For their importance, these strategic decisions will regulate your organization, and therefore determine the internal abilities that will trigger the necessary conditions to reach a better market positioning.

Nowadays, the need to guarantee the continuity of business, which depend more and more on technology, requires a careful planning of objectives, resources, structures and methodologies.

1. Information Security Master Plan

It allows to ensure the proper protection of the Core Business, maximizing the security level that your business objectives demand. Its development allows to identify the critical processes of the company, evaluating the risk level to which they are being exposed and the vulnerabilities associated to them. Solutions to short medium and long terms are planned according to:

• Identified Risk Levels.
• Available Resources in each stage.
• Business and System Plans.

As a result of the plan development, we obtain a right alignment of the computer security system that your business and objectives demand , at the same time assuring a rational use of your resources.

2. Strategic Advising

CYBSEC S.A. offers all the strategic advising on information security to a management level, providing you with independent comparative reports on tendencies, products and technologies in computer science security. We also offer personal advising and face-to-face interviews with our group of experts to discuss your security solutions.

3. Policies, Rules and Procedures

CYBSEC S.A. will actively collaborate in developing an aligned normative structure with the best international practices in the matter according to the current and future needs of your organization.

Within the methodologic frame of norms ISO 27001 and 17799 we work closely with your organization in the development of:

• Policies, Rules and Procedures of information security.
• Standards of security.
• The Plan to implement policies, rules and procedures completely.

The development of these activities allows to obtain the governing axes for a coherent set of actions in order to protect your computer assets.

4. Adjustment to national and international norms.

CYBSEC S.A. also assures you that the plan that we have developed for you will fulfill the guidelines established by reliable national and international norms, such as ISO 27001, 17799, SOX, Basel II, norms of credit cards, etc.

The efforts and resources used to develop your security system represent assets that will take a greater value when aligned with the mentioned norms. That is why it is important to determined, by means of a GAP Analysis, the effort and the actions that have to be applied by the Organization to fulfill the requirements of the selected norm.

In this component CYBSEC S.A. will assist your company through specialized professional support with the necessary experience to adjust your organization to the international norm previously defined as an objective.

5. Business Continuity Plan

The modern concept of Continuity Plans, has become -in a short time- a key component of the Direction Strategy. This strategy needs to have functionalities that guarantee operation in view of a crisis or events of extreme magnitudes, which might compromise the services provided by your computer infrastructure and the information it holds. In addition, these plans have to allow an ordered and safe return to a normal operation.

The methodology developed by CYBSEC S.A. consists in:

• Identification of the company critical processes.
• Risk analysis of the critical processes.
• Analysis of Business Impact.
• Definition of the service levels in contingency.
• Development of recovering alternatives.
• Development of the plan.
• Implementation of the plan.
• BCP proof.
• Research.

As a result, we obtain a BCP which will help your organization to deal with different events during crisis or extreme events until recovering the normal course of operation.

6. Training Planning and Development

The experts that manage your information security must have a high level of knowledge and must be constantly updated, as the only efficient way of fulfilling the responsibilities they have been given.

In a complex world context with daily technological advances, the proper training of the ones involved in keeping high security effectiveness standards requires continuos and careful planning, resources and the execution of the defined plans.

For the last seven years, CYBSEC S.A. contributed with its experience to the development and planning of Training Plans, in our own company, as well as in other companies.

That is why CYBSEC S.A. offers more than twenty-five courses and seminars specialized in computer security. For additional information please consult the Training Section.

7. Awareness Plans.

Establishing an information security "culture" in every member of an organization is the most efficient way of avoiding different kinds of incidents.

CYBSEC S.A offers developing an awareness plan, with the collaboration of Human Resources areas.

Our methodology allows to define objectives, goals and programs that contemplate the problematic of the organizational culture. This will serve as a basis for the elaboration of courses that, with different levels of complexity, will be dictated to all the personnel of the company.

As a result, the community of your company will be well aware of the extreme importance of Information Security.