Overview
Based on the life process of the risk assessment service, the information security risk assessment service provides the demanders with the main line including business identification, asset identification, threat identification, vulnerability identification, effectiveness analysis of existing security measures and risk analysis, etc., to assess the threats facing assets and the possibility of threats using vulnerability to cause security incidents. Combined with the asset value involved in the security event, the impact on the organization once the security event is triggered is determined. It mainly provides: information system network security risk assessment, information system security assurance capability assessment, information system network security construction planning review, and information system network security reinforcement services.
- Asset identification: Based on the assets provided by the customer, assign values from the asset confidentiality, integrity, availability (CIA three elements), and identify important assets.
- Threat identification: Identify threat types through the environmental factors and human factors of the customer system, assign values to the identified threat types, and identify the degree of threat to assets.
- Vulnerability identification: Vulnerability identification and valuation of customer assets based on technology and management; Technical vulnerability identification mainly includes physical environment, network environment, system software, middleware, application system and so on.
- Security measures assessment: To confirm the effectiveness of the security measures that have been taken in the customer's system.
- Risk analysis: After completing activities such as asset identification, threat identification, vulnerability identification and security measure confirmation, appropriate methods and tools should be adopted to assess the possibility of existing threats using vulnerability to cause security incidents; Synthesize the critical procedures of asset value and vulnerability caused by security incidents, determine the impact of losses caused by security incidents on customer systems, and issue risk assessment reports.
Security hardening is usually based on the evaluation or inspection results such as security risk assessment, isoassurance evaluation, and security check. Security hardening is performed on evaluation objects based on the evaluation results. Security hardening services can help customers improve the system's ability to resist external intrusions and worm attacks, reduce the impact scope, and keep the information system in a stable security state for a long time.
Why ChanghongIT: ChanghongIT is a Hong Kong listed company, stock code 3991, ChanghongIT is positioned in the new era of outstanding digital intelligence integrated service providers, with digital and intelligent core capabilities to empower their own and partner value enhancement; ChanghongIT has obtained AWS Partner programs such as Solutiong Provider, Migrationg Services Competency, and Advanced Tier Services, ChanghongIT increases technology investment, enhances independent innovation, helps customers to "choose a good cloud, a good cloud, and a good cloud", effectively improves customer value, and becomes the best partner for enterprise customers' digital transformation.
Highlights
- Information security risk assessment can help enterprises identify the existing security status of assets such as vulnerabilities, threats and risks. Through information security risk assessment, management decision-making can be assisted, so that enterprise managers from the organizational strategy and business height, enhance the awareness of information security, improve the awareness of security prevention, formulate security rectification plans, eliminate security risks.
- Focus on ensuring the security of infrastructure in various industries; Ensure the coordinated development of cyber security and intelligent construction in various industries; Effectively control the cost of network security construction in various industries; Promote the effective promotion of network security construction in various industries;
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Pricing
Custom pricing options
How can we make this page better?
Legal
Content disclaimer
Support
Vendor support
For paying users to provide 5*8 (Monday to Friday, 9:00-18:00) online service support: service email: awsglobal@changhongit.com Technical support contact information: awsglobal@changhongit.com