Posted on Thu, Jan 31, 2008
The 2007 ISO 27001 Benchmark Study shows many organizations have gaps in their governance of information security
Fairlawn, OH - January 31, 2008 - New research from Wolcott Group, “The 2007 ISO 27001 Benchmark Study,” shows that many organizations have significant gaps in how they manage information security. While most organizations have mature or developing controls for information security, many still have immature processes for key issues like security policy training, access control, asset management, business continuity, IT compliance auditing, and more.
“One of the most significant findings from the study is that nearly half of the respondents rated their organization’s approach to managing information security as ‘initial’ or ‘non-existent’,” stated Gary Sheehan, CISSP, HISP, managing consultant for information security at Wolcott Group. “Essentially, this study demonstrates the need for organizations to adopt a more holistic approach to managing information security like ISO 27001/27002.”
Highlights of Immature Controls and Processes:
• 57% have immature processes for classifying the value of their information assets
• 56% have immature employee training programs on information security policies and procedures
• 47% have an immature approach to managing information security
• 45% have immature business continuity processes
• 36% have immature IT compliance auditing processes
“The 2007 ISO 27001 Benchmark Study” was based on a 20-question self-assessment survey that explored the major aspects of how organizations govern information security as it is aligned with the ISO 27001 international standard and the ISO 27002 best practice framework. The study had 89 participants from a variety of industries, with 88% being in an IT management role, and 62% from organizations with over 1,000 employees.
Interested parties can visit www.wolcottgroup.com/iso27001study to register to download a complimentary copy of the benchmark study.
A related webinar
On February 27, 2008, Wolcott Group will host a webinar to expand on the study’s findings as well as cover some best practices for managing information security using the ISO 27001/27002 framework. For more information and to register for the webinar, please visit www.wolcottgroup.com/webinars.
The related Online ISO 27001 Self-Assessment is still available
The online ISO 27001 self-assessment that was used to collect the data for the benchmark study is still open for use at https://benchmark.wolcottgroup.com. The self-assessment enables organizations to benchmark their information security practices against the ISO 27001 standard and their peers.
About Wolcott Group
Wolcott Group is one of the top U.S. firms for standards-based, information security training, consulting, and technology solutions. Wolcott Group is a member of the IT Governance Institute, an authorized training center for the Holistic Information Security Practitioner (HISP) certification, and an authorized BSi Management Systems’ Associate Consultant for training and consulting on ISO 27001/27002. Wolcott Group is an IBM Premier Business Partner, a Microsoft Gold Certified Partner, and also partners with other information security technology vendors to help its clients to improve their information security practices. For more information, please visit www.wolcottgroup.com.
Contact:
John Didonato
Wolcott Group
john.didonato@wolcottgroup.com
330-666-5900 x143
Download the ISO 27001 Benchmark Study
Posted on Tue, Aug 07, 2007
Wolcott Group's Initial HISP Certification Course Scheduled for the First Week in October
Fairlawn, OH – August 7, 2007 – Wolcott Group announced today they have become the first firm in Ohio, and only the seventh in the U.S., to be authorized to provide training for the Holistic Information Security Practitioner (HISP) certification. The first HISP certification course to be held by Wolcott Group is scheduled for October 1st through 5th, 2007 in their Fairlawn, Ohio headquarters.
The Holistic Information Security Practitioner (HISP) training and certification program is designed to teach attendees how to more efficiently achieve multiple regulatory objectives for information security and privacy with a unified approach to IT best practice frameworks. Endorsed by British Standards Institute (BSI) Americas, the world’s leading standards and certification organization, the HISP certification course is the only educational curriculum available today that teaches how to integrate ISO 27002/27001 with COBIT, COSO, ITIL, and multiple regulatory requirements pertaining to information security and privacy.
The HISP Certification program is managed by the HISP Institute and the training component was created by Atlanta-based eFortresses, Inc. to address the current shortage of skilled information security and compliance professionals. Taiye Lambo of eFortresses and the HISP Institute extended his congratulations, “On behalf of the HISP Institute, I congratulate Wolcott Group. Being the first to offer this training in Ohio shows their commitment to the industry and their clients. This effectively raises the bar for excellence in their information security offerings.”
For more information on the Holistic Information Security Practitioner (HISP) training and certification program and to register for the October course, please visit www.wolcottgroup.com/training/hisp.
About the HISP Institute
The Holistic Information Security Practitioner (HISP) Institute is an independent organization that promotes a holistic approach to information security program management by delivering specialized training and providing certification opportunities in information security assurance and governance. The HISP Institute focuses on international standards, best practices, and comprehensive frameworks for developing robust and effective information security programs. For more information, please visit www.hispcertification.org.
About Wolcott Group
Wolcott Group is one of the top U.S. firms for standards-based, information security training, consulting, and solutions. Wolcott Group is a member of the IT Governance Institute, sits on the advisory board of the HISP Institute, is one of only seven U.S. firms authorized to provide training for the Holistic Information Security Practitioner (HISP) certification, and is one of only eight U.S. firms in BSi Management Systems’ Associate Consultant program for training and consulting on ISO 27001/27002. For more information on Wolcott Group, please visit www.wolcottgroup.com.
# # #
Contact:
John Didonato
Wolcott Group
john.didonato@wolcottgroup.com
330-666-5900 x143
Get more information on, and register for, the HISP training and certification program.
Posted on Wed, Jul 18, 2007
Organizations are invited to experience first-hand the benefits of an Enterprise Single Sign-On system
Fairlawn, Ohio – July 18, 2007 – Wolcott Group announced today a free trial program for IBM Tivoli Access Manager for Enterprise Single Sign-On. From now until the end of August 2007, organizations in Ohio and surrounding metropolitan areas can sign up to evaluate an IBM Enterprise Single Sign-On system for two weeks on their own premises.
For qualified organizations, Wolcott Group consultants will bring out a system preloaded with the IBM Tivoli software for Enterprise Single Sign-On, install it in the organization's environment, integrate it with a few of their applications, and let the organization try it out with their own users for two weeks.
The offer is limited to organizations in Ohio and in surrounding metropolitan areas such as Pittsburgh, PA, Erie, PA, Lexington, KY, Louisville, KY, Indianapolis, IN, and Detroit, MI.
To sign up for the free trial, visit www.wolcottgroup.com/sso.
About IBM Tivoli Access Manager for Enterprise Single Sign-On
IBM Tivoli Access Manager for Enterprise Single Sign-On consolidates user sign-on to a single, high quality password, standardizing and strengthening access control policies across the enterprise. IBM Tivoli Access Manager for Enterprise Single Sign-on delivers:
• Proven, single sign-on for resources from mobile workstations to publicly accessible kiosks
• Centralized configuration for easy administration and fast time to value
• User self-service to speed password recovery and reduce password help calls by up to 90%
• Cutting edge encryption technology for enhanced protection
• Application access tracking and reporting to improve regulatory compliance and verification
Cut costs, boost productivity, and put an end to password pain, with IBM Tivoli Access Manager for Enterprise Single Sign-On.
About Wolcott Group
Wolcott Group is an IBM Premier Business Partner and a recognized leader in identity management implementations with over 2,000,000 user identities enabled for many large national and international clients. Wolcott Group is also a member of the IT Governance Institute and is one of only eight U.S. firms in BSi Management Systems’ Associate Consultant program for consulting and training on ISO 17799 and ISO 27001. Wolcott Group consultants have CISSP, HISP, and ITIL certifications and are actively involved in industry organizations like ISSA, ASIS, InfraGard and more. Over the last thirteen years, Wolcott Group has helped hundreds of national and international corporations improve how they manage and secure information, reduce risk, govern systems and processes, and comply with governmental and industry regulations. For more information, please visit www.wolcottgroup.com.
# # #
Contact:
John Didonato
Wolcott Group
john.didonato@wolcottgroup.com
330-666-5900 x143
Sign up for the Free, Two-Week, On-Site Trial of an IBM Enterprise Single Sign-On system
Posted on Wed, Jul 11, 2007
Online Survey Provides Participants with Instant Reports for Comparing their Information Security Practices to the ISO 27001 Standard and to their Peers
Fairlawn, Ohio – July 11, 2007 – Wolcott Group announced today a call for participation in the 2007 ISO 27001 Benchmark Survey and Self-Assessment on Information Security Governance. The online survey enables organizations to instantly compare their information security practices to the ISO 27001 standard and to their peers.
“This 20-question survey explores the major aspects of how organizations govern information security as it is aligned with the ISO 27001 international standard and the ISO 17799 best practice framework,” stated Gary Sheehan, CISSP, HISP, managing consultant for information security at Wolcott Group. “In addition to receiving a complimentary copy of the official benchmark report when it becomes available, all participants will have instant access to two reports that compare their security practices to the standard and to their peers.”
The ISO 27001 Benchmark Survey and Self-Assessment is intended for CIOs, CSOs, CISOs, and other IT professionals involved in the management of their organization’s information security practices. To properly benefit from the survey and self-assessment, participants should be fairly knowledgeable about the security practices of their organization.
The ISO 27001 Benchmark Survey and Self-Assessment is open for participation through August 31, 2007.
To participate in the online survey and self-assessment, visit
https://benchmark.wolcottgroup.com.
About Wolcott Group
Wolcott Group is one of only eight U.S. firms in BSi Management Systems’ Associate Consultant program for consulting and training on ISO 17799 and ISO 27001. Wolcott Group is also a member of the IT Governance Institute. Wolcott Group consultants have CISSP, HISP, and ITIL certifications and are actively involved in industry organizations like ISSA, ASIS, InfraGard and more. Wolcott Group is an IBM Premier Business Partner, a Microsoft Gold Certified Partner, and also partners with Altiris, Guardium, Qualys, SPI Dynamics, and others to help its clients to improve their information security practices. Over the last thirteen years, Wolcott Group has helped hundreds of national and international corporations improve how they manage and secure information, reduce risk, govern systems and processes, and comply with governmental and industry regulations. For more information, please visit www.wolcottgroup.com.
# # #
Contact:
John Didonato
Wolcott Group
john.didonato@wolcottgroup.com
330-666-5900 x143
Participate in the ISO 27001 Benchmark Survey to Instantly Compare Your Security Practices Against the Standard and Your Peers
Posted on Tue, Jun 26, 2007
Half-Day Workshop Shows How to Use IT Best Practice Frameworks to Improve Information Security Governance
Fairlawn, Ohio – June 26, 2007 – Wolcott Group announced today an educational workshop scheduled for July 20, 2007 that is focused on how to use IT best practice frameworks to improve the management and governance of information security. The half-day workshop, Using IT Frameworks for Security, is designed to advance the knowledge and skills of information security managers and executives, Chief Security Officers (CSOs), Chief Information Security Officers (CISOs), auditors, and other professionals involved in the governance of information security.
The Using IT Frameworks for Security workshop will provide training on the following topics:
• ISO 17799 framework for information security management
• ISO 27001 auditing standard for information security management
• ISO 20000 best practices framework and standard for IT Services Management (ITSM)
• ITIL (Information Technology Infrastructure Library) best practice framework for IT
• COBIT (Control OBjectives for Information and related Technology) best practice IT framework
• COSO (Committee of Sponsoring Organizations of the Treadway Commission) enterprise risk management framework
• How the frameworks align and support each other
• How to use the frameworks to improve how you govern information security
The instructor for the half-day workshop is Gary Sheehan, CISSP, HISP and is the managing consultant for information security at Wolcott Group. Mr. Sheehan is also the president of the Northern Ohio Members Alliance of InfraGard, the founder of the Information Security Summit, and has presented at Computer Security Institute’s annual conference, InfoSec World, OKIT and many other conferences and seminars on information security.
The cost of the workshop, which includes documentation on how IT frameworks map to security, and provides 3.0 hours of CPE credits, is $279 per attendee.
The half-day workshop is scheduled for 8:00 a.m. to Noon on Friday, July 20, 2007 at Wolcott Group’s offices in Fairlawn, Ohio.
For more information, and to register, visit www.wolcottgroup.com/training.
About Wolcott Group
Wolcott Group is an information technology consulting and integration company that helps organizations secure information, share knowledge, and manage their operations. By specializing in infrastructure, security, email, and IT service management services and solutions for medium to large enterprise IT organizations, and in Enterprise Resource Planning (ERP), accounting systems, and Customer Relationship Management (CRM) solutions for small to medium sized businesses, Wolcott’s goal is to deliver solutions that produce measurable value and fulfill our client’s business vision. For more information, please visit www.wolcottgroup.com.
# # #
Contact:
John Didonato
Wolcott Group
john.didonato@wolcottgroup.com
330-666-5900 x143
Posted on Tue, Apr 17, 2007
ClientSync for Lotus Notes
Posted on Mon, May 15, 2006
Common end-user tasks in Lotus Notes now integrated into SAP business processes
Karlsruhe, Germany – May 15, 2006 – Wolcott Group announced today from the Deutsche Notes User Group’s (DNUG) IBM Lotus Technical Forum 2006 in Karlsruhe, Germany their participation in the development of the recently launched IBM Lotus Notes access for SAP solutions. Wolcott Group also announced new consulting and development services to assist customers in leveraging this new IBM solution.
With a long track record of success with Notes, IBM selected Wolcott Group, an IBM premier business partner, to help gather customer input to shape the requirements and functionality of the new offering. “Wolcott Group was selected by IBM as a development business partner on Lotus Notes access for SAP solutions,” stated Peter Janzen. senior product manager, IBM Workplace Application Development, Lotus Software, IBM Software Group.
IBM Lotus Notes access for SAP solutions is designed to integrate and extend common end-user tasks in Lotus Notes into SAP business processes. Based on IBM and SAP's existing integration tools, available since 1999, this new solution expands this integration into calendaring, time tracking, contact management, report generation, approval workflows and other common business tasks. By making it easier to access the information they need, this enhanced integration with SAP can help increase productivity and lower costs.
“Many of our largest enterprise clients have chosen both Notes and SAP as strategic platforms,” said David Via, vice president and senior industry analyst for Wolcott Group. “There is a lot of value in exposing information housed in the ERP system directly in the collaboration client. In the past, this could only be accomplished through custom development. Lotus Notes access for SAP solutions will enable us to deliver better solutions with reduced effort and investment.”
Beginning immediately, Wolcott Group’s application development service team will engage with customers to help them identify ways that IBM Lotus Notes access for SAP solution can help their organization collaborate more effectively. Specific services that this team will offer include requirements definition, integration, deployment and customization.
About Wolcott Group
Wolcott Group is an information technology consulting and integration company that helps organizations secure information, share knowledge, and manage their operations. We advise our clients on IT strategy, governance, and compliance issues. We also provide operational solutions for the deployment, migration, and upgrading of messaging infrastructure, security management systems, and enterprise business management suites. Our goal is to deliver IT solutions that produce measurable value and fulfill our client’s business vision. For more information, please visit www.wolcottgroup.com.
# # #
Contact:
John Didonato
Wolcott Group
john.didonato@wolcottgroup.com
330-666-5900 x143
Posted on Fri, Feb 17, 2006
Steve Sterka and David Via of Wolcott Group presented "Best Practices in IBM Lotus Notes Client Deployment" at Lotusphere 2006. A copy of their presentation slides is now available for download. More information about this presentation is listed below.
Best Practices in IBM Lotus Notes Client Deployment
• Lotusphere Session Details
• Session ID: BP404
• Session Track(s): Track FOUR: Best Practices
• Speakers: Steve Sterka and David Via
• Company: Wolcott Group
• Session Date: 1/24/2006
• Session Time: 10:00am - 11:00am
• Session Location: SW 5-6
Session Abstract
IBM Lotus Notes and Domino 6.5 and 7 have evolved substantially from previous releases in the area of automation and client management. This session will go into detail on the tools, techniques and strategies you can employ to simplify the Lotus Notes client deployment process, eliminate many end-user issues, and recover valuable administrative / helpdesk time. We'll impart the knowledge we've gleaned upgrading hundreds of thousands of Lotus Notes clients at organizations both large and small to help you avoid the traps. We'll discuss installer tips & tricks, policy-based management, Smart Upgrade, Seamless Mail Upgrade, and other helpful features, with emphasis on recent improvements in Lotus Notes and Domino 6.5 and 7.
Posted on Fri, Jan 20, 2006
Launches New Logo, Graphic Identity, and Web Site to Signify Addition of Strategic IT Consulting Services
FAIRLAWN, OH – January 20, 2006 – Wolcott Group, an information technology (IT) consulting and integration company, today announced the rebranding of Wolcott Systems Group as Wolcott Group to simplify the company’s name and signify the company’s addition of strategic IT consulting services.
“Over the last few months, we have expanded our expertise in IT governance, compliance, value optimization, and remediation to meet growing demand for expertise in these areas,” stated Wolcott Group Chairman and CEO, John Butcher. “We see this trend continuing and launched the revised brand to signify the expanded scope of vision and value that we can provide to our clients.”
According to the IT Governance Institute, a significant majority of business leaders agree that the proper governance of IT is key to their organization’s success. Unfortunately, only slightly more than half of all organizations use governance frameworks to align IT with business objectives and manage risks, and less than 20% are even aware of COBIT (Control Objectives for Information and related Technology), one of the primary IT control and governance frameworks.
“Wolcott Group has assisted a number of clients with their IT governance and compliance efforts,” said Jim Holt, President, Wolcott Group. “We’ve added consultants with expertise and certifications in information security management, information systems auditing, and IT governance to go along with our existing array of remediation solutions. And we are bringing our existing consultants up to speed in these areas also.”
As part of the rebranding efforts, Wolcott Group is introducing a new company logo, graphic identity, and web site. Wolcott Group will begin operating under the new brand name immediately.
About Wolcott Group
Wolcott Group is an information technology consulting and integration company that helps organizations secure information, share knowledge, and manage their operations. We advise our clients on IT strategy, governance, and compliance issues. We also provide operational solutions for the deployment, migration, and upgrading of messaging infrastructure, security management systems, and enterprise business management suites. Our goal is to deliver IT solutions that produce measurable value and fulfill our client’s business vision. For more information, please visit www.wolcottgroup.com.
# # #
Contact
John Didonato
Wolcott Group
john.didonato@wolcottgroup.com
330-666-5900 x143
Posted on Fri, Jan 20, 2006
Company Is Experiencing Increased Demand for Software Products and IT Services
FAIRLAWN, OH – January 20, 2006 – Wolcott Group, an information technology (IT) consulting and integration company, today announced that 2005 was the company’s largest year to date, in terms of billings.
“2005 was a very good year for Wolcott Group,” stated Wolcott Group CFO, Dan Butcher. “Our billings increased 34% last year and have increased 63% over the last two years. We have also added a number of customers to our client roster and increased our staff of consultants.”
Wolcott Group is best known in the email management market for its messaging migration services and email administration software products, Automated Deployment Toolkit (ADT) and ClientSync. Over the last few years, the company has also started to be favorably recognized in the enterprise market for the work of their practices in security management and IT governance, and in the mid-market for their Enterprise Resource Planning (ERP), Customer Relationship Management (CRM), and Business Intelligence (BI) solutions.
“In addition to having a great year, we’re very excited about our future as well,” said Jim Holt, President, Wolcott Group. “The consultants we’ve added in the last year, along with ones we plan to hire this year, will enable us to provide more value to our clients. Couple that with our expanded sales and marketing resources and our prospects for 2006 and beyond are looking very promising.”
About Wolcott Group
Wolcott Group is an information technology consulting and integration company that helps organizations secure information, share knowledge, and manage their operations. We advise our clients on IT strategy, governance, and compliance issues. We also provide operational solutions for the deployment, migration, and upgrading of messaging infrastructure, security management systems, and enterprise business management suites. Our goal is to deliver IT solutions that produce measurable value and fulfill our client’s business vision. For more information, please visit www.wolcottgroup.com.
###
Contact:
John Didonato
Wolcott Group
john.didonato@wolcottgroup.com
330-666-5900 x143