Migrating data, applications or infrastructure to the cloud can create efficiencies, agility,
opportunities and cost savings. However, it can also expose to new cyber risks to business.
Now this critical data on a third-party system and applications, which were traditionally only
internal-facing, are now out in the open, on the Internet.Our framework foresees:
When it comes to cyber-attacks, it’s not a matter of if, but when. How you respond to a cyber-security
incident is just as important as how you defend against one.
A mediocre response can reflect badly on an organization and impact share price, customer view,
short-term and longer term profitability.
Therefore, organization’s need to have a robust, tested and well understood incident response and
crisis management plan in place. We can provide targeted, realistic advice, plans and testing. The
customized services we provide include:
Incident Response (IR) Plan Review and Delivery – using best practice guidance including:
-
Prepare, Identify, Assess Respond and Learn phases
-
Protecting forensic evidence
-
Communications with third parties
-
Testing schedule
-
Escalation to Crisis Management
Our Incident Response services are built on the demand – so that they have a solid plan and have
tested it to ensure it works
We focus on protecting the Confidentiality, Integrity and Availability of information and systems. Our
Resilience service is focused on the availability aspect.
If systems or information is not available to an organization then it will lead to loss of production,
turnover and customer retention as eventually the organization’s business as usual processes will be
disrupted.
To help organizations improve and mature their resilience capability we work with them for:
Business Continuity:
"A holistic management process that identifies potential threats to an organization and the
impacts to business operations those threats, if realized, might cause, and which provides a framework
for building organizational resilience with the capability of an effective response that safeguards
the interests of its key stakeholders, reputation, brand and value-creating activities."
IT Resilience:
The ability to absorb digital change, protected from shocks to enable the organization to sustain and
succeed.
-
IT Resilience Health Check - based on ISO 27031 – includes:
- Technical Review
- Risk Analysis
- Current state of IT Disaster recovery
- Gap analysis
- Prioritized recommendations
-
Develop and support the implementation of a digital resilience
-
Ensure IT resilience capability meets defined requirements
-
Education and awareness
Two factor Authentication:
We help organizations to secure their networks with a secure alternative to passwords that safely
enables remote access to systems and information by delivering two-factor authentication as an
customized service. The successful deployment of two-factor authentication takes more than just
technology; you also need to implement a framework of policies, procedures, logistics and user
support.
GDPR and Privacy (Cyber Security Compliance)
Balancing sufficient and perfect privacy to make it work for your business by:
Cyber compliance / Data Protection Compliance Assessment– assesses an organization against the
requirements of GDPR through a combination of document review, workshops and interviews with key
stakeholders. Output provides detailed findings and actionable recommendations
Data Protection Impact Assessments – working with organizations, to systematically and
thoroughly analyze project, application, process or system will affect the privacy of the individuals
involved and reduce the privacy risks to an acceptable level
Strategy & Remediation – We offer a GDPR policy and procedure set that we can bespoke for
clients.
Data Protection as a Service - We can provide services such as Privacy Risk Screening, Data
Protection Impact Assessments, GDPR remediation and M&A-related activities
Swift:
Recent payment fraud attacks on Society for Worldwide Interbank Financial Telecommunications
(SWIFT) users has demonstrated that Cyber Security is of increased importance, especially
when establishing commercial relationships between SWIFT users.
