Share :
Risks
Synetis’ agile, operational approach enables us to support SMEs and large corporations in defining, implementing and monitoring cybersecurity.
Our approach is pragmatic, provides a 360° view of your security, enables budget optimization by focusing on your major risks, and constitutes a possible starting point for a roadmap.
Risk mapping and analysis
Challenges: Identify sensitive data and processes with regard to their impact, build attack scenarios and assess the company’s risks.
Typical approach :
- Context analysis and analysis framework
- Formalization of methodology and construction of reference frameworks (EBIOS 2010, EBIOS RM, methodology based on ISO 27005, etc.).
- Conducting business and IT interviews
- Formalizing and assessing risks
Integrating safety into projects
Challenges: Build, equip and industrialize the way in which safety issues and risks are taken into account in day-to-day projects.
Typical approach :
- Project lifecycle and process analysis
- ISP process construction
- Designing risk catalogs and safety measures
- Tool construction (Excel or software packages)
- Team training and awareness
Risk remediation and treatment plan
Issues: Identify risk reduction actions and projects in line with issues, risk criticality, priorities and available resources.
Typical approach :
- Study of risk management options (options based on ISO 27005 standard)
- Identification of action plans and safety projects
- Estimation of associated costs, resources and expenses
- Prioritizing projects
- Arbitration and formalization of a continuous safety improvement plan
Support for PSI implementation
Challenges: Support project, IT and security teams in identifying, analyzing and dealing with security risks in the context of their projects.
Typical approach :
- Qualification of new projects and development projects
- Safety needs assessment
- Compliance and safety analysis
- Identification and analysis of application risks
- Formalizing recommendations
