CATEGORIES & ADJUDICATION CRITERIA
Excellence, Innovation and Leadership in Information Security
This category seeks to rewards the project which demonstrates excellence in this sector, through innovative methods of generating threat intelligence, use of intrusion prevention and mitigation, approaches to prevent accidental or malicious data leaks, methods of responding to a breach, as well as the use of encryption and other technologies aimed at preventing malicious or inadverted misuse of data.
Main Adjudication Criteria
Use of Best practices and standards
The adoption of industry standard practices, methodologies and technology in terms of for instance:
- Compliance with legal and technical requirements, such as GDPR
- Open Web Application Security Project (OWASP)
- Email Security
- Endpoint Security
- Identity and Access management
- Intrusion detection and prevention
- Risk management
- Network Security
- Secure data erasure
- Breach Response Procedures
N.B. Such practices need to be supported by the relevant agreements, documentation and certificates.
Development of specific custom technologies
Custom implementation of ad hoc technologies, if applicable, to address specific project requirements.
Innovative approaches and technologies
Adoption or development of industry state-of-the-art, or beyond, in terms of for instance:
- Advanced Persistent Threat Protection (APT)
- Artificial Intelligence Security
- User and Entity Behaviour Analytics (UEBA)
- Threat Hunting
Investments in cybersecurity awareness practices
The extent to which the project and/or organisation strive towards cybersecurity awareness of both technical and non-technical staff, users/clients and/or the general public.