With the V-Secure approach, VEM develops an “Adaptive Security” model that helps companies to anticipate, prevent, recognise and manage cyber threats with the aim of implementing the best defensive strategy.
Today, the anticipation of risk is the most effective defence against cyber attacks.
A technical and legal consultancy team, in synergy with the client, analyses and assesses the IT environment, the organisation and processes in terms of Risk Analysis.
The aim is to identify threats and vulnerabilities in order to formulate risk management strategies with the help of Information Security Assessment, Vulnerability Assessment, Penetration Tests, the formalisation of internal processes in place and solutions complying with applicable regulations and national and international standards for business compliance.
The proliferation of mobile devices, the massive use of wireless technologies, the progressive passage from the “workplace” to a “working environment”, free communication and collaboration systems and Consumer Cloud Applications, have altered the perception of the company’s perimeter, turning it into an enlarged concept and with undefined borders.
In this context, protecting the communications infrastructure means discriminating access to resources, enhancing potentially associated risks and offering suitable tools to assess and implement the more recent paradigms of cyber security.
Through partnerships with leading IT security vendors, VEM has developed the skills to offer flexible and modular solutions that are also adaptable to high mobility situations. The use of online integrable technological solutions capable of controlling traffic at the information system’s strategic points and of introducing multiple levels of security, are our best answer for a secure and protected network without borders.
Detection & Response
Breach techniques vary but strategies at the global level often remain unchanged. Therefore, understanding these models of attack, identifying the vulnerabilities present and having them monitored becomes a key part of understanding how to defend your organisation and improve the effectiveness of planning for related investment (in security countermeasures). In this context, VEM makes use of specialised professionals to carry out analysis and ongoing monitoring functions with the aim of detecting anomalies or potential threats before it is too late. The use of scanning and attack tools make it possible to have an overall picture of the active level of security and of the remedial actions to be taken.
IT security is not a product or an activity to be managed on a one-off basis. Rather, it is a well-defined process to be constantly checked and updated.
Any technological countermeasure is ineffective in the absence of clear policies and an efficient management system.
For this reason, VEM has internally integrated the Technology Advisory team which provides consultancy activities focused on IT & Information Security Governance and IT Compliance.
In fact, the team possesses skills that do not only pertain to the technological field but also to legal and organisational areas, with a particular focus on privacy law.
The team’s activities fall into the first of the four cyber security cycle phases which VEM calls Vsecure. This is the phase of prevention, protection, detection and response.
The team, therefore, deals with all the preventive activities designed to correctly address reactive security measures that are typical of detection and response which, within the VEM Group, belong to the subsidiary company Certego.
The Technology Advisory team possesses the expertise and experience necessary to support you in the search of solutions for innovation and increased performance, balancing IT risk with the need to achieve strategic and financial objectives.
The main areas in which the Technology Advisory team provides consultancy and training services are:
• Privacy compliance (Legislative Decree 196/03, EU Regulation 2016/679, Provisions of the Italian Data Protection Authority)
• IT Assessment
• Information Security Assessment
• Cybersecurity Framework
• Policy & Procedure management
• Business Impact Analysis
• Disaster Recovery Plan
• Information Security Management System (ISO 27001)
• Business continuity management systems (ISO 22301)
VEM sistemi's quality management system is ISO 9001:2015 certified - Certificate No. 50 100 12262 Rev. 03 11/01/2018 for the following areas of application: Design, development, implementation, installation, services delivery, support and maintenance of solutions in ICT area for storage, management, monitoring and data transmission. Trading of software and hardware products. .