As organizations mature in security adherence and requirements, there is a gradual shift from focus on security through technology to securing the entire ecosystem. The principle behind this is the idea that ‘the weakest link in the chain determines the strength of the entire chain’. Ashish Dutta, Chief Security Officer at Tait Communications, discusses what goes into delivering robust Information Security solutions to mission critical organizations.
Cyber security attacks are now real, present, and increasing in both their frequency and sophistication. While it is sometimes suggested that critical industries cannot risk interrupting operations to retrofit appropriate security measures, governments are now determined to impose regulatory controls in order to protect national critical infrastructure.
This is an excerpt from an article featured in Connection Magazine issue 11 – download the magazine for the full article
Ashish Dutta, who has been with Tait since 2012
To shed some light on the complex topic of information security, Ashish answers some fundamental questions on his area of expertise:
Information security measures keep data and information safe and protected from any intentional or unintentional breaches. In order to meet this core requirement you need to secure the entire ecosystems that support client operations – people, processes, products and suppliers.
“Tait provides systems and services in the critical communications domain, external certification provides our customer confidence that we will ensure confidentiality, integrity, and availability of their information across all domains – people, processes, locations, suppliers, and systems.”
Finally, there is an increased focus on protecting personal information, so organizations that hold such information about customers and suppliers are legally obliged to keep it protected from unauthorized access or transfer.
ISO27001 is a comprehensive information security management system (ISMS) and one of the most widely accepted Information Security Standards in the world. ISO27001 provides a great model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving ISMS to ensure ‘sustained compliance’.
It provides a ‘risk based’ management system to help minimize possible harm to organizations by deliberate or accidental activities or events. This works well for Tait since we work with customers in different domains and can apply this standard regardless of industry or the tools being used.
ISO27001 gives our customers independent verification that we have security systems in place and that they are functioning. It is becoming more common for “ISO27001 certification or equivalent” to be a standard requirement for suppliers.
As a ISO27001 certified Service Partner, Tait follows a strict cyber security compliance regime across our Service offers in the market.
All Tait Service agreements carry a basic Security Advisory Service in which security advisories and suggested workarounds are provided to all customers. More advanced agreements provide a personalized approach to each customer, where the following services are provided:
Tait Security Services work along all phases of the typical customer lifecycle, and work alongside Tait Product Development, Sales and Services to ensure customer security expectations are well understood, designed to meet the offered solution, and adhered to in all support phases.
The Tait Security Team supports various activities both internally to Tait and with customer specific requirements:
Of course, we could not offer a reliable Information Security service to customers without complying with best practices in our internal processes. This is why the entire Tait organization plays a part in ensuring there are no weak links in the chain.
“At Tait, we’ve always had a strong security culture, with a high degree of awareness among our people and commercial partners,” Ashish says. “We aim to continue this, and ensure we gain and retain all appropriate accreditations and that good security practices remain integral to our way of working in our offices, systems and products.”
And if you like our articles, subscribe to Connection to be the first to know when new issues are released!