M a d. Take control of your digital security. Advisory & Audit Security Testing Certification Services Training & Awareness

Transcription

1 M a d Take control of your digital security Advisory & Audit Security Testing Certification Services Training & Awareness

2 Safeguarding digital security is a profession The digitalisation of our society is ongoing and moving forward fast. This increased pace of digitalisation, combined with the rise of new technologies, also adds to the increase of digital security risks. Cybercrime is on the rise, and legislation is globally intensified. Identifying and mitigating those digital security risks is progressively more complex. New security incidents are reported in the media each day, such as data breaches and hacks. The costs to organisations to deal with these incidents continue to increase. Many organisations remain predominately passive concerning their digital security risks, and mainly react to situations that can and will go wrong, instead of taking proactive action. Some organisations even continue to remain passive until their names are found in the most recent news headlines as the latest victims of a digital security breach. We believe that this can and should be done differently. The right attitude starts with realising that digital security is of vital importance, and that current knowledge and capacity levels in most organisations are insufficient to adequately cover digital security risks. Hackers are constantly innovating, technology is becoming increasingly more complex and legislation is getting more privacy focused. Risks are increasing and ever present and organisations are mostly one step behind. We have a highly dedicated and knowledgeable team ready to identify, reduce and prevent digital security risks, in a structural manner and on a continuous basis. Our consultants use the latest investigative techniques, with a strong focus on IT security. We review and assess your IT environment, after which you can implement proposed measures to prevent future incidents.

3 About Madison Gurkha Madison Gurkha is the independent, specialised partner to take care of your digital security needs. We provide advice, testing, training and certification for our customers and their organisational processes, networks, systems, applications and data. Madison Gurkha identifies your IT security risks, from an independent position, whilst maintaining the highest level of confidentiality and integrity. We provide candid, transparent advice about the state of your organisations digital security. This enables you to take the correct measures to identify, reduce, and prevent digital security issues. Madison Gurkha was founded in 2000 and employs a motivated and dedicated team from offices in the two main technological centres of the Netherlands: Eindhoven, and our country s capital, Amsterdam. Values, Mission and Vision Madison Gurkha adheres to the following vision: The digitalisation of our society is moving forward fast. Computer software is everywhere and systems and networks are interconnected. Society and organisations are increasingly dependent on both of these. Digital security is becoming increasingly more important and needs to be safeguarded by professionals. We translate this to the following mission: To help organisations to improve their digital security by delivering world-class, independent security advice, testing and certification services. Protecting your organisation s most important assets and data is not a task we undertake lightly. We maintain the highest levels of responsibility, care and customer service. Our consultants, in their work, put you and your needs as a customer first, in all of their actions and interactions with you. Our approach, which is applied in practice by our consultants, can be summarized through these core values: Independence / Customer focus u Integrity u Acting in the interests of our client u Easy to do business with Quality / Expertise u Exceed customer expectations u Strive for continuous improvement in all we do u Experts in the digital security sector People / Teamwork u Treat each other with respect u Collaborative mindset / open to feedback u Passionate Madison Gurkha conducted a very large Red Teaming investigation for us. We were impressed by their approach and by what they managed to achieve in a very short period of time. Their investigation exposed unknown weaknesses, which we obviously remedied as quickly as possible. Security officer, government ministry

4 We thought we had good security in place, but Madison Gurkha demonstrated clearly that we can, and must, do better. Security officer, energy sector

5 Madison Gurkha has the proper available knowledge and expertise and they are perfectly capable of applying this to our own organisation. Security officer, government financial organisation Services We bundle our services into a complete portfolio that enables you to be pro-active and in control of your digital security, with respect to people, processes and technology. Our services are divided into four main service lines: Advisory & Audit We expose existing security risks within your organisation, responsibly, and advise on the introduction of new and improved security processes and measures. In addition to security, we also consider privacy risks and preventative measures, which is increasingly more important due to increasing regulations. Our services within audit and advisory: u Security and Risk Management u Privacy u Assurance u Risk Analysis u Security by Design Training & Awareness We are a security knowledge organisation training our own consultants to the highest standards, but also externally share this security knowledge. We are pleased to offer you in-house training sessions and practical workshops, designed to bring you up to date with the latest knowledge. We offer numerous training courses, including: u Secure coding u Certified ISO Lead Auditor/Implementer u Certified ISO 27005/31000 Risk Manager u Security awareness u Training on the job u Hands-on-Hacking Security Testing Our experts provide tests on a wide range of targets including SCADA/ICS systems, (mobile) applications, networks, servers, devices, embedded systems, ERP systems and the human factor. We apply international standards for our tests, but we also like to think outside of the box and act as hackers would. Our services within security testing: u Security and penetration testing u Continuous vulnerability scans u Code reviews u Social engineering u Red Teaming u Agile testing Certification Services Acquiring new certifications requires extra short-term project capacity and, more importantly, expertise and experience. Such a process needs to run smoothly and fast, and needs to yield a certificate as result. As an independent, specialised partner, Madison Gurkha is ideally suited to support you to prepare for your certification or certify your IT (security) solutions, such as: u ISO u BIR / BIWA (Dutch Government) u NEN 7510 (Health) u BSPA (AIVD) u TIBER (Red Teaming)

6 Why Madison Gurkha Many IT security companies operate in Western-Europe, but only a few of them can be taken seriously. What makes us so unique? Specialisation Technical IT security is an exceptionally complex and fast-changing field where a constant struggle exists between digital intruders and defenders. To stay ahead in this race, Madison Gurkha deliberately opts for far-reaching specialisation in technical IT security. Independence Because we do not market any hardware or software, you are always assured of an independent opinion. R&D Our consultants spend a significant amount of time to stay informed of developments, perform research and to play with new advances in IT. We focus both on the sharing of knowledge and on R&D. As a client you benefit from high quality and current IT security knowledge. After all, it is the quality of the consultants that determines the quality of assessments. The four-eyes principle A minimum of two persons are involved in our assessments. This promotes quality and encourages creativity, and enables us to track down even deeply-embedded and complex security risks for you. The four-eyes principle also ensures that knowledge gained is optimally shared amongst our consultants. Reports Our customers rate our reports very highly because they contain clear management information with final assessments, the research can be easily reproduced, include detailed and classified findings, are complete and contain recommendations on strategic, tactical and operational levels. Markets Madison Gurkha offers digital security services to commercial organisations, government, public utilities, critical infrastructure, finance, technology, healthcare, automotive and more. The organisations we serve have one common denominator: they need high quality digital security services. Most of our new clients are recommended by our existing clients that we have been helping with their digital security for many years. Because of the confidential nature of the services we provide we cannot disclose the names of our clients, but to provide you with an overall impression of the opinions of our customers we have included a few of their comments in this brochure. Our website also contains several examples of anonymous completed projects. Specific references are available on request. Madison Gurkha is a professional party who work with us proactively on all manner of digital security related questions. The reports are clearly formulated and very easy to read. IT manager, healthcare organisation

7 Madison Gurkha has supported us for over ten years with professional services. They are our preferred supplier for challenging assignments. Security officer, financial organisation Interested? Would you like to learn more about our services? Please contact us without any obligations. We would be happy to become acquainted and to discuss digital security in more detail with you. Madison Gurkha B.V. Vestdijk CA Eindhoven PO Box CE Eindhoven The Netherlands Karspeldreef CJ Amsterdam The Netherlands T + 31 (0) E sales@madison-gurkha.com W Follow us

8 M a d T + 31 (0) E sales@madison-gurkha.com W Follow us Advisory & Audit Security Testing Certification Services Training & Awareness