Cyber Security Capabilities
Penetration Testing
External, Internal and Wireless Networks. Web applications and APIs. Mobile Applications (Android and iOS). Read More
Vulnerability Remediation
Vulnerability remediation such as Patch Management, Security misconfigurations, Compliance requirements, VPNs, endpoint security, firewalls etc, Vulnerable services removal and eMail (anti-phishing and malware). Read More
Security Review Service
Organisations need to be able to get a high-level snapshot of your security posture. It is very important to review the organization as a whole and find obvious security holes at design level. This is not like a pen test; we will not scan or identify any vulnerabilities, but rather a documentation and organisational management review. Read More
Compliance Consulting
We can help you to do the security audit and identify security gaps in your infrastructure to comply with the following standards. We can also help in remediating the identified security issues/gaps.
- PCI DSS
- VPDSS
- SOC
- SOX
- ISO 27001
Information Security Management Framework (IMSF)
Is a pragmatic model that allows organisations to set up information security at the strategic, tactical and operational level in an organisation in an appropriate way, in line with the Business. The ISMF provides an answer to the following question: “What should I do and in what order should I do it?”
The development of an ISMF entails the following 6 steps:
-
- Definition of Security Policy
- Definition of ISMS Scope
- Risk Assessment (As part of Risk Management)
- Risk Management
- Selection of Appropriate Controls
- Statement of Applicability
The above steps and issues lead to agreements that need to be implemented by the organisation. This can be done using an Information Security Management System (ISMS). An ISMS is a management tool that ensure that all agreements are effectively controlled through a plan-do-check-act cycle. It is therefore recommended to apply the ISMF within the ISMS, for example based on ISO27001.