Independent. Dynamic. Involved.
nlen

With Traxion’s Security by Design Setup, you test and improve your step-by-step plan for structurally integrating security into new software and IT solutions as well as into existing ones. This ‘security by design governance structure’ can then be included as standard in your internal and external IT projects.

Our Security by design services are aimed at optimally securing your data from the start of a change in your IT environment across the full range of people, processes and technology. Our experience is that this increases the control, flexibility and efficiency over data protection for your organization.

Deliverables

The Security by Design Setup provides a number of company-specific components for your organization, such as:

  • using architecture and IT security principles when selecting designs for new IT solutions in accordance with The Open Group Architecture Framework (TOGAF).
  • overview of necessary governance bodies, with objectives, members/roles, input/output and mandate for each body.
  • business Risk Assessment template for assessing and documenting your risks
  • description of the approval process for projects and changes, and some IT security policies.

Efficiency

Organizations still have an insufficient handle on security, as can be seen from the explosive growth of incidents. In practice, it turns out that 75% of these incidents are caused by design and/or software flaws. At best, innovations are only tested for vulnerabilities after the fact, while it is more efficient to take safety requirements into account from the outset. Research shows that solving diagnostic security findings from the start is cheaper by a factor of 100 than after the fact.

Steps in the process

Traxion’s Security by Design Setup improves your step-by-step plan for the structural integration of security by means of:

  1. checklist interviews with a number of important stakeholders in your organization in order to identify which elements of the step-by-step plan have been fine-tuned and which have not
  2. development of the most important missing elements
  3. fine-tuning and securing of the improved steps.

CISO as a Service (CaaS)
With CaaS, Traxion guarantees you a flexible deployable CISO (Chief Information Security Officer) on the basis of a Service Level Agreement (SLA). The solution for organizations that are too small for a full-time position, have difficulty finding an experienced CISO or have a capacity shortfall. The Traxion CISO is deployable immediately, has access to Traxion’s specialist knowledge, has an educational level of higher vocational education (HBO+) or academic higher education (WO), has more than 10 years of experience and has the seniority to make changes at all levels. In addition, he has more than 10 years of experience and certifications such as CISSP, CISM, CISA, SSCP, PRINCE2, ITIL and TMAP.

Strategic Information Security Guidance
– audits, maturity assessments, risk assessments, Business Risk Assessments (Business Impact Analysis or BIA)
– the establishment, implementation and management of the Information Security Management System (ISMS)
– setting up a governance structure and associated consultation charters and consultation processes and carrying out awareness campaigns.
– advice and RFP support for a specific data protection solution, such as: IAM, PAM, Certificate management, Website Security Management and DLP, IRM and CAS-B and/or security monitoring.

Security Implementation Projects
Fast and trouble-free implementation of complex data protection solutions in the areas of IAM, PAM, IRM, CAS-B, ISMS, GDPR/AVG and Management of Certificates. Traxion has expertise in all phases of the implementation project; in drawing up requirements and wishes, making the choice, (detailed) design, configuration/customization and the handover to management.

Integrated Information Security Management
Implementation of the functional and technical management and if necessary, the master data management for all your operational data protection solutions installed by Traxion or a third party. With a ‘pay what you use’ management contract and a web portal in which you can track Traxion’s management performance as laid down in the service level agreement in real time.

Want to know more? Our Security specialists will be pleased to contact you.