Beschreibung
Task:Cyber Security Improvement
In order to improve the security level, our client has set up a Cyber Security Improvement Program.
Activities for cyber security experts
As-is analysis
Fit-for-purpose assessment of the current patch management processes, incl. roles, responsibilities and Service Level Agreements throughout the organization, both internally (Infrastructure- and Business IT) and externally (Client and other service providers)
Gap analysis
Definition of the target security levels regarding patch management and identification of most critical gaps from current to target state, including lessons learned from most recent emergency patching and industry best practices
Implementation
Process adaption, like identification of missing patches, risk-evaluation, prioritisation and timing of patching, testing
Technology adaption, like linking of asset, vulnerability and patch database to identify critical assets, missing patches and thus their vulnerabilities
Requirements (Must have):
Outcome for cyber security experts
As-is analysis
Identification of key stakeholders Overview of patch management process landscape and responsibilities Pain points within the organization
Gap analysis
Lessons learned and best practices for patch management
Identification of gaps in processes and roles
Step-plan of prioritized measures
Implementation
Documented patch process landscape (including roles and responsibilities) and improved SLAs
Up-to date technology and their integration into processes
Environment/Miscellaneous:
Einsatzort: München 80%, 20% remote
Kontaktdaten:
Florentina Ceku
Beginn: asap
Dauer: 30.09.2018
Branche: Industrie