Empowering Continuous Services at Risk & Security Department
At Samlink, our Risk & Security Department stands as a bulwark against threats, championing two primary objectives: identifying and handling risks in the services we provide to our valued clients and minimizing risks to Samlink and our parent company Kyndryl.
Reducing risk isn’t just about reacting; it’s about staying ahead of the curve. To achieve this, our team diligently gathers threat intelligence, monitors global events, analyzing the potential impact on our clients and Samlink. We’re not just reactive; we’re forward-thinking. We constantly assess how Samlink should evolve to meet emerging needs and risks, especially in anticipation of upcoming legislation like DORA and NIS2.
AI assisting in data analysis
In the realm of risk and security, identifying evolving threats is crucial. We proactively adapt our protective measures to safeguard our services. This demands the ability to swiftly detect and respond to incidents, almost in real-time, preferably automated, and backed by the prowess of artificial intelligence. AI not only expedites data analysis but also fortifies our ability to counter threats. For instance, our Samlink Security Operations Center (SOC) leverages AI to meticulously scrutinize billions of log events monthly. This enables us to discern patterns, indicators of potential attacks, or shifts in behavior, thereby thwarting both internal and external threats.
– As the guardians of Samlink’s resilience, our Risk & Security Department stands committed to an unyielding pursuit: safeguarding our clients’ trust and our organization’s integrity. We, together with our colleagues in Samlink, embrace a proactive stance, employing cutting-edge technology and unwavering vigilance to anticipate, detect, and neutralize threats. Our relentless dedication underscores our commitment to ensuring uninterrupted services and fortifying the shield that protects both our clients and Samlink from evolving risks, cyber or physical, says Thomas Keisu, CISO & DPO of Samlink.
We, together with our colleagues in Samlink, embrace a proactive stance, employing cutting-edge technology and unwavering vigilance to anticipate, detect, and neutralize threats.
Security comprises the synergy of technology, processes, and teamwork
Central to our endeavors is the management system meticulously constructed by our department. This system encompasses strategic, tactical, and operational components, including vision, principles, standards, methodologies, and playbooks for diverse security incidents. Our management system adeptly covers Information Security/Physical Security, Risk Management, and Privacy – the three core areas managed by the Risk & Security Department.
In addition to our robust management system, our collaborative efforts with the SharePoint Team have birthed several internal tools. These tools, from risk registers to privacy assessments, empower our team to conduct audits, assess third-party risks, manage privacy threshold assesments, and evaluate data protection impacts. We’ve also developed tools supporting project managers in setting security and privacy by design controls in place, reviewing privacy-related activities, and conducting security tests for applications.
While the specifics of our technology pieces remain confidential to deter potential attackers, it’s crucial to recognize that a harmonious blend of technology, well-defined processes, and our exceptional team members and colleagues collectively fortify Samlink’s defense. This collaboration is pivotal in safeguarding our clients’ services and shielding Samlink from both cyber and physical threats.
In essence, it’s the synergy of technology, processes, and our exceptional people that forms the backbone of our concerted efforts at Samlink, ensuring the security and continuity of our clients’ services and our organization.