CATEGORIES & ADJUDICATION CRITERIA

Excellence, Innovation and Leadership in Information Security

This category seeks to rewards the project which demonstrates excellence in this sector, through innovative methods of generating threat intelligence, use of intrusion prevention and mitigation, approaches to prevent accidental or malicious data leaks, methods of responding to a breach, as well as the use of encryption and other technologies aimed at preventing malicious or inadverted misuse of data.

Main Adjudication Criteria

Use of Best practices and standards

The adoption of industry standard practices, methodologies and technology in terms of for instance:

  1. Compliance with legal and technical requirements, such as GDPR
  2. Open Web Application Security Project (OWASP)
  3. Encryption
  4. Email Security
  5. Endpoint Security
  6. Identity and Access management
  7. Intrusion detection and prevention
  8. Risk management
  9. Network Security
  10. Secure data erasure
  11. Breach Response Procedures

N.B. Such practices need to be supported by the relevant agreements, documentation and certificates.

Development of specific custom technologies

Custom implementation of ad hoc technologies, if applicable, to address specific project requirements.

Innovative approaches and technologies

Adoption or development of industry state-of-the-art, or beyond, in terms of for instance:

  1. Advanced Persistent Threat Protection (APT)
  2. Artificial Intelligence Security
  3. User and Entity Behaviour Analytics (UEBA)
  4. Threat Hunting

Investments in cybersecurity awareness practices

The extent to which the project and/or organisation strive towards cybersecurity awareness of both technical and non-technical staff, users/clients and/or the general public.