The Guardian360 team is yet again working on three different continents. After an intensive week working and having fun together in the Netherlands, Robert and Martin flew back to their homes abroad.
I myself spent almost a week in Germany at the end of October, working with a number of Dutch information security companies to gain a firmer foothold there. We had a number of meetings in Munich, after which we travelled on to the IT-SA in Nurnberg. It was striking how big the trade fair was compared to the covid-19 period and that German companies are now much more open to cloud services. Our ECSO "Cybersecurity made in Europe" label is really a benefit in Germany. After the fair, we followed up with several dozen promising contacts.
Jeff and I have had the opportunity to present Guardian360 regularly in recent weeks. We are happy that a number of our partners organised client events and that information security received a lot of attention there. We
were also invited to deliver a contribution at SecureMe2's partner event: our presentation was about determining the right information security maturity level for customers. Please refer to the 9-plane model in this newsletter.
This year does not seem to be heading for a quiet Christmas either. Ransomware incidents are on the rise again and more and more organisations are realising that they need to improve their information security.
Good luck with securing customers!
On behalf of the Guardian360 team,
Jan Martijn Broekhof
Managing
Director
The 9-plane model for the
correct information security investments
With information security being discussed in most boardrooms, the question arises: what are we going to do to bring information security to the right level?
Unfortunately, that question is often influenced by manufacturers and vendors offering great products and services, with one feature being more fancy than another. And while there are really good products and solutions on the market, that is not the right starting point to determine what you are going to become 'in control ' of information security. The features do not determine what you need, your risk profile and willingness to invest determine that!
Within Guardian360, we have therefore developed the 9-plane model. The elements people, process and technology that need attention within information security are combined with risk management. By thinking about prevention, mitigation and recovery, you can determine which resources and investments make sense. In
order to become 'in control', it is imperative to consider all aspects. It makes no sense to invest a lot in a curative measure, for example, if you have done nothing about prevention and detection.
The 9-plane model is under a Creative Commons Attribution-ShareAlike 4.0 International licence and may be used commercially. Additions are also allowed, provided they are shared again with Guardian360 and others.
Lighthouse
update
We are currently finalising development and battle field testing of the Scanner Exclusion and Apmon functionality. We're not happy with the delay delivering these features. However, we're confident that the features will be stable and working as intended after deploying the code.
Martin started working on the new Lighthouse design. Not only the dashboard gets an overhaul, the menu structure and all index and crud screens will get a new design. This project covers several months, please look out for this in the partner newsletters to come!
On October 25 the updated version of the ISO27001 standard was published. Just three day later Guardian360 added the standard to the Lighthouse platform. insights in deviations from the ISO27001:2022 can be found in the Lighthouse dashboard as well as via the non-conformities section of our platform.
Instant27001 published an excellent overview with the most relevant changes. E.G. Annex A of ISO 27001:2013 contained 114 controls, divided over 14 chapters. This has been restructured, the 2022 version now contains 93 controls, divided over 4 chapters:
Guardian360 awarded with CO2 Performance Ladder level 3
The CO2 Performance Ladder is an instrument that helps organisations reduce their carbon emissions in the organisation, in
projects and in the business sector. With a certificate on the Ladder, organisations can receive an award advantage for their registration on tenders. The instrument is used as both a CO2 management system as well as a procurement tool.
Organisations that obtain a certificate on the Ladder will experience this as an investment that is immediately returned in terms of low energy costs, material savings and innovations. The Ladder’s main objective is to stimulate organisations to gain insights in their CO2 emissions, and to continuously seek opportunities to cut back these emissions in the organisation and consequently within projects.
We launched G360DAO early in October. We're happy with the response so far; most people we speak to are excited about what we're doing. Some people are confused and don't understand right away what our mission is and how we want to achieve it.
We totally understand this since G360DAO is very new and embraces new forms of governance, challenges ideas about ownership and blockchain is a bit controversial to some people (to say the least).
We have therefore scheduled a free and online community event during the Dutch Blockchain week on November 24. On the same day, Jan Martijn will present G360DAO during the 'How to DAO it 2' event in Utrecht.
Martin published a great read about the story of the G360DAO logo which, besides a lot of other insights, elaborates on the relation between Guardian360 and G360DAO.
Schedule a meeting with one of our Partner Success Managers or Customer Reliability Engineer?
Do you have something you would like to ask us? Getting in touch with one of our Partner Success Managers of Customer Reliability Engineers has never been easier! Simply click the button below and schedule a meeting in their calendar.