The unstoppable growth and dynamic of cyber-crime mean organisations of all sizes need to rethink their approach to the security. Everyone knows that security is important, and we all rely on the Internet, IT and other connected systems, all of which without the appropriate protection could be at risk from cyber-attack. These attacks are becoming increasingly more sophisticated and stealthier, targeting people, networks and devices.
We provide jargon-free, cyber simplified advice and services to all organisations.
Ensuring vulnerabilities that leave you open to internal and external attack are minimised is critical to your environment’s security posture.
Along with the introduction of multiple data protection legislation and compliance regulations over the last few years; demonstrates that having a secure infrastructure allows an organisation to operate with confidence.
Our technicians help identify critical vulnerabilities using technical/non-technical methods with our penetration testing service, providing threat vulnerability and risk assessments and supporting security improvement plans.
Our understanding of system networks, devices, procedures and vulnerabilities allows us to provide expertise around how malicious attacks are orchestrated and help organisations implement preventative and corrective measures to mitigate the risk of a data attack or breach.
How we can help
TenIntelligence works alongside clients; helping them:
- Conduct information and connectivity audits across the organisation to review, identify and assess where data is held
- Conduct specific internal and external penetration testing to identify access control weakness, strengths and areas for development
- Work with the organisation to, design and implement appropriate technical and internal measures to ensure data security is designed into all processes
- Work with the organisation to design a Data Privacy Impact Analysis framework linking to pre-existing risk management and project management processes
- Review the risks on the organisation’s Risk Register and create a critical list of control weaknesses
- A complete review and/or develop framework of policies and procedures needed to ensure Information Security compliance
- Help the organisation develop a staff training and awareness program
Areas for consideration:
- How does your organisation connect to the internet and other communication systems?
- Does your organisation use multiple software platforms, intranet, wireless activity and/or operating systems?
- Can you demonstrate compliance around your organisation’s firewalls, encryption, anti-virus and malware security provisions?
- Does your organisation perform due diligence into its third party providers and key employees?
- Do you check for misconfigurations and internal/external unauthorised access?
CISO as a Service
Providing an experienced security executive for your strategic security discussions or planning.
Using our Chief Information Security Officer (CISO) is a perfect way for you and your clients to be assured your receiving the latest information and threat landscape when you need and have the strategic response if required.
Alternatively, use our CISO coverage while recruiting a permanent replacement and our CISO can also assist in the candidate search and due diligence.
How our CISO can help
- Work with key stakeholders to establish, review and develop an IT security risk management program
- Create a strategic plan for the deployment of information security technologies and program enhancements
- Ensure the organisation’s compliance with corporate security policies, standards and procedures
- Integrate IT systems development with security policies and information protection strategies
- Audit existing systems, identify immediate threats and provide comprehensive risk assessments
- Anticipate and monitor developing security threats and risks to infrastructures
- Develop and test incident response planning and coordinate investigative activities
- Demonstrate leadership and help direct all IT security investigations
- Prioritise, budget and allocate cost effective security resources and infrastructure
The investigative discipline Digital Forensics can provide evidential investigation support pre/post cyber-attack.
Our Certified Practitioners are trained to safely preserve and examine data found on digital devices and networks often identifying the root cause of incident and evidence.
Preservation of Evidence
It is essential to follow forensic principles, evidence continuity and methodology when conducting a cyber investigation. Our Certified Practitioners have a working understanding of the legalities, best practice and methodologies used in the current digital forensic environment.
We apply evidential continuity, covering seizure, exhibit handling, data collection and preservation through to examination and investigation.
During or after a cyber related attack or unauthorised event we help clients:
- Identify and secure network devices that may contain digital evidence and unauthorised activity
- Ensure any data breach or data loss is permanently stopped and the vulnerability fixed
- Obtain the correct legal procedures and permissions
- Map and index electronically stored information (ESI)
- Help with decision making around loss of evidence
- Evidence handling and chain of custody
Once the evidence has been seized and preserved, the forensic examination can begin, including the imaging (producing a working copy) of all digital data from the devices collected using specialised forensic software and hardware. The imaging allows the original device to be preserved as an evidential exhibit, leaving the imaged version to be forensically tested and analysed.
Working with our clients, the analysis phase of the digital forensic investigation is the interrogation of the data collected; this will include:
- testing investigation hypotheses
- identify the root cause of the incident, unauthorised access, breach or attack
- examine all compromised accounts and systems accessed by the attacker
- assist in providing evidence around the intruder’s profile and how technical defence mechanisms were breached
- identify, secure and analyse relevant support information and data from servers, cloud platforms, routers and other network devices
- traditional analysis of deleted files, browser history, access logs and file sharing
- understanding and interpreting the data structures
- presenting evidential findings and statements
- evaluate how to prevent future incidents, breaches and attacks