Challenge

The Ministry of Interior of the Republic of Lithuania owns a number of information systems, the security of which is regulated by a number of external requirements pertaining to electronic data security, personal data security, organizational and technical cybersecurity measures, incident response requirements and so on.

Mandatory annual security compliance assessment is performed to check whether information systems meet established requirements and their owners applies necessary technical and organizational measures.

Solution

Compliance assessment against external information security requirements and ISO 27001:2013 security controls and a detailed report on technological vulnerabilities.  Report to the management on a general security status, most dangerous vulnerabilities and a list of priority security improvement measures.

Services provided

  • Compliance assessment against external information security requirements and ISO 27001:2013 security controls;
  • External and internal penetration testing;
  • Web application and web service penetration testing;
  • Security audit of network data flow devices;
  • Audit of business continuity/ recovery capabilities;
  • Detailed compliance assessment report;
  • Detailed report on penetration testing result;
  • Report to the management on general security status, most dangerous vulnerabilities and priority security improvement measures;
  • Development of a test to assess the level of electronic information security knowledge and skills;
  • Development of training material on electronic information security.