Cybersecurity and information security
Cybersecurity and information security are two different terms associated with the security of information systems.
Cybersecurity activity consists in the defense / protection of computer systems (not information) such as computers, servers, mobile devices, electronic systems and networks from intentional malicious attacks, violations or incidents and their consequences.
Conversely, information security is to be considered as the ability to protect the integrity, availability and confidentiality requirements of information by preventing unauthorized access or alteration of information during the data retention period or during their transfer.
Availability of data, their integrity and IT confidentiality are the three main characteristics of IT security.
To ensure the correct maintenance of information security, companies have adopted numerous precautionary measures such as network intrusion detection systems, access control policies, password generators etc.
Therefore, taking care of security implies taking into consideration both the above-named terms, defending not only the business systems from possible threats but also those who handle such information and organizing the business processes in the best possible way during all the time necessary for data retention.
To remain constantly consistent with the excellent quality standards that OPIS undertakes to offer and to be increasingly prepared to face the cyber threats of the market, in 2020 the company obtained the Certificate of Cybersecurity Assessment, namely the CyberVadis certification recognized at international level, resulting in Mature ( 912/1000) in the overall score.
CyberVadis is a platform that deals with the management of the entire third-party cybersecurity risk assessment process and is based on a risk assessment methodology compliant with all major international standards (GDPR, NIST, NY DFS, etc).
Obtaining this certification required a verification process regarding the security level of corporate systems that involved the interconnected work of various business units, including the following Departments: Information Communication Technology, Legal and Quality Departments and Human Resources.
This verification took place through an in-depth, targeted, specific and focused method on the aspects of privacy and led to the achievement of an excellent outcome, thanks to the synergistic work of the units involved.
Comments are closed.