CYBERSECURITY SERVICES

Multifaceted Security Program Development

Working with Laptop

ORGANIZATIONAL PREPARATION

Training

  • Phishing and scam testing for end users

  • Incident simulation for IT support


Incident Playbooks

  • Law enforcement, legal representation, and insurance first contact procedures

  • Incident response communication plan 

  • Initial incident response activities for IT and key business users

  • Ransomware response policies and payment preparation


Recovery Items

  • “Golden images”

  • Offsite software repositories for application source code, install images, and executables

  • Software key and license management practices

  • Hardware procurement policies and practices for incident response

Computer Programming

THREAT PREVENTION

End user

  • Endpoint security hygiene implementation and improvements

  • Account lifecycle management review and analysis

  • Endpoint detection and automated threat response implementation

IT Infrastructure

  • Security focused network design review

  • Firewall policies strengthening

  • External and internal penetration testing

  • Zero Trust implementations to reduce or remove common attack surfaces

  • Server, network, firewall hygiene policy development

  • Intrusion detection, prevention, and response policies development and technology implementations

  • Email threat deterrent measure design and implementation

Hard Drive Backup

DATA PROTECTION

Backup

  • Analyze backup servers and data locations vulnerability to ransomware attacks

  • Review data retention policies and how they would be impacted if compromised

  • Ensure proper network, account, and virtualization separation to ensure an “air-gap” between backup and primary data

Recovery

  • Create plans for restoring data under different incident scenarios

  • Create order of operations recovery strategy to determine which systems are brought online first

  • Create processes for restoring and validating systems are clean of data corruption and harmful software