Consulting
Any Cyber Security project necessitates a consulting phase to understand what is to be protected, what are the threats, and what are the risks associated with these threats
- Threat Assessment
- Penetration Testing
- Technical Auditing
- Policy Formulation
- Product & Solution Assessment
- Tools & Process Development
- TechTeam Development
- Cyber Range Build-Up
- Documents
Threat Assessment
The most important steps in approaching Cyber Security is to understand, what:
- is to be protected
- are the threats and
- is the risk associated with these threats
This is a process that is performed largely by the customer but the facilitation of the process by an experienced cyber security consultant is invaluable.
Our consultants will work with your cyber security stakeholder to ensure that a thorough analysis of threats and risks is achieved.
Penetration Testing
It is very beneficial to those assets that should be protected, tested to understand the current status of your protection against a range of threats. Often, this step will be needed to gain a more complete understanding of the threats posed to your assets.
Our cyber test partners use the latest technology and up to date simulated cyber attacks to probe a test your defences. The resultant report will highlight the weaknesses and strengths found and help direct the process of determining the threats to your assets.
Technical Auditing
Technical Auditing checks the current state of an implementation. It is mostly used to test if the implementation meets the desired objectives of the solution. It is mostly used to ensure that a project was implemented according to plan but is often used at the start of a project to check is is currently available and what is the state of existing components, solutions or infrastructure.
We offer our technical expertise to audit your systems, solutions and infrastructure to ensure your project is where is needs to be or to form a well-defined starting point to a new project. It is also advisable to perform technical audits on an ongoing basis to ensure the efficacy of processes put in place to maintain an effective state of your project.
Policy Formulation
Once Threat Assessment and Risk Analysis is done, the next step is to answer:
- What should be done to mitigate the threat, and
- What strategy is needed to achieve this mitigation?
A Security Policy document embodies all the policies, operational processes and technology elements that need to be put in place in order to mitigate threats identifies. As the phrase „Rome wasn’t built in a day“ goes, cyber defence approaches do not happen overnight. A clear strategy of further analysis and implementation is needed.As with the previous step, our consultants will work with your cyber security stakeholders to help formulate the implementation strategy that is right for your needs.
Product & Solution Assessment
here are many competing vendors, products and solutions in any market and even more so in the Cyber Defence market. Choosing the right solution from among all the offerings can be a laborious and daunting task.
We can assist in this selection process agreeing a set of well-defined requirements and other ancillary parameters for your projects and the undertaking with you, an assessment and selection process. This process may include:
- demonstrations,
- proof-of-concept trials,
- bake-offs to select from among peer solutions
- visiting vendor facilities to ensure the appropriate capabilities
- definition of additional interfacing or integrations necessary to meet the specifications
Tools & Process Development
Active Cyber threats number above 10,000 depending on how you count mutations and variations. Regardless of how they are counted, the order of magnitude shows that it can become an unmanageable task unless the right tools and processes are put in place to manage them.
We can assist, advise and setup if required, your cyber centre’s initial tool-chain, automation and work-flow processes that will allow your team to manage the daily tasks of vetting and deploying cyber defence measures without becoming distracted by the scale and administration of the task itself.
If desirable we can advise and assist with the ongoing evolution and update of your centre’s tool-chain and processes.
TechTeam Development
There are several steps to defending against a cyber threat including:
- initial threat identification,
- counter-measure analysis and development
- counter-measure offline testing
- counter-measure rollback planning
- counter-measure online deployment
- counter-measure efficacy monitoring
Depending on how much of these steps will be performed in your centre you may wish to buildup up you own technical team to perform some or all of these steps.
We offer TechTeam build-up training and support to bootstrap your team from their current capabilities stand-point and can support them on an ongoing basis if desired.
Cyber Range Build-Up
One of the most important elements of building an effective Cyber Defence Centre is the people who will operate it and defend your enterprise or national assets. Just as warriors of era, live or almost-live cyber defence training is a vital aspect to the team’s effectiveness.
Cyber Range is an infrastructure where you replicate a real environment in order to train teams to defend against cyber-attacks scenarios.
We offer Cyber Range build-up and operation as a cyber-team build-up service for your team using your infrastructure or can outsource the Cyber Range using our own infrastructure and train you teams. We can also train your ‚Red-Team‘ (the malicious attackers) or provide our own dedicated experts who will perform the malicious attacks.