- Marketing
- Case Study
ISPD
Description
ISPD (ISP Digital) is an international holding of Spanish origin that offers a comprehensive cognitive marketing service with a strong focus on the digital side, with a firm position as a reference player before companies and brands in the local and international market. The position of the group led by Fernando Rodés is the result of a process of integration and merger between several companies and, mainly, after the purchase of the Antevenio group (international of Spanish origin), a company that merged with Rebold.
The history
The challenge
In its firm commitment to cybersecurity and with a level already very mature in this area, ISPD wants to take the next step to certify this maturity: obtaining the seals of guarantee in Cybersecurity: ENS (National Security Scheme) and ISO 27001. The group is aware that both its environment and its business model depend on its digital exposure. And that a good positioning in cybersecurity helps its brand image. The seals it plans to obtain are a guarantee of quality in this area.In addition, the National Security Scheme is an opening to your possibilities of collaboration with the Public Administration.
"At ISPD we are aware that due to our environment and business model, we need to ensure our commitment to cybersecurity. Both for the protection of our customers and their data, as well as to offer an uninterrupted and reliable service," explains Juan Pedro Churruca, Global CTO (Chief Technology Officer) of ISPD. Therefore, starting in 2022, part of ISPD's already high investment in cybersecurity will be used to prepare the company to obtain ISO 27001 and National Scheme certifications. For this process, ISPD relies on Wise Security Global, the brand's trusted cybersecurity provider.
The solution
Wise takes a holistic view of ISPD's cybersecurity. It is a trusted in-house provider, and also has the strategic expertise to make sense of its cybersecurity plans. Wise's objective is to facilitate ISPD's document compliance process in order to pass the various internal and external audits that will enable it to obtain and maintain both ENS and ISO 27001. Among other adequacies, Wise's CCSA area manages aspects such as:
- Cybersecurity Office Service (CISO as a Service).
- The implementation of the Cybersecurity Office Service derives from this.
- Preparation of the documentation base for the ISMS (Information Security Management System), which includes all the company's policies, procedures, guidelines and other documentation base that serves as a behavioral reference.
- Implementation of services such as SIEM.
- Vulnerability scanning, pentest and adhoc audits.
- Awareness. Awareness of cybersecurity in the workforce.
This is a work process that is maintained over time, since both seals are "live", they must undergo periodic audits to be renewed. "Wise not only prepares the necessary documentation to pass the audits, but also adapts the company to these requirements and implements actions for continuous improvement in cybersecurity," explains Pedro Diestre, Service Manager of Wise Security Global and responsible for this project.
Benefits
This certification process has affected ISPD's management and 40% of its workforce (corresponding to its headquarters in Spain). But in addition, thanks to this initial process in Spain, the groundwork has been laid to extend this certification to other countries. "This is a very important benefit for companies with offices in different countries, because the document management effort has already been made, and it is applicable to other offices. The legislation is very similar (except for teleworking, where countries go at a different pace)," says Pedro Diestre from Wise's CCSA area.
Benefits for ISPD for having ISO 27001 and ENS:
- Improved image and potential opportunities.
- Greater employee involvement in cybersecurity.
- New behavioral guidelines aligned with regulations and quality standards.
- Reverses in the cybersecurity of customers and suppliers.