In cyber security, EZÚ offers a comprehensive product divided into three levels.
characterised by a purely system approach and is sort of a stepping stone towards the truly thorough cyber security reached in Levels 2 and 3. This level focuses on the implementation and control of the fundamental processes needed to create basic cyber security (risk management, threat and vulnerability management, preparation and implementation of security measures, continuous improvement and internal audits). Once the successful fulfilment of the requirements set out by the regulations is verified, the Essential Certificate of Cybersecurityis awarded. The system approach consists of applicable international standards and legislation of the Czech Republic relating to the following:
- Act No. 181/2014 Coll. (Cyber Security Act) and Decree no. 82/2018 Sb. (Cyber Security Decree)
- ČSN ISO/IEC 27001, Information Technology – Security Technology – Information Security Management Systems – Requirements
- ČSN ISO/IEC 20000 Information Technology – Service Management – Part 1: Service Management System Requirements
Mandatory legislation applicable to public administration:
- Act No. 365/2000 Coll., on Public Administration Information Systems
- Government Resolution no. 624/2001
Characterised by a transition from a purely system approach to an approach that also includes the security of software, networks and repositories, supply chains and security tests. The system approach is extended to ensure greater cyber security. If all requirements are met, the Enhanced Certificate of Cybersecurity is granted.
Builds on the previous level and represents the deepest view of cyber security. This view includes specific security components and looks in more detail at software security and security tests. The focus on hardware and firmware security is a new aspect. This ensures the highest possible level of cyber security. The entire effort is topped off with the acquisition of the Top-Level Certificate of Cybersecurity.
Why choose EZÚ
- Expert auditors with many years of experience.
- Highly professional personnel.
- Comprehensive solutions.
Reasons for certification
- To map the current condition of cyber security and identify suggestions for improvement.
- To ensure cyber security and its continuous improvement.
- To be protected against large financial losses and the damage or destruction of assets.
- To improve and speed up processes (especially in IT services).
- To spend cyber security related costs effectively.
- To secure the individual parts of the IT infrastructure (all the way to the level of firmware and micro processes).
- To secure the supply chain.