Geoff Ibbett, Infogov’s Chief Technology Officer said: "Time for information risk professionals - supported by the iGRC programme - to prepare for critical infrastructure dynamic risk operations, essential for enhanced cyber protection.”
(PRWEB UK) 21 December 2011
Focused on the protection of critical national infrastructure from cyber attack, the iGRC capability combines Infogov’s leading Proteus® Enterprise information security management system with network security related sensor technologies via the Consortium’s open governance, risk and compliance inter-operability protocol, GRCiP.
The development team - Geoff Ibbett Chief Technology Officer InfoGov, Chris Wood - Principal Developer Assuria, Mike Lucas - Senior Engineer Nexor, Craig Mason - Chief Architect InfoGov and William Rothwell - Director Abatis demonstrated the iGRC dynamic risk operational capability. Using three internet retail company scenarios, the sales order process was focused on handling customer credit card payments in accordance with PCI DSS 2.0. The company was concerned about (1) disclosure of card payment details via email, (2) unauthorised system access, (3) unauthorised changes to executable files and (4) system access by ex-employees.
Public sector representatives and Information Security professionals from Industry saw how the Proteus iGRC capability provides accurate understanding of the risk profile, whilst providing: dynamic risk management; insurance for high impact low probability risk events; derivation of security intelligence from the ICT estate; linkage of risk operations to management; exploitation of existing sensor information and verification of risk assessments.
Having led Infogov’s development to operational capability, Geoff Ibbett, Chief Technology Officer said: "With the advent of the Consortium's iGRC platform and measures, information risk professionals now have the opportunity - supported by our programme - to prepare for critical infrastructure dynamic risk operations, essential for enhanced cyber protection."
Paul Osborne, Head of iGRC Marketing said “It's great to see this innovative collaborative project making a successful transition from research into real 'state of the art' capability deployable by organisations to help them dynamically manage their information security in real time.”
Please see iGRC sensors for information network sensor and device types involved and iGRC value proposition for the business case. For details of the next Proteus iGRC showcase event, please contact email mike.popham(at)infogov.co.uk or tel +44(0)797 650 4897.
All of these sensor types feed the iGRC management suite that includes utility such as online compliance and gap analysis, business impact analysis, risk assessment, business continuity, incident management, asset management, organization roles, action plans, document repository and document dissemination, all from a risk management perspective.
About the iGRC Consortium
Lead partners, Information Governance Limited are supported by HP Enterprise Services (previously EDS), Assuria and Nexor, and the Universities of Cranfield, Loughborough and London (Birkbeck College).
Contacts for Information
Discovery - client present mode of information risk operations
Martin Bedford, iGRC Chairman - martin.bedford(at)hp(dot)com
Transition - to an iGRC enabled organisation
Andy Kays, Head of Operations, Nexor - Andrew.Kays(at)nexor(dot)com
Improvement - security outcomes through active compliance
Nick Connor, CEO Assuria - nickc(at)assuria(dot)com
Enhancement - security outcomes through dynamic risk
Geoff Ibbett, Infogov Chief Technology Officer - geoff.ibbett(at)infogov.co.uk
Paul Osborne, Head of iGRC Marketing, Security Innovation and Technology Consortium - posborne(at)securityintech(dot)com
Mike Popham, Head of Business Development and iGRC Consortium Project Manager -