The audit expert plays an important role for Cyber Security. In the security cycle, he performs a test function, both technically at the levels of IT infrastructure, basic IT systems and IT applications, and organizationally in the areas of policies, concepts and business processes.
However, a security service provider offers added value above all if the experts from the various disciplines such as audit, consulting or SOC are strongly networked with each other and mutually enrich each other. This creates a pool of knowledge that embodies the real power to successfully confront hackers.
The Fantastic Five
The auditor is not alone at terreActive, but is a member of the fantastic Five:
- The Security Consulting team advises on the conception and implementation of projects with a focus on information security.
- In the Security Monitoring Team, our specialists work on technologies and methods for detecting security incidents.
- The Incident Response Center deals with the practical handling of security incidents as part of the SOC-Service.
- The Operations Control Center ensures the secure operation of IT components for customers.
- The team of Security Auditors examines concepts, systems and applications with regard to information security.
What does each of the five contribute? How are our heroes networked?
The auditor's knowledge of attack tactics and their practical implementation helps the security monitoring team to extend the event packsand verify them. From the perspective of an attacker, the auditor (penetration tester)can provide insight into obfuscation tactics so that they can be taken into account in the design of the event packs.
The analysis of incidents carried out by the Incident Response Center (IRC) in the SOC provides the auditor with information on the effectiveness of multi-level security concepts. These findings in turn influence the recommendations of measures within the framework of an audit.
Likewise, experts from other disciplines gain insight into the practical application of technical security measures and their limitation through the exchange with the Operations Control Center (OCC).
The security consultanttells the auditor more about new technologies and trends in cyber security. When creating concepts, the auditor supports the project manager with a second opinion or risk assessment.
For a penetrationtest or audit,terreActive can count on the knowledge of the certified OCC specialists from the SOC when assessing the integration or configuration of security components.
And what does the customer get out of it?
-
By being familiar with different perspectives, the auditor can describe the impact of vulnerabilities - the risk - at the technical level and assess it at the business level in the right context (bank, SME, school, etc.).
-
In the recommendations for measures, the auditor not only focuses on the individual weak points, but also shows practicable paths to good security practice supported by an exchange of experience.
Summary:
If you are planning a security audit, clarify in advance whether your service provider has cross-disciplinary knowledge, even beyond the audit area. You will definitely benefit from this.
And no, we don't wear masks or capes at work.
We are not allowed.