Skip to content

Dated: 11-11-2024

Ch01. what is the Solution for Improvement of Information Security in Pakistan

  • Generally, Pakistan Information Security is one generation behind IT deployment

  • Four-layer security transformation model provides the correct sequence and focus in order to address organizational security gaps

  • Security Hardening; Security controls on IT assets & process

  • Vulnerability Management; patching
  • Security Engineering; More complex security design & solutions
  • Security Governance; Managing the information security program

Solution for Strong Security Posture

  • Management commitment (Board)
  • 4 layer transformation model as security program
  • Allocation of resources
  • Periodic reviews for assessing progress

Don't Repeat the Same Mistakes

  • Too much governance without the underlying security hardening
  • Reactive rather than intrinsic
  • Lack of resources (10% of what allocated for IT)
  • Management interest