Duration: 1 – 6 months
Target Customers:
· Commercial (Offering Cyber Security & Training)
· Defense/Law Enforcement (Offering Cyber Security, C4I & Training)
Personnel: 3-4 Cyber Experts (Network, Security, Database & IT experts)
Purpose:
1. Risk Analysis
2. Mapping network (Local, Gateways, interfaces, Security etc)
3. Mapping IT platforms (Users access control, permission, Active Directory, Storage permissions, eMails, VoIPs, CRM, SAP, Virtual networks, hypervisors etc.)
4. Mapping Security elements (Firewalls, IPS, NAC, Servers/computers/mobile devices hardening, anti viruses, removable media management etc.)
5. Building Cyber Security Suite (network and host based anomalies)
6. Mapping Database (data flows, tables, sql/oracle integrity, DLP, authentication and authorization of Data, secure development etc.)
7. Building the 'DNA' of the company from network, IT, Database and security results
8. Analyzing weak spots
9. Generating preventive measures to weak spots
10. Cyber resiliency checkup
11. Security Penetration testing to verify security integrity
12. Building maintenance and Operational Procedures (inc. Disaster Recovery Plans)
13. Building Cyber Intelligence Platform
Method :
1. Questionnaire to be filled by customer's IT & Security staff
2. Frontal interviews of key managers of customer's experts and management
3. going over answers, layouts and building 'next step action items'
4. Hands-On audit with local teams
5. Working 'shoulder-2-Shoulder' with customer's management inorder to target customer's requirements
6. Penetration Testing
7. Procedures and know-how
8. Courses, training and knowledge transfer to customer inc. Cyber security training
9. Building Computer Security Incident Response Team
|