Building the first line of cyber defence - Jason Kalwa, Salus Cyber
Cyber is becoming an increasingly important part of Gloucestershire's economy and with it comes the added issue of security.
Whatever the size of your company, whatever system you use, you need to ensure your business is aware of the risks and how to block them.
Cyber risk management is a discipline, one that continuously shifts based upon your evolving strategies and the threat landscape.
From initial dialogue through to completed project reporting, remediation and correction - Salus Cyber goes the extra mile to strengthen your security position and give you confidence in us.
Our journey with customers
- Identify - We take time to familiarise ourselves with your business, allowing us to understand your requirements, business risk, key pain points and your required outcomes.
- Understand - We turn your requirements into clear scoping and test plan documents so you know what we will be doing, when and how.
- Test - We deliver what we promise.
- Inform - Every unique report is based on your business. Our precise, concise brief will advise what steps your business needs to take to reduce cyber risk.
- Remediate - We ensure the process is tracked and co-ordinated within your business, allocate resources to point you in the right direction or help directly.
- Feedback - Your opinion is important to us. We send a questionnaire to each of our customers after each project so you can let us know how we did.
Our process examines and strengthens your system through three lines of defence - known knowns, known unknowns and unknown unknowns.
Over the coming weeks, we will examine how we will steer you through those three lines of defence - starting with the first step.
First Line of Defence - Known Knowns
Penetration testing examines systems responsible for defending your business.
It is all about control, allowing you to build, maintain and test the foundations of your cyber risk strategy, securing cloud environments and identifying network vulnerabilities.
We work with you to identify how assets are vulnerable and outline cyber risks, implementing and testing policies and procedures.
- Penetration Testing
How could hackers squeeze through the technology, personnel and processes you have invested in to protect your data?
We use tactics similar to those a genuine attacker would apply to seek out vulnerabilities, identifying the issue and assessing potential damage.
Actionable advice provides a solution to any weak spots identified.
As well as penetration testing, device security assessment peels back the layers for a complete view of the cyber security for servers, laptops, desktops, routers, firewalls and switches.
- Vulnerability Management
Vulnerability assessments are designed to identify security holes and reinforce your networked systems.
Salus Cyber conducts vulnerability scans, single or series, based on your corporate infrastructure and delivers reports with clear actions outlined.
Vulnerability scanning finds known issues for a quick win in improving your cyber security while a management programme discovers, manages and remediates risks across your IT estate.
- Cloud Security
Vulnerabilities within cloud technology are on the rise - the complex infrastructures of the cloud technology make it difficult to know which are exposed to attacks and represent critical risk.
Protecting your cloud infrastructure is crucial as any attack footprint can rapidly expand.
Our team has extensive knowledge on how to protect cloud environments and implement risk management processes that prevent possible breaches.
A security assessment delivers detailed penetration testing on your configuration reviews focused on Amazon Web Services, Microsoft Azure and Google Cloud Platform.
A table-top resilience exercise offers great value, running through what happens in the event of cloud outage and finding out if your design meets your requirements.
Segregation testing removes blurred lines surrounding your network boundaries to ensure no data leaks can occur.
Identity and access management provides advice on how to be more secure while enabling the goals of the business.
- Web Apps & Services
Data availability and access applications are essential within your business - and an attractive target for attackers due to their connectivity across internal resources and databases.
Securing software development is crucial with security assurance activities and architecture analysis ideally woven into the fabric of your plan to reduce vulnerabilities from early on - effectively building security in.
Our services blend technical knowledge with corporate common sense to enable - not restrict - your people, processes and platforms.
We identify risks via web application and services testing to understand any possible impact.
Designed around the level of assurance you require, our application code identifies issues, including possible risks not found during manual testing.
We help with regular testing as part of your secure software development lifecycle or develop one for you.
- Wireless Security
Effective management of potential wireless threats requires a thorough assessment of your environment which is then turned into a security strategy.
We develop a framework to help you understand the risk and a recommended outline for countering the threats.
WiFi penetration testing establishes whether malicious threats can break into networks while we review the risk and implications of allowing corporate data to be accessed on personal devices.
Most wireless networks provide varying levels of access so our network segregation testing offers physical security tests to identify how systems can be overturned by attackers.
We have performed cyber security all over the world including in hostile environments, but no matter the size or speciality of your business, we can help you can become much more secure.
Copyright 2021 Moose Partnership Ltd. All rights reserved. Reproduction of any content is strictly forbidden without prior permission.