|
With the modern IT environment evolving in complexity and interdependency, threats and vulnerabilities are becoming increasingly difficult to address in a way that is both cost effective and visible to those needing assurance. Many organizations have learned that perimeter firewalls, antivirus software, intrusion detection systems, sophisticated patch management and periodic vulnerability scanning programs are not enough to combat exposure to the broad and ever-evolving range of security risks. Very often the extent of the risk to an organization is not recognized or visible to senior management.
We have helped clients develop effective solutions linking process, people and technology so that risks are identified, assessed and managed as part of an operational approach to addressing system vulnerabilities and meeting compliance regulations - including the Payment Card Industry (PCI) Data Security Standard. Our team can assist in the following areas:
-
Defining requirements and supporting the selection of the right technologies
-
Current state assessments of vulnerability management processes
-
Design and optimization of vulnerability management processes and controls that include threat identification, risk assessment, remediation and effective management reporting
-
Implementation of vulnerability management solutions and processes
-
Incident investigation and forensics
-
Penetration testing, networks & applications testing
Deloitte is a Qualified Independent Security Assessor (QISA) approved by Visa Canada as well as a Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV) approved by the PCI Security Standards Council ("PCI SSC"). We have the knowledge and experience to assist you in performing a review of your security policies and procedures concerning payment cardholder information that is processed, transmitted, or stored by your network.
| 
