• Cyber Defence Services

Cyber Defence Services

Evolving security measures in line with your risk profile

Building effective cyber defence measures is based on three major aspects: people, technology and processes.  Through our independent and risk-based approach, we help you to focus on the highest priorities and risk components first. We have developed a number of tools and services to assist you in providing your organisation with the highest possible form of security.

Cyber Maturity Assessment | We have developed a Cyber Security Maturity Assessment that meets the needs of different types of organisations, regardless of industry or size. Our assessment model is based on the generally accepted best practice framework, the Centre for Internet Security (CIS), and takes into account the three building blocks for effective and efficient cyber security: people, technology and processes.

Framework, Policies & Procedures | Preparing and assisting the organisation with control frameworks such as ISO 27001, NIS Directive, GDPR, CIS, ISF, etc. Defining and/or analysing the IT security policies and procedures such as Access Management, Disaster Recovery, Data Privacy, Business Continuity, Bring Your Own Device, Physical Security, Security Incident Management, etc.

Cyber Governance | We can define security roles and responsibilities supported by adequate organisational structures to allow proper and timely detection and response in case of incidents.

Cyber Awareness Training & Education | We offer customised cyber education and awareness programs for boards, management and staff. These can include classroom style trainings, e-learning programs and practical simulations such as a social engineering attack. By regularly training and raising awareness among employeeson a continuous basis, we ensure a significant improvement in your overall cyber resilience.

Social Engineering  | The most common cyberattack consists of hackers deceiving your employees in order to obtain confidential information. Social Engineering attacks such as phishing are becoming more sophisticated and targeted, but technology alone is not enough to adequately protect yourself against such attacks. Training your employees is therefore crucial so that they can recognise social engineering attacks and respond appropriately.

Vulnerability Assessment | Identify weak links in the applications and infrastructure, and find misconfigured and out of date systems which could allow an attacker to gain privileges. We examine vulnerabilities of components that are usually not tested (Printers, Switches, Wireless access points, Storage systems, DVR systems) as well as common systems (web applications, mail, file systems and servers).

Penetration Testing | Penetration testing by experienced ethical hackers is the best method to get a good and independent view on the actual defence state of your IT infrastructure and application landscape security.

Red Teaming | To beat hackers, you must think like them. By simulating sophisticated real-world attacks, your security team will gain essential knowledge on how to defend againstthe next attack on your organisation. Red Teaming increases the overall cyber resilience of your organisation and provides input for your security roadmap.