Teams need a plan and strategy to ensure they can execute on the business’ needs. We’re here to help set and measure those strategies, ensuring the best outcomes for your business.
Information Security Management System (ISMS)
Is your business trying to reach alignment or certification with an industry standard? Conducting a gap analysis against your organisations existing information security management system (ISMS) and an industry standard’s requirements such as ISO27001, COBIT, or NIST will inform the organisation on its current position and outline a clear path forward.
We use a best-of-breed security framework which integrates the ISO 27000 series, CIS – Critical Security Controls, COBIT 5, and NIST SP800-53 for its assessments. This systematic approach addresses the nature of information security, highlights functions that were previously overlooked, and justifies IT budget changes. Contact us to find out more.
Threat & Risk Assessments (TRA)
Do you have a new software environment or project that’s made a change to the way you work? A Threat and Risk Assessment provides a detailed analysis of an IT environment for vulnerabilities, potential threats associated with those vulnerabilities, and correlates these risks to a corporation’s risk management process.
We use an objective and repeatable assessment methodology to expose threats and vulnerabilities, assess the impact or harm that would occur if a threat were exploited, and the likelihood that the impact will occur. We then work with our clients to determine their organisational risk tolerance and current state of security controls, allowing us to assist accurate mapping of these to their risk management processes.
Security Advisory Services
We understand that not all businesses have the required resources available when it comes to cyber security. Internal resources are often requested to take on the burden of cyber security functions when working through new projects.
We offer security advisory services to assist teams with these requests and provide expert opinions and assistance with a focus on providing value to the business. We offer a wide range of advisory services to assist, including requests for purchase, vendor validation, vendor proposal reviews, and technology selection criteria. We are happy to work with you for any specific advisory services required.
Security Strategy Roadmap
Security Strategy Roadmaps provide direction to organisations on their security maturity journey. Having a road map provides short-term impacts by outlining costs that your organisation will experience as they work through their plan and long-term impacts of increased protection against threats, measurable metrics to track and report, and eventually lowering the security costs per incident.
We work with our clients to develop these roadmaps with a risk-based approach, outlining the organisation’s direction over the roadmaps planned timelines. A strong roadmap consists of achievable goals, that balance the risk an organisation faces along with compensating controls to limit these risks, while providing visibility to business decision makers.