Cyber Resilience v3

CYBER RESILIENCE

Nurture confidence in your security.

Cyber Resilience mobile
  • At CYSIAM, incident response readiness runs through the core of everything we do. No organisation is 100% secure, as evidenced by regular high profile breaches, and therefore we must consider that an attack is possible at any stage in its development.

Building Your Resilience

CYSIAM applies state-level cyber security expertise to deliver sustainable strategies. We follow a 5-phase iterative process when building cyber resilience within organisations.

  • Prepare

    Prepare

    Ensure adequate Incident Response and Business Continuity planning is in place;

  • Identify

    Identify

    Understand the threat, baseline required security controls, and identify maturity pathways;​

  • Protect

    Protect

    Implement, operate, and continually improve protective security controls;​

  • Detect

    Detect

    Implement an intelligence-led continuous monitoring and intrusion detection capability;​

  • Assure

    Assure

    Efficiency-test preventive security controls and intrusion detection capabilities.

  • Prepare

    Ensure adequate Incident Response and Business Continuity planning is in place;

  • Identify

    Understand the threat, baseline required security controls, and identify maturity pathways;​

  • Protect

    Implement, operate, and continually improve protective security controls;​

  • Detect

    Implement an intelligence-led continuous monitoring and intrusion detection capability;​

  • Assure

    Efficiency-test preventive security controls and intrusion detection capabilities.

Threat led approach

We Use a Threat-led Approach

Any maturity / risk assessment that CYSIAM conducts begins with a threat assessment. Threat intelligence is key in understanding the context of the assessment we are undertaking, and prioritisation / criticality of the resultant planning. We don’t omit any assessment criteria in our reviews, we use threat intelligence to gain increased focus on certain areas in the same way that an attacker would.

The CYSIAM Cyber Maturity Framework

CYSIAM’s cyber maturity framework was developed by our offensive and defensive security experts to fill a gap we felt wasn’t filled by the various regulatory standards. Cyber security standards, whilst important, are somewhat fragmented and often become about a badge on a website, rather than real risk mitigation.

Framework2
  • Governance

    Cyber-risk should be treated like any other business risk and should have board level ownership. This review will evaluate the approach to cyber-risk, how it defines roles and responsibilities, and if critical business dependencies have been identified along with the threats posed to them.

  • Policy, process & procedure

    Appropriate documentation and working practices provide the necessary underlying foundation on which the correct business decisions can be made, whilst demonstrating compliance to relevant legislation and standards. Our review will evaluate existing policies and identify gaps in documentation and working practices that can be addressed to reduce cyber-risk.

  • Technology

    Technology should comply with, and support, the security policies of an organisation. ICT teams (internal or outsourced) are usually focused on maintaining availability of the technology's functionality, and this can lead to mismanagement of technical security controls. We assess the 'real-life' approach against policies to identify any gaps (vulnerabilities). To this end, we can conduct vulnerability scans of the organisation's external and internal network and devices as part of a policy compliance assessment.

  • Data handling

    Understanding the data that is processed is crucial not only for establishing and implementing the correct security controls, but also for legal compliance (GDPR). This review will confirm whether an organisation has identified the data it processes, transmits, and stores, and whether it has the necessary security in place to protect it.

  • Culture & education

    People can be a critical weakness in cyber security but also a key aspect of defence. Understanding levels of awareness within an organisation and its workforce helps to identify areas of strengths and weakness and where to focus programmes of improvement. Culture plays an important role in the security of an organisation and our assessment will evaluate if cyber security awareness and understanding is embedded at all levels.

  • Physical environment

    We look here at how physical access to an organisations ICT infrastructure is controlled, from server rooms to network access points to individual devices. Often the simplest method of attack is best and stealing or cloning an employee's door pass can gain vital access to sensitive areas of buildings. This is where digital and physical risks overlap, and we always advocate a holistic view of security.

  • Supply chain

    Critical suppliers and third parties can introduce vulnerabilities to an organisation's business resilience and security. Due diligence should be carried out on critical suppliers and third parties to identify any risks associated with them or the services, products, or systems that they provide. The review will ascertain the level to which supplier risk is addressed within the organisation.

Bespoke review framework

Whilst the CYSIAM review framework is bespoke, it does cover the key aspects of several industry leading standards and regulations such as:

  • NCSC Cyber Essentials & Cyber Essentials Plus
  • ISO 27001
  • NIST Cyber Security Framework (CSF)
  • GDPR
  • PCI DSS (only used if relevant to business)