fbpx
Skip to content
Home » Cybersecurity consultation

Cybersecurity consultation

Service examples

You can see examples of the services we provide below. Despite this listing, we always tailor each service individually and it is just as likely that your service needs are a combination of all of these.
Please contact us for any questions or to book an appointment with us.

Designing a Vulnerability Management Program

A vulnerability management program is one of the cornerstones of a great cybersecurity program. Therefore, one of our services is to help you design a program custom-made for your business, mold tool requirements that help you with that program, and get those tools set up and maximize their usage. Similar to our philosophy above, a good vulnerability Management Program consists mostly of policies and procedures, with tools playing a support role only. Once your policies and procedures have been nailed down, we will work with you to compile tool selection requirements. Once the requirements are clear, we will help you work with vendors to select the right tool for your environment.

Establishing proper policies and procedures

Some think that all they have to do to be secure is to buy the right tool because a sales guy told them that it would make them safe, then buy another tool because that sales guy said it was better. Then they stand there with many tools and no idea how to use any of them. We believe buying a tool and looking for a problem to solve with it is very unproductive. Our advice is to start by creating sound policies and procedures and, from that, create requirements for tools to help you with your new policies and procedures. This way, you start by identifying a problem or a need and then find a tool to fulfill the need. With this approach, you won’t have all sorts of tools you don’t use. Therefore, this is the approach we always use. This service offering is similar to the one above, just a little more comprehensive.

Internal audits Services

If you are working towards a certification or simply maintaining one, you need to have an independent party review your setup and confirm that you are ready for the final review. Without that, you have very little chance of passing your certification audit. This is one of the core services we provide

End User Awareness Training

One thing you absolutely need to pay attention to is training your staff to be security conscious. This is one of the cornerstones of any decent security program, which is why many security frameworks and compliance requirements require this. There are two approaches to this:

  • You can purchase a subscription to a video training service, which will check all the required boxes.
  • Or you can bring an expert in for true in-person training.

There are pros and cons to each. The video training service makes getting everyone to complete and show compliance easier. It is often bite-sized and easier to fit into busy schedules. The problem is that there is a much greater chance that folks won’t get the material or, worse, will sleep through it.

On the other hand, in-person training, like the one we offer, is more engaging and more comprehensive and ensures everyone is learning the material. The problem is that scheduling can be challenging.

While we typically recommend in-person training for that personal touch, we realize it isn’t practical for everyone. Therefore, we can also put you in touch with some great video training solutions.

NIS2 or DORA Implementation or planning services

We can work with you to ensure you meet NIS2 or DORA government regulations. With the expansion in scope in NIS2, there is a long list of companies that are required to be compliant that weren’t before. Does your company fall under the expanded scope? You may not have the expertise in-house to understand, plan, and implement programs to become NIS2 or DORA compliant, so let us help you. We can provide as much or as little help here as you desire.