- Certified CESG Professional (Senior Level)
- Certified Information Systems Security Professional. (CISSP)
- Certified Ethical Hacking
- Certified ISMS Lead Auditor (ISO 27001)
- Microsoft Certified IT Professional
- Cyber Essentials Assessment (Basic and Plus)
- Cyber Security Training
- ISO 27001 Audit and ISMS Implementation requirements
- Risk Assessment and Triage
- Vulnerability Analysis / Management
- Business Continuity and Disaster Recovery Planning / Implementation
- Telecommunications and Network Security
- Legal and Regulatory Compliance
Cyber Essentials Assessments.
We have assessed more than 500 companies to the Cyber Essentials Scheme – we believe that, to date, this puts us ahead of any other Certification Body since the scheme began.
Our clients range from small businesses through to major International Banks, Global Technology Corporations.
Subject Matter Expertise analysing and assessing network and application vulnerabilities in order to maintain best practice procedures for patching the required systems in the correct order and in a timely manner (triage).
This was a huge project that involved taking data from several thousand servers internationally (using McAfee Vulnerability Manager), liaising with all the different platform and remediation teams, setting targets, baselines and compiling reports for Senior Management.
The office automation processes we developed to help the teams assemble data became vital to the success of the project – vastly improving the ability monitor and report vulnerabilities and action the required remedial work. This contract required Scotland Disclosure clearance and strict adherence to PCI, Sarbanes Oxley and ITIL
Nuclear Supply Chain.
In line with ISO 27001, we have conducted a complete risk analysis programme and formulated policies and procedures to demonstrate that Information Security is of paramount importance when handling and sanitising commercial hardware that has originated from companies holding Sensitive Nuclear Information.
All business processes, software applications and telecommunications were audited and recommendations / implementation plans drawn up to commission a secure disaster recovery site to maintain availability of data processing functions.
Software Houses.These have clients who are large multinationals. We have been asked to oversee the implementation of ISO 27001 to allow them demonstrate their commitment to information security to help win and maintain contracts.
Market Research Companies.
Developing strategies and solutions to secure the sensitive commercial information of high profile clients and personal details of participants. This involves developing training plans, writing policies and procedures, assessing Data Leakage, Firewall, malware and infrastructure solutions and making recommendations.
We have coordinated the PCI (Payment Card Industry) compliance programme to ensure sensitive data is handled and transmitted appropriately at the Head Office and remote sites. Conducting full gap analysis, risk assessment of business processes and forming implementation plans to instil a culture of security in the company and identify requirements to aid the selection of new software applications, physical access controls and network hardware.
Online and mail order companies
Both local and national, have benefited from our ability to devise solutions to pressing IT security problems – many requiring a complete redesign of workflow and some benefiting from targeted adjustments to existing systems in order to meet PCI requirements.