquired and increase the learning experience. In certain cases, enhancement possibilities of the client’s use case can be singled out and discussed extensively. The aim of such exercise is to increase the value of the solution in place.
Small size companies need IT equipment as well as IT support to be able to run their business efficiently, but may not have the capacity to employ an in-house permanent IT Officer. However, once in a while, when they get urgent IT needs, it is of great advantage to have an on-demand IT Officer who knows your environment, resulting in the fast resolution of the problem. With our IT on demand support, you get the following advantages: