Information Security

ICC’s information security services, ​as part of a wide range of expanding professional services, cover cyber security oversight and governance as well as operational components:

  • Common Secure – This ICC information security service functions primarily to share timely, relevant and actionable physical and cyber security threat and incident information. This enhances the ability of the United Nations to prepare for, respond to, and mitigate risks associated with these threats. It offers continuous, reliable and timely information gathering from Agency members, commercial security firms, service providers, federal, state and local government agencies, law enforcement and other trusted resources. It works to build relationships with the cyber community on behalf of the United Nations system and develop a reputation for excellence. Common Secure is positioned to disseminate cyber threat alerts and critical information to organizations across the world.
  • CISO as a Service – Information Security management and an identified accountable body in an organization mitigates the high risk of negative reputation, loss of valuable information, exposure to malicious acts as well as sophisticated and complex cyber-attacks. The ICC “CISO (Chief Information Security Officer) as a Service” operates within a Client’s structure, in contact with the Client’s senior executives. The CISO service serves Client’s executives on strategic guidance and business alignments, CIOs on assurance, technical teams on expertise, end-users on awareness as well as 3rd parties possibly representing the Client.
  • Information Security Operations – With the proven track record of ICC’s hands-on experience in conducting cyber security operations at all levels for all ICT components, this service includes one-time as well as ongoing activities within a given Information Security governance framework, ISO27001 as well as related standards and vendor recommendations.

Operational services include the implementation and monitoring of enterprise antivirus systems, periodic vulnerability scanning and coordination of follow-up actions, log reviews and analysis, periodic alignment of account/credentials, as well as perimeter and firewall rules management.

ICC is a 2017 winner of the CSO50 Award for information security. See details.

ICC is certified with the ISO 27001 standard and offers consulting services to assist other Clients to obtain this key Information Security Management System certification. See our ICC Services booklet for more information or contact a Client Account Manager at business@unicc.org.