Framework ISM

A rapidly increasing risk is marking the IT networks and environments: the refinement of the attacks along with the increasing exposure required by the service companies among their customers and suppliers, as well as the networks' and environments' own complexity have to be enlisted as the main causes. The conformity requirements towards regulations and standards progressively become more and more rigorous: this is why the Information Security needs a brand new approach, persuasive and proactive.

Necessary protection methods (firewall, antivirus, intrusion detection, access control, etc.) have to be integrated implementing an effective process of IT Risk and Vulnerability Management.

The Informed Security Management (ISM) is the complete Enterprise-class information security framework that puts all this into practice. It has to be considered as the compound of processes and infrastructures adjusted on the Company's own scale in order to make the IT network and environments safer, and, at the same time, to improve the ongoing evaluation and the security policy adopted adherence measurement.

Implementing the ISM framework involves three main stages:

• The perimeter definition, which includes risk analysis, the definition of the acceptable risk level, the guidelines to the devices' configuration, the access to the network resources and the user's Identity Management;
• Implementation of the Vulnerability Management process based on the four traditional cyclical stages: (I) Vulnerability identification; (II) Countermeasure definition; (III) Countermeasure implementation; (IV) Vulnerability neutralization verification;
• Incident management, handled by qualified technicians, allows to solve promptly any event, even unpredicted or unpredictable, which may have an impact on the system's and information's security.

The strategic vision on the vulnerability issue transcends the mere digital assets' defense carried out by deleting every single threat: this target is often hard to accomplish in a company; it involves protection tools, networks, hosts, applications coordination with the management of the corresponding company structure.

The technology used, which is essential in the ISM framework, is efficiently and effectively integrated with the processes and systems already existing in the company. The Emaze solution enables the full measurability of what is being observed during the initial investigation as well as what happens during the execution. This allows and an ongoing possibility of confrontation with the benchmark and the referring policy whether company based, or international standard based.

Results obtained can be evaluate through suitable KSI (Key Security Indicator), following the RoSI (Return of Security Expenses), bringing to a reduction of operating expenses (OPEX).

The ISM 4 main technological components, in order to handle company security issues are:

• Security Assessment;
• Security Configuration management and policy compliance;
• ICT Security risk analysis;
• SIEM (Security Information and Event Management) and Control Room.