The days have passed since threats were designed to propagate and disrupt service resulting in loss of productivity and possibly revenue loss. Today, the intent of malicious attack is to harbor information for the purpose of financial gain either directly or indirectly. At InfoTransec, our security experts can assist your company in developing strategies to minimize the impact of potential threats and reduce or eliminate the severity, frequency or magnitude of the exposure to risk. With the use of the latest technology, toolsets and a well-defined policy, vulnerabilities of your critical business assets can be mitigated.
Entities that cause or contribute to an incident are known as threat actors, and more than one can be involved in any particular incident. Actions performed by them can be malicious or non-malicious, intentional or unintentional, causal or contributory, and stem from a variety of motives (all of which will be discussed in subsequent actor-specific sections). Identifying actors is critical to immediate corrective actions and longer-term defensive strategies.
VERIS specifies three primary categories of threat actors—external, internal, and partner.
- External: External actors originate outside the victim organization and its network of partners. Typically, no trust or privilege is implied for external entities.
- Internal: Internal actors come from within the victim organization. Insiders are trusted and privileged (some more than others).
- Partners: Partners include any third party sharing a business relationship with the victim organization. Some level of trust and privilege is usually implied between business partners.
Our specialist are able to provide a detailed Threat Mitigation assessment, with recommendations to enhance your ability to defend your systems. Key Elements of this may include Network Vulnerability Assessments, Design and Document Risk Management Policies, Penetration Testing and Test Case Development, Monitoring of Assets and Personnel and Crisis Response Policies Development.
- Private and Public Sector Organizations
- Small to Large Enterprises
- Financial Institutions and E-Commerce Providers
- Public and Government Departments including Health Services