cybersecurity packages.png

CyberSecurity Packages

The Cybersecurity Package is the ultimate one-stop source for technical knowledge, guidance, and best practices on cybersecurity, pulling together the latest standards and reference works from the world’s most respected publishers and leading authorities.

Frequently asked questions

What are the different CyberSecurity Packages?

The different packages are: A) Identify - Risks that can harm your business B) Mitigate - Implement Security Controls to mitigate risks that can harm your business C) Monitor - Continuously monitor the effectiveness of security controls to adjust to the ever changing threat landscape

What is the deliverable for the 'Identify' package?

As shown in this diagram, you'll receive a security scorecard report highlighting the top risks for your organization.

What is the deliverable for the 'Mitigate' package?

  1. Establish Identity Management and Access Control within the organization
  2. Provide Awareness and Training including role based and privileged user training
  3. Implement Data Security
  4. Implement Processes and Procedures to secure information systems
  5. Setup a process to detect Anomalies and Security Events

What is the deliverable for the 'Monitor' package?

Continously monitor the health of your security controls and take the necessary actions if a security breach attempt is detected.

Why do I need the CyberSecurity packages?

Security is only as strong as your weakest link. The packages take a holistic approach to security to build defenses for all attack patterns.

What tools do you use to deliver the packages?

No one solution fits all. We are vendor agnostic and adopt technology and processes that fits well with your infrastructure.

Workflow for CyberSecurity Package

  1. Review Security for user accounts, service accounts and administrator accounts.

  2. Review Network Security for both private and public networks

  3. Review your Security Architecture Stack to ensure that necessary detective and preventive controls are in place

  4. Review Email Security to mitigate the risk of phishing

  5. Review security of your website by conducting penetration testing

  6. Ensure that Anti-Virus solutions have been properly implemented on all workstations and servers

  7. Ensure Backups and Incident Response procedures are in place to counter ransomware and intrusion attempts

  8. Build a process for Continuous Monitoring and Alerting against potentially malicious activities.