CYBER SECURITY

PENETRATION TESTING (OWASP/OSCP)
Testing is an essential part of any security solution, and far from being security threat! Our team will set the real context around the risks you face within your organisation and the importance of these to you. This is in real world language not just a set of CVSS scores within a meaningless report.

ETHICAL HACKING
Our team comprise of are Certified Ethical Hackers who are skilled professionals who are highly experienced in identifying the weaknesses and vulnerabilities in target systems. They use the same knowledge and tools as a malicious hacker would, but in a lawful and legitimate manner to assess the security posture of a target system(s), thus providing our clients with an insight of the potential risks that they are exposed to.

CYBER INCIDENT RESPONSE
Our Cyber Incident Response service minimises the impact of a cyber incident on your organisation by reducing downtime and losses – operationally, financially and reputational. Our on-boarding process will review, test and optimise your response capability and our dedicated team of incident handlers and first responders are on standby to provide advice, guidance and remote support during the incident itself. Our service is offered on a 24/7 basis and underwritten by a service level agreement appropriate to the size, geographical location and complexity of your organisation.

DIGITAL FORENSICS
We can provide Digital forensic service for the identification, preservation, analysis and documentation of electronic data for judicial purposes while maintaining data integrity of our client

PAYMENT FORENSICS
Each year We conducts a significant number of post-incident cyber forensic investigations for compromised payment organisations - to improve intelligence, ensure containment and advise on remediation to prevent reoccurrence. We are amongst a small handful of companies which are capable and comply on the PCI SSC standards. Our teams are experienced to investigate breaches of payment card data.

PCI DSS COMPLIANCE
PCI can be expensive for any organisation, but the larger you are and the more geographically spread the worse the problem becomes. Our advisory consultants work on payments consulting first, and then reduce the scope of environment to the smallest possible footprint whilst still allowing you to trade. In this manner you may be able to get the solutions to pay for themselves, increasing your security, reducing breach risk and ensuring your future as an organisation. As a PCI QSA company we offer both advisory and audit services in this area.

GENERAL DATA PROTECTION REGULATION
If you work with data from UK citizens, you should already be compliant with the UK Data Protection Act. However, from May 2018 the new General Data Protection Regulation will be brought in by the EU. In any jurisdiction that we work in, we need to work within the ambit of the local and global data protection frameworks and regulations. Most companies are not prepared for the effects that this will have on their business. Our team specialises in all aspects of the requirements from discovery of data locations, to a Privacy Information Management System (PIMS) framework, to the security of the systems that this information is housed on. We use recognised standards and techniques with basis in management consulting, advisory, assurance and forensics services. The recent breaches of data of the South African Presidency and Liberty Life are a grave reminder of the cyber security threats in our own country.

ISO27001:2013
ISO 27001 is the foundation/cornerstone of information security used for commercial and government solutions and engagements. This is a pre-requisite for many companies as it demonstrates commitment to data security. We have developed methodologies over many engagements that assist with governance, policy and the technical controls required. These are streamlined to ensure speed and agility while allowing demonstrable security, in order to pass certification if required.

OUTSOURCED DATA PROTECTION OFFICER
The General Data Protection Regulation and the Data Protection Act 2018 has ramped up the standards for handling personal data. This has made Data Protection Officers (DPO) compulsory for many industry verticals. You may be one of them. Or if you aren’t, you might still be interested in the support that a DPO can provide or just extra support for your data protection lead. We can provide you with the assurance and backup that you require on an ad-hoc or scheduled basis with one of our Outsourced Data Protection Officers.

OUTSOURCED CISO Chief Information Security Officers (CISO) provide an essential function in an organisation as the source of security expertise. CISO assist and provide guidance with integration of security within business processes. Establishing and retaining the necessary in-depth knowledge can be difficult and expensive for an organisation. We can provide you with the assurance and backup that you require on an ad-hoc or scheduled basis with one of our Outsourced CISOs.