Quality assurance belongs to every industrial enterprise as standard. At many companies the aim is "99.99%". This means that only one in 10,000 products is allowed to demonstrate a fault. Quality is checked permanently by way of fixed, defined processes.
"Security level - State of the Art, "Budget - How much should it be allowed to cost?", "Status meetings - 1x a quarter".... How is your company organized? What percentage of the overall IT security budget do companies invest in quality assurance for IT security?
Many companies have not enough visibility in IT security. They have no idea what the current level of protection is on their systems, because the quality of their IT security is not checked with an instrument for Security Level Management.
Quality assurance in IT Security requires clarity concerning the actual status of all the IT systems in place, and the continual comparison of the actual status against a previously defined target status. Only when all the weak spots in the network are identified immediately is it possible to initiate measures to close the gaps.
AMPEG Security Lighthouse represents the binding link between management and IT operations. It places the security teams in a position to secure the quality of IT security. As a cross-application instrument, AMPEG Security Lighthouse captures the data from all security-relevant systems, compares it with the target values defined by the security officer and publishes the results in purposeful analyses (e.g. Analysed Security Areas). IT operations can access the current status of the security level across the whole corporate network, giving it the chance to act at a much earlier point in time.
The quicker and the more precisely deviations are identified, the quicker and the more precisely security officers can introduce measures for improvement. The risk will be minimised permanently. The result: the attack surface will be reduced.
34 percent place their trust in systems that function automatically - They believe that "basically, network security is not in danger, even though no explicit control of whether an update took place successfully or not is performed."
Results of a survey by AMPEG of 200 chief security officers at major German companies.
"One of the biggest mistakes security officers make is to blindly trust the success messages given out by their systems."
Raimund Genes †, former CTO Anti Malware at TREND MICRO