In the era of digitalization, cloud, internet of things (IoT) and ever-expanding need for mobility, the cyber security landscape is as challenging as ever. Organisations are faced with multiple threats across an expanded attack surface. The human factor continues to be the weakest link and with its “weaponization” stemming from the powerful mobile devices having access to almost everywhere, the threat level and the robustness of the required responses are in an ever-increasing trajectory.
- Enterprise Security Architecture & Information Security Policy Framework
Addressing an ever-changing threat landscape with an effective information security framework, requires addressing all key aspects across People, Process and Technology.
Our security strategy and architecture skills are second to none, with a team that has hands-on experience from security technology selection, implementation, monitoring and support. Our reference projects include numerous highly acclaimed Security Awareness initiatives for audiences in multiple industry sectors. Finally, our ISO27001:2013 implementation expertise underpins our knowledge and ability to deliver strategies that can be translated to comprehensive Information Security Management Systems and be certified to the de-facto international information security standard.
Attack & Penetration
We use internationally recognised methodologies for external as well as internal penetration testing assignments which may include social engineering procedures, wireless penetration or web application-specific testing. The key benefits our customers derive from these projects include:
- an independent assessment of the technical security profile of your technology-dependent business operations
- a structured and methodologically proven evaluation of the risks involved against the integrity, confidentiality and availability of systems and information which you use, store and process
- a modular approach to allow separate assessment of risks from outside or within your internal network or those which are specific to web or other business applications
- evaluation of the threat levels from opportunistic hackers or individuals who are executing industrial espionage against your network, systems and information.
DR & BCP Design & Implementation
Business and operational resilience are becoming increasingly important from both a commercial but also a regulatory perspective. At the same time, the availability of more options compared to the past as to how and where to recover business systems and processes, means that disaster recovery and business continuity approaches need to take account of all relevant factors and technologies.
Our solutions are based on internationally recognized methodologies, predominantly ISO27001 and ISO22301, and reflect the following key deliverables:
- business process codification and prioritization
- definition of Recovery Time Objectives and Recovery Point Objectives
- Business Impact Analysis (BIA) in support of prioritization for recovery
- Risk Analysis (RA) in support of necessary control selection and implementation and
- Testing & Exercising Strategies in support of ongoing assurance over the continued effectiveness of the recovery capability of the organization.
Cyber Security Health Checks
For organisations who are interested to have an independent view of the level of maturity and effectiveness of their Information Security program, this solution is designed to offer a high-level evaluation of the status of their efforts. The key deliverable comprises a formal report with a SWOT-style analysis and specific recommendations for improvement.