The first stage of the journey with us is typically an assessment or baseline review to understand what problem the customer is trying to fix.
Ideally this involves a comprehensive Cyber Security Review undertaken against an industry framework, such as the NIST Cybersecurity Framework. However the baseline can be derived from any number of activities including red teaming, a breach response exercise or an executive workshop, all of which are underpinned by our advance threat intelligence capability.
The real value lies not just in the assessment but in the clear advice and guidance provided to improve the level of business resilience.
- How to protect the customer’s organisation and what primary actions they need to take
- How to improve their security maturity rating to satisfy Board requirements
- How to ensure their cloud environment is secure so they can capture new opportunities and move into new markets efficiently
- How to comply with legal and regulatory requirements to ensure their business can continue to deliver its services.
To enable businesses to grow and thrive it is essential to work with them to fix the issues identified during the Assess stage. It is only once these areas have been remediated that the true return on investment will be realised against their cyber spend.
The key to successful security transformation is working closely with the customer as a trusted advisor, developing in partnership a strategy that works for their business. This, coupled with robust governance, is essential for any successful implementation.
We operate a full security service and can deliver a range of services during this phase, all of which are dependent on the issues identified and the needs of the business.
For example we may:
- Provide recommended fixes and a testing programme to ensure that these fixes have been implemented correctly
- Assess the security of their cloud environment with our Scout Suite auditing tool to ensure the configuration of any applications being moved to the cloud are secure
- Build a virtual team, working as an extension to the customer’s team, bringing specialist skills such as risk management or in-depth knowledge of key cloud platforms for example
- Work in collaboration with the customer to design and identify specific technology solutions to meet their requirements
- Engage our senior advisors to provide support to engage the Board in any remediation activity.
Being cyber safe and protecting against risks isn’t an exercise with a start and end date. The ever evolving threat landscape means that beyond the initial assess and develop phases it is vital to continually improve levels of security, detect incidents and react to them.
In the final stage of this journey, we transition the customer into a set of services, which allows them to continually evolve to meet this threat landscape head on.
We are able to do this through a range of services:
- Utilising our Managed Detection and Response proposition, which gives confidence that we are working alongside the customer, responding quickly, mitigating threats, reducing risk and ensuring their business continues to operate
- Our Escrow-as-a-Service (see page 14) provides a simple answer to the question of cloud resilience
- World-leading threat intelligence offers an insight into threats faced by our customers.