A comprehensive service to develop and enhance Customer’s Cyber Security Incident Response Plan, aligned with NIST guidelines (NIST800-61). The service includes:

• Creating and refining the Incident Response Plan and Playbooks, detailing roles, responsibilities, escalation paths, critical applications, and work instructions.
• Additionally, the service offers Incident Response Simulation Testing to test response plans against potential scenarios, review and analyse incident detection capabilities across various environments (cloud, on-prem, network), and suggestions for technical solutions and Security Operation Centre options.
• Post-incident reviews are conducted to identify improvements and lessons learned.

The engagement model includes fixed pricing for building and testing the response process, with time-and-material-based pricing for ad-hoc services. We also provide regulatory guidance in the event of a data breach while maintaining strict confidentiality throughout the process. Customisation of the Incident Response documents to suit specific customer needs is also part of the service.

The NIST Cybersecurity Assessment is focused on evaluating an organisation’s cybersecurity stance against the NIST Cybersecurity Framework, aiming to boost their security posture. The assessment includes:

• A detailed examination and scoring of the organisation’s current security strategies across the five key functions of the NIST Framework: Identify, Protect, Detect, Respond, and Recover.
• Each function covers various subcategories like Asset Management, Risk Management, Access Control, Anomaly Detection, and Recovery Planning.
• The process involves compiling a list of findings with risk ratings, assessing the current security posture according to NIST best practices and CMMI maturity ratings, and providing a prioritised list of recommendations.
• A comprehensive reporting structure will be used, including a high-level risk rating of each finding, a scoring summary report with CMMI maturity ratings for each NIST control, and an overall security capability score.
• Deliverables include a single-page summary of assessment results and maturity rating, along with a detailed full report outlining asset details, high-level risk assessment, threat assessment, control review maturity, target maturity rating, and specific recommendations in each NIST area. The objective is to annually measure, improve, and drive the organisation’s security rating using the NIST framework.

A comprehensive Penetration Testing service to enhance the security of IT networks and infrastructure. This service includes both External and Internal Penetration Testing, following industry best practices.

• The External Testing involves notifying stakeholders, performing active and passive reconnaissance of on-premises and cloud-based systems, external exploitation using various techniques like active scanning and password spraying, and attempting to exfiltrate data to simulate an actual breach.
• Internal Testing provides physical access to networks, where similar steps are repeated for various network types, including guest Wi-Fi, staff networks, and IoT systems.
• The process involves initial reconnaissance, privilege escalation, lateral movements within the network, and data exfiltration.
• Findings from the tests are reviewed and validated using the MITRE ATT&CK framework, prioritised, and presented in a final report containing both executive summaries and detailed technical analyses of vulnerabilities, impacted systems, risks, and remediation recommendations. This is complemented by a presentation and walkthrough session for stakeholders, explaining the vulnerabilities, proofs of concept, and professional risk assessments.