Security Capability Maturity Assessments
In assessing cyber security, it’s important to consider the controls and capabilities your business needs, given the nature of the industry, your business objectives, regulatory landscape, and risk profile. Rather than checklists, our consultants use industry frameworks that focus on the specific controls and capabilities required, the value of the information and how it is used, shared and secured, and measure your cyber security maturity, working with you to define a future state with an accompanying roadmap that reflects your risk appetite.
Policies, Standards and Procedures
Based on your business objectives and risk appetite, our team will work with you to develop structured and well-conceived cyber security policies, standards and procedures referenced to industry frameworks and specific guidance, across people, process, data and technology.
Awareness and Education
We know that your people are your most valuable asset in managing cyber security risk. Our team will work with you to develop a relevant cyber security awareness program.
Strategy and Architecture
To develop a successful cyber security strategy, we will identify the required capabilities based on your business objectives and risk profile, assess current state maturity, define future state maturity, perform gap analysis, and design changes to controls and capabilities to address gaps. We will work collaboratively with you to develop a high-level blueprint, road map and actionable transition plan. Our consultants have a mix of architecture certifications from The Open Group http://www.opengroup.org/certifications and SABSA https://sabsa.org/certification/.
Design and Delivery
We can design and deliver large-scale cyber security transformation programs across business, people, process, information and technology. With a proven track record of delivering business-driven risk-based cyber security controls and capabilities in an iterative manner, we aim to ‘shift the needle’ on residual cyber security risk as soon as possible.
CISO-as-a-Service allows you to gain access to a seasoned Chief Information Security Officer (CISO) without hiring one on a full-time basis. As our team comprises cyber security leaders from a range of industries and companies of varying sizes, we are therefore well positioned to plan, design and deliver a cyber security program that aligns with your objectives. Through the considerable insight and guidance our team brings to your organisation, we position you to realise the best path to enable and support your business, whilst reducing your cyber security risk.