SPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES

Transcription

1 SPECIALIST CYBER SECURITY SERVICES & CYBER VULNERABILITY HEALTH CHECK FOR SMALLER COMPANIES Dear Executive, you requested more information, here are three quick questions Would you know if your company has been hacked? Are your private details available to Hackers on the Darkweb? Would you like to ensure your company is Hacker Hardened? T: W: E: Version 1.0 Tuesday, 29 May 2018

2 Introducing Your Red Team Leader. Mike Loginov is President of the IOTSA. He is a Global Cyber Security Strategist and former UK Military secure communications engineer, Certified Chief Information Security Officer (C CISO) and winner of the UK Cyber Security Awards 2016 and CSO of the Year He is also former Chief Cyber Security Strategist for HP and the Founder and CEO of Cyber Security Consultancy of the Year the Ascot Barclay Group which is now in its 12th year. Mike is a well-known and sought after public speaker on the international industry events circuit. He is currently CSO and advisor on the subject of cyber defence to a number of small to global companies and governments internationally and has served as CSO & CISO for FTSE 100 organisations. A judge on the SC Magazine Awards for the past seven years and is the Founder and President of the International Operational Technology Association ( a not for profit initiative serving the Global Operational Technology cyber security community. PAGE 2

3 Mike Loginov Speaking at the Elite EU CISO Summit Portugal 2018 Mike is formally a founder, lecturer and Vice Chairman of the Coventry University National MBA in Cyber Security and has completed the SANS Institute CICSP certification Training and has a focus on the convergence of security matters resulting from the integration of IT with OT and the impact of IOT. Currently studying with Harvard University. He is the Author of the book CISO Defenders of the Cyber Realm Keeping the Lights on, The Banks Open and Food on the Shelves due for release Winter PAGE 3

4 Three quick questions Would you know if your company has been hacked? Are your private details available to Hackers on the Dark Web? Would you like to ensure your company is Hacker Hardened? The SME Cyber Review, Data Protection and Red Team Assessment This is a specialist review service designed for small to medium sized companies, The Ascot Barclay Group (ABG) has, for many years, been helping companies of all sizes become more resilient and protected from online attacks by Hackers and adversaries. Combining physical and human factors with Cybersecurity to ensure a holistic approach to defending your organisation and keeping your data, intellectual property (IP) and commercially sensitive information safe and under your control. SME s have gone out of business through being hacked that need not happen to you and its our job to help ensure it doesn t. FOR A SHORT TIME ONLY WE ARE OFFERING THIS SPECIALIST SECURITY AND GDPR ASSESSMENT TO SME S ON A FIRST COME FIRST SERVED BASIS AT SUPER LOW PRICE. The ABG Cyber Security Health Check is comprehensive and can include: Assessment of threat landscape and Executive Risk Briefing relevant to your industry and company. Dark Web Search for Compromised Credentials, such as sensitive company information, user passwords and user names, Directors personal details Vulnerability Assessment and Penetration Testing of your systems and technologies Just how easy would it be to hack your organisation? We find and help you fix the gaps. Maturity Assessment Just how secure is your organisation when compared to industry benchmarks and frameworks such ISO27001 and the mandatory legislative requirements of GDPR and NIS? Utilisation of our CISO Footprint and CISO Fingerprint assessment tools and covering a wholistic view of security and security culture within your company. Staff Risk Awareness Training Aware staff are the first line of defence. We offer a 2-hour interactive workshop as part of our Hacker Hardened certification for your company. Review of Current Security and Data Protection Policies We can provide templates if needed. WIFI Vulnerability Review is your WIFI configured correctly? Can it be used to gain access to your systems? We will check and report on the status. EXECUTIVE REPORT - This all culminates in an executive level report supported by detailed information on vulnerabilities with recommendations on how best to mitigate issues. The report can also be useful for supporting audit and compliance requirements. Options for ongoing part time CISO as a Service to maintain security. PAGE 4

5 The Approach for SME Niche Cyber Security Services What we need to get started: Up and running.. Wrapping up. Project Initiation. 1) Telephone Q&A to align both parties on objectives and scope. 2) Master Service Agreement (MSA) with Statement of Work (SoW) which we will provide for you to agree and sign. 3) Agree date to get started along with testing window and site visit where needed. 4) Setup interview dates with chief executive or senior team member responsible for the security project and wider team as appropriate. 5) Make Deposit to ABG Account 6) Overview and brief on the companies history and services of products offered. 7) Agree List of agreed IP address s for external pen testing purposes. 8) ABG Set up project file and assign team members to the tasks. Project Delivery 9) Conduct Cultural and Physical Security review 10) Capture Security Risk Strategy 11) Review of Security and Data Protection Policies (we can supply templates if needed) 12) Conduct WIFI Review 13) Complete Maturity Assessment 14) Complete Threat Landscape Assessment 15) Conduct Penetration Testing and Vulnerability Assessment 16) Darkweb research seeking compromised credentials 17) On site Staff Risk Awareness workshop - where appropriate. 18) Deliver Draft Report Project Conclusion 19) Deliver final Report & recommendations 20) Lessons Learned Interview with Senior Executive 21) Next Steps Standard Timeline Four to Six Weeks From project initiation to delivery of the final report typically takes four to six weeks, this is mostly dependent on the availability of your staff and the required information being made available in goodtime. We can complete things quicker via our express offering where there is a need to do so, if required please contact mike.loginov@ascotbarclay.com or mobile to discuss schedule. PAGE 5

6 Our client list includes companies & organisation of all sizes Examples across both the Public and Private sectors include Bank of England Department of Works and Pensions (DWP) Premier League Football Sky Broadcasting Powel AS Metropolitan Police CEOP States of Guernsey Isle of Man Government Grant Thornton Generali G4S Prudential Carey Olsen Kleinwort Benson PLUS A HOST OF SME S FROM 10 TO 10,000 STAFF FIRMS PAGE 6

7 HACKER HARDENED AT ASCOT BARCLAY WE HAVE OVER THE PAST FIFTEEN YEARS OR SO DEVELOPED OUR 5M STRATEGIC APPROACH TOWARDS MOVING OUR CLIENTS TOWARDS BECOMING HACKER HARDENED, THE 5M S WE RECOMMEND ARE: 1 MANAGE Supply of experienced CISO and senior security leadership capabilities and cyber security resources to complement, deliver or lead the CISO office or support an efficient and effective security Target Operating Model (ToM). (Also see CISO Fingerprint) 2 MEASURE Capture your current security posture and level of risk exposure. Baseline your cyber and security controls and maturity level to define and inform your business strategy, policy, budget and critical defensive projects and security capabilities. 3 MONITOR Provide real time oversight of your security estate, identify areas that are potentially open to exploitation. Monitor for anomalies and changes in network behaviour to identify possible internal and external breaches. Provides executive insight for improved decision making. 4 MITIGATE Penetration and adversarial Red Team Testing to identify gaps across; physical security, digital (cyber) security (IT & OT/ICS) and associated human factors. Prioritise mitigation strategies and solutions based on your level of risk appetite, threat landscape, availability of budgets, your cultural and resourcing requirements. 5 MAINTAIN Virtual or aas on-going executive oversight and management of your security estate. Recognising the business, legislative and security threat landscape changes frequently we help you achieve and maintain HACKER HARDENED status on going. Let us manage your security for you. PAGE 7

8 Our Recent Awards Company & Personal - Include Most Influential CEO of the Year PAGE 8