With our defence-grade security technologies, rigorous threat checks and system-wide managed cyber security service we can help you build digital resilience, so you can face the future with greater certainty.
Responding to a multitude of threats
The potential risk of disruption to the smooth-running operations of the digital enterprise goes far beyond the highly publicised and very real threat of a cyber attack, and includes a multitude of threats posed by a wide range of internal and external factors, from terrorism, technological development to procurement of compromised system components. Robust cyber security measures must therefore take into consideration technical, operational, managerial and cultural issues.
The tempo, nature, changeability and volume of cyber attacks also continues to develop rapidly, together with the wide-scale availability of sophisticated attack tools, technologies and associated capability.
To address this complex and shifting threat landscape requires an understanding of the key assets, technologies, relations with other systems, and the ability to continually assess threats in real-time. It is real-time awareness of the situation, risks and vulnerabilities that provides the basis for informed decisions and the prioritisation of resources to deal with rapidly evolving threats and ensure digital resilience. This can only be achieved by intelligently combining contextualised information, dynamic cyber risk management and informatics services.
Building Digital Resilience
Our approach is based on a continuous cycle designed to evolve and strengthen the organisation’s position. Depending on the level of maturity, customers can enter the cycle at any stage.
Step 1: Vulnerability Analysis and AssessmentHow well do my security controls address technical, people and process weaknesses?
The first step on the pathway is to identify your current context and vulnerabilities.Adopting the stance of an adversary, our penetration testing and red team will challenge your organisation from all angles by deploying various analysis and testing techniques including social engineering scams, human testing, technical testing, and policy adherence. This should be repeated again at the end of the cycle to test the defences you have put in place and identify if any new vulnerabilities in your security have appeared.
Step 2: Cyber Threat Detection
Is there anything bad on my network now?
The second step in the process will identify any immediate threats. We will monitor your network to identify any anomalies, unusual events or trends which might indicate your current networks have been compromised. Monitoring will also help to build situational awareness of the technical status of networks.
Step 3: Static Cyber Risk Modelling and Mapping of Information Flows
How good should my defences be?
The third step in the process will establish a baseline risk profile and analyse the impact of cyber risks on business risk. This will enable the enterprise to prioritise its efforts and focus on the most important assets requiring protection. We will use our proprietary Cyber ADVANTAGE (CyAD) graphical modelling technique to provide a true view of cyber risk across the enterprise. Its visual nature facilitates effective communication between security, IT and business analyst teams. Information flows around the enterprise will also be mapped and used to define information exchange requirements. The security architecture will then be mapped which in turn will inform identification of the appropriate protective security controls.
Step 4: Dynamic Risk Modelling
How can I continuously see the threats affecting my business?
Step four involves progressing to dynamic cyber risk modelling. Building on the baseline risk profile, we will create a user-friendly dashboard underpinned by the correlation of inputs including network monitoring logs, real-time event capture utilising thousands of indicators of compromise, enterprise application security labelling alerts, detected network anomaly data, and attack path analysis feeds. The dashboard will allow a real-time view of the system status and allow drill-down into detail which will help prioritise investment decisions as well as inform decisions on mitigation activity if an event occurs on the system.
Step 5: Threat Mitigation and Risk Treatment Plan
How do I mitigate the threats to my business?
In step five, threats to the enterprise are detected and appropriate mitigation activities are launched together with a risk treatment plan. The lessons learned, mitigation success metrics, analyst threat intelligence, and risk absorption decisions are fed back in to the dynamic risk modelling, ensuring that the mitigation against new and sophisticated threats remain the most appropriate as the threat landscape fluctuates, and also that threat trends and patterns can emerge and be levied to allow the enterprise to become more proactive, and even predict threats.
Step 6: Measurement of Security Controls
How effective and appropriate are my security controls against rapidly changing threat and risk to my organisation?
At this final stage in the cycle, we will measure the security controls, and evaluate their effectiveness in response to an actual threat and instigation of a risk treatment plan. This will allow the organisation to adapt the controls in response to a highly dynamic threat and operational environment.