Governance, Risk & Compliance

Joe to send documentation/content on ISO

CommSec take ownership of the successful implementation of all projects and services we deliver. We take great pride in the quality of the work we do and as a services driven business we do everything we can to ensure that IT security projects get delivered on time and within budget.

We fully manage all IT security projects and services we deliver. If you already have IT project management expertise in-house, then we work closely with them to ensure the project is delivered as intended.

We can also provide you with a dedicated IT security project manager to help you implement any significant change in your current IT security infrastructure.

DPO aaS

Achieving and maintaining compliance with industry specific data security standards and general compliance standards like GDPR, can place an additional burden on your business. However, remaining compliant with data protection laws and best practises is essential for any organisation.

CommSec offer a broad range of services which help you achieve security and data protection compliance.

We can work with you no matter where you are on the journey to achieving compliance.

Scenario 1

You may already have achieved some compliance or quality standards and you need to build on that to meet new obligations or meet more sophisticated threats to your business.

Scenario 2

On the other hand, you may have very little in-house knowledge around security and compliance. In that case we can provide you with a fully managed program of building the systems and processes in your business to become compliant with GDPR and other regulations that may affect you, such as PCI DSS.

To become compliant- we need to look at your entire business and how it manages data. IT security is only one part of this process. We look at all the information assets in your business-what security technology and data protection processes if any, you have in place, then perform a standards-based risk evaluation and gap analysis.

The outcome of this risk assessment is that we get a clear picture of where your major risk areas and vulnerabilities are.

Then we can design a solution around business processes and technology, to achieve compliance with security standards and GDPR.

• Data Protection Officer (DPO) as a Service

Our DPO-as-a-Service offering is proving popular with customers who require a Data Protection Officer and where this is not a full-time role. Clients benefit from experienced, objective professionals who are skilled at board-level communication and have a track record of implementing effective Data Protection processes and practices, as well as associated documentation and audits.

Finally, we offer the services of our Data Protection Consultants to provide support to the newly appointed or under-resourced Data Protection Officer in many organisations.

GDPR

CommSec offer a broad range of services in relation to Data Protection. Many of our customers start with a comprehensive Data Protection Impact Assessment, conducted by one of our highly experienced Data Protection Consultants. The written report that follows provides a framework for continuously improving your Data Protection posture, including compliance with the General Data Protection Regulation (GDPR).

We also offer GDPR Training, including classroom and software options. Our classroom training empowers management and assigned Data Champions to communicate effectively and accurately with their teams. Software training solutions ensure that awareness is measured, employees working shifts or remotely are included, improvement metrics are reported on and new hires are not missed.

CISO aaS

Achieving and maintaining compliance with industry specific data security standards and general compliance standards like GDPR, can place an additional burden on your business. However, remaining compliant with data protection laws and best practises is essential for any organisation.

CommSec offer a broad range of services which help you achieve security and data protection compliance. We can work with you no matter where you are on the journey to achieving compliance.

Scenario 1

You may already have achieved some compliance or quality standards and you need to build on that to meet new obligations or meet more sophisticated threats to your business.

Scenario 2

On the other hand, you may have very little in-house knowledge around security and compliance. In that case we can provide you with a fully managed program of building the systems and processes in your business to become compliant with GDPR and other regulations that may affect you, such as PCI DSS.

To become compliant – we need to look at your entire business and how it manages data. IT security is only one part of this process. We look at all the information assets in your business – what security technology and data protection processes if any, you have in place, then perform a standards-based risk evaluation and gap analysis.

The outcome of this risk assessment is that we get a clear picture of where your major risk areas and vulnerabilities are.

Then we can design a solution around business processes and technology, to achieve compliance with security standards and GDPR.

• Chief Information Security Officer (CISO) as a Service

This is a great option for when there isn’t a full-time requirement for a CISO. Our CISO as a Service gives you access to a very experienced CISO on a long-term continuous basis, but at a level of engagement you can afford. The flexibility of the service means you can pay for what you need to meet your requirements at different times.

CommSec offer a broad range of services in relation to Data Protection. Many of our customers start with a comprehensive Data Protection Impact Assessment, conducted by one of our highly experienced Data Protection Consultants. The written report that follows provides a framework for continuously improving your Data Protection posture, including compliance with the General Data Protection Regulation (GDPR).

What is Digital Forensics?

Digital Forensics is a branch of forensic science that focuses on identifying, acquiring, processing, analysing and reporting on data stored on a computer, digital devices or other digital storage media.

What is covered by the CommSec Digital Forensics Service?

CommSec provide a suite of advanced Digital Forensics services, headed up by Colm Gallagher, a Cyber Forensics expert with 30 years experience in An Garda Siochana before establishing the Digital Forensics practice of CommSec. The primary areas we cover are:

• Desktop and Laptop Analysis
• Identification and Securing of Digital Evidence
• Mobile Device Analysis
• Data Recovery
• Breach Analysis
• Incident Investigation
• Cloud Investigation
• Email Analysis
• Internet History Analysis

What are the main business use cases for Digital Forensics?

For most organisations, the use cases for Digital Forensics in business are:

Incident Response and Damage Control: What happened? When, and for how long, did it happen? How exactly did it happen? What is the extent, or limit, of business exposure?

Internal Investigations: Policy violations, intellectual property theft, fraud, sexual harassment. Forensic methods may be the only way to determine the truth. Use of non-forensic methods exposes business to failure in any subsequent proceedings.

Data Recovery: Forensic methods and equipment can be used in order to try recover data in cases where the cause is not physical failure of equipment. Typically used where human error is cause of data loss.

Securing Evidence: Forensic methods may be used in order to properly secure potential evidence where legal proceedings or full investigation are being considered. If an eDiscovery process is anticipated, evidence can be identified and secured forensically for later use in that event.

In All Cases: Get professional advice early! Mistakes made at the beginning of the process can be very costly indeed!

 

Profile: Colm Gallagher, Digital Forensics Director at CommSec

The Digital Forensics practice of CommSec is led by Colm Gallagher.

Colm is a highly experienced, former police detective with a wide range of experience in the security and investigations industry. Before joining CommSec, Colm spent 30 years in An Garda Síochána(the Irish police force) where he held a number of roles as a detective police officer, including Digital Forensic Analyst and Cyber Crime Investigator.

Colm is highly skilled in the following: computer forensics, cyber-crime investigation, prosecution and expert testimony in criminal cases, case management, systems administration, implementation and configuration of endpoint protection and backup/restore systems, Linux and Windows server administration.

Colm also has a strong IT and security education background with a 1^stclass honours master’s degree in forensic computing and cyber-crime investigation from University College Dublin. He also holds a Certified Forensic Computer Examiner certification from IACIS.

What is Digital Forensics?

Digital Forensics is a branch of forensic science that focuses on identifying, acquiring, processing, analysing and reporting on data stored on a computer, digital devices or other digital storage media.

What is covered by the CommSec Digital Forensics Service?

CommSec provide a suite of advanced Digital Forensics services, headed up by Colm Gallagher, a Cyber Forensics expert with 30 years experience in An Garda Siochana before establishing the Digital Forensics practice of CommSec. The primary areas we cover are:

• Desktop and Laptop Analysis
• Identification and Securing of Digital Evidence
• Mobile Device Analysis
• Data Recovery
• Breach Analysis
• Incident Investigation
• Cloud Investigation
• Email Analysis
• Internet History Analysis

What are the main business use cases for Digital Forensics?

For most organisations, the use cases for Digital Forensics in business are:

Incident Response and Damage Control: What happened? When, and for how long, did it happen? How exactly did it happen? What is the extent, or limit, of business exposure?

Internal Investigations: Policy violations, intellectual property theft, fraud, sexual harassment. Forensic methods may be the only way to determine the truth. Use of non-forensic methods exposes business to failure in any subsequent proceedings.

Data Recovery: Forensic methods and equipment can be used in order to try recover data in cases where the cause is not physical failure of equipment. Typically used where human error is cause of data loss.

Securing Evidence: Forensic methods may be used in order to properly secure potential evidence where legal proceedings or full investigation are being considered. If an eDiscovery process is anticipated, evidence can be identified and secured forensically for later use in that event.

In All Cases: Get professional advice early! Mistakes made at the beginning of the process can be very costly indeed!

 

Profile: Colm Gallagher, Digital Forensics Director at CommSec

The Digital Forensics practice of CommSec is led by Colm Gallagher.

Colm is a highly experienced, former police detective with a wide range of experience in the security and investigations industry. Before joining CommSec, Colm spent 30 years in An Garda Síochána(the Irish police force) where he held a number of roles as a detective police officer, including Digital Forensic Analyst and Cyber Crime Investigator.

Colm is highly skilled in the following: computer forensics, cyber-crime investigation, prosecution and expert testimony in criminal cases, case management, systems administration, implementation and configuration of endpoint protection and backup/restore systems, Linux and Windows server administration.

Colm also has a strong IT and security education background with a 1^stclass honours master’s degree in forensic computing and cyber-crime investigation from University College Dublin. He also holds a Certified Forensic Computer Examiner certification from IACIS.

What is Digital Forensics?

Digital Forensics is a branch of forensic science that focuses on identifying, acquiring, processing, analysing and reporting on data stored on a computer, digital devices or other digital storage media.

What is covered by the CommSec Digital Forensics Service?

CommSec provide a suite of advanced Digital Forensics services, headed up by Colm Gallagher, a Cyber Forensics expert with 30 years experience in An Garda Siochana before establishing the Digital Forensics practice of CommSec. The primary areas we cover are:

• Desktop and Laptop Analysis
• Identification and Securing of Digital Evidence
• Mobile Device Analysis
• Data Recovery
• Breach Analysis
• Incident Investigation
• Cloud Investigation
• Email Analysis
• Internet History Analysis

What are the main business use cases for Digital Forensics?

For most organisations, the use cases for Digital Forensics in business are:

Incident Response and Damage Control: What happened? When, and for how long, did it happen? How exactly did it happen? What is the extent, or limit, of business exposure?

Internal Investigations: Policy violations, intellectual property theft, fraud, sexual harassment. Forensic methods may be the only way to determine the truth. Use of non-forensic methods exposes business to failure in any subsequent proceedings.

Data Recovery: Forensic methods and equipment can be used in order to try recover data in cases where the cause is not physical failure of equipment. Typically used where human error is cause of data loss.

Securing Evidence: Forensic methods may be used in order to properly secure potential evidence where legal proceedings or full investigation are being considered. If an eDiscovery process is anticipated, evidence can be identified and secured forensically for later use in that event.

In All Cases: Get professional advice early! Mistakes made at the beginning of the process can be very costly indeed!

 

Profile: Colm Gallagher, Digital Forensics Director at CommSec

The Digital Forensics practice of CommSec is led by Colm Gallagher.

Colm is a highly experienced, former police detective with a wide range of experience in the security and investigations industry. Before joining CommSec, Colm spent 30 years in An Garda Síochána(the Irish police force) where he held a number of roles as a detective police officer, including Digital Forensic Analyst and Cyber Crime Investigator.

Colm is highly skilled in the following: computer forensics, cyber-crime investigation, prosecution and expert testimony in criminal cases, case management, systems administration, implementation and configuration of endpoint protection and backup/restore systems, Linux and Windows server administration.

Colm also has a strong IT and security education background with a 1^stclass honours master’s degree in forensic computing and cyber-crime investigation from University College Dublin. He also holds a Certified Forensic Computer Examiner certification from IACIS.

Cloud Security content here