Cyber Security

Cyber Security

Cyber Security can be described as the collective methods, technologies, and processes to help protect the confidentiality, integrity and availability of computer systems, networks and data against cyber-attacks or unauthorised access.

Cyber-attack is a deliberate attempt by external or internal threats or attackers to exploit and compromise the confidentiality, integrity and information systems of a target organisation or individual.

Cyber Attacks

Cyber-attacks come in a wide variety and listed below are the more common ones used by criminals;

  • Malware
  • Ransomware
  • Backdoors
  • Formjacking
  • Cryptojacking
  • DDOS Attacks
  • DNS Poisoning Attacks
  • Injection Attacks (e.g. cross-site scripting, SQL injection, Command Injection)
  • Session Management and Man-in-the-Middle attacks (MITM)
  • Phishing
  • Denial of Service
  • Privilege Escalations
  • Unpatched / Vulnerable Software
  • Remote Code Execution
  • Brute Force

Security Breach

On the other hand a Security Breach is a successful event or incident in which a cyber-attack results in a compromise of sensitive information, unauthorised access to IT systems or disruption to services.

As organisational assets are made up of multiple systems, an effective and efficient cyber security posture requires co-ordinated efforts across all its information systems. Cyber security is made up of the following sub-domains;

  • Application Security
  • Identity Management & Data Security
  • Network Security
  • Mobile Security
  • Cloud Security
  • Disaster Recovery & Business Continuity Planning (DR&BC)
  • User (People) Education

Business Security Posture

Our Cyber Security experts will help your business improve its security posture and develop plans to prepare for, respond to, and recover from a compromise. Your overall business environment will be improved with a customised Cyber Security framework that aligns to your business objectives.

Customised Risk Assessments

Our engagements include a customised risk assessment that evaluates your end to end business workflow, including third parties and key stakeholders within your organization.

Our support includes:

  • Ongoing Cyber Security Advisory Services “Virtual Chief Information Security Officer"(vCISO)
  • Documented cyber security alert response from global regulatory
  • Sensitive and critical data identification
  • Penetration testing and vulnerability assessment
  • Create a written information security policy (WISP)
  • Development of an incident response plan (IRP)
  • Identify critical third parties and provide a comprehensive risk management review (RMR)
  • End user Cybersecurity training (In-person or Online)
  • Phishing tests