The threat landscape of the information security industry is constantly evolving and organisation’s security requirements change accordingly. The high profile nature of threats to information security can often lead to them being misinterpreted and blown out of proportion, especially when the media become involved.
This is part of the essential role Portcullis plays for our clients, as we have access to the knowledge and resources which give us an accurate picture of the field’s current threat landscape. Using this expertise Portcullis can be trusted to review, revise and update our client’s internal approaches in accordance with the nature of threats actually facing the business. Once an accurate picture has been formed, Portcullis can provide the support to help support to help secure our client’s organisation against real-world threats.
The Portcullis model for conducting strategic reviews has been developed using the experience we have gained in our 20 years at the forefront of the industry. These projects can be distilled into four discrete areas, which can be delivered as individual tasks or as an ongoing cycle of work:
- Working with our client’s to set viable information security objectives
- Monitoring the success with which those objectives are being met
- Developing a programme of works to meet those objectives
- Providing support to successfully implement the agreed-upon programme of works
The initial two steps of this methodology define how effective the final steps will be and the overall value the project will deliver. Improvements cannot be delivered if the solutions offered do not address genuine gaps in an organisation’s security approach and capabilities.