1. Information Security Survey
2. Cyber Penetration Testing
3. Information Security Courses
4. Forensic Investigations / Expert Witness
5. Network Monitoring Services
6. Research / Intelligence
Understand the policies and procedures for every major department in the company including HR, IT, finance, marketing, business development, and others.
Network devices, servers, personal computers.
Deployment of network sensors to monitor the internal network for a malicious traffic.
Where is the organization weak from the information security point of view? What are the vulnerabilities that a cyber-criminal or hacker can take advantage of? Are you susceptible to social engineering attacks, web-based attacks, etc. Do the third-party software and service providers you work with address information security related issues? What regulations are required for your business.
Firewall rules, active directory GPO, file servers, backup routines, anti-virus auditing, network services, vulnerable services/web applications, security testing report auditing, weak procedures which allow security gaps and breaches, how is data shared in the work environment, are e-mails encrypted.