TRUST reaches the cloud with the specific qualification and scoring of security for ICT services

The LEET stamp is the mark or label that materializes and gives visibility to the level of cyber-security that implements a qualified supplier in the service that displays it.

The LEET stamp gives an "score" to the security measures integrated by the supplier in the construction and operation of the service, unlike other mechanisms that only certify the implementation of management procedures -such as the ISO / IEC 27001 certification– or certifying product characteristics -Certification Common Criteria-, but in no case establish a quantitative assessment nor allow to show the security level in a given service regarding the information or data being handled.

Score given in three dimensions:

This score is also given in three dimensions: Confidentiality, Integrity and Availability, and the LEET stamp shows the score for the qualified service achieved on each of them, depending on the security and service continuity implemented measures, expressed through three letters, A+ (corresponding to the highest level) to D (the most basic level).

In practical terms, in the same way that an establishment providing hotel services requires a license to open, but as customers we want to know the stars it has prior to making our reservation, an ICT service also must be provided by an authorized company -and possibly having an ISO27001 certification-, and the LEET stamp indicates the number of stars, but also showing separated values for rooms, restaurant and ancillary facilities. Thus, higher score levels imply a lower probability that the service suffers impact, and, even more important, better supplier's capabilities to restore normal service in less time.

Thus, the rating system managed by LEET Security becomes the first implementation of the recommendation by the Cybersecurity Strategy of the EU, to create security labeling systems for ICT services.

All the methodology, evaluation criteria and assigned ratings are public, thus providing full transparency for the evaluation and comparison of different services when selecting their TIC suppliers.

Appreciation:

LEET Security’s rating system, developed since 2010 and continually evolving, is recognized by the European Agency for Network and Information Security (ENISA) and Instituto Nacional de Ciberseguridad (INCIBE), as trust mechanism.

enisaincibe