INFORMATION / CYBER SECURITY
ADVISORY SERVICES

“A security system with several layers is difficult to hack. So, even if your data is targeted, getting through the many tiers of security will be a hassle.”

CyberStrat have helped numerous organisations improve their Governance, Risk and Compliance strategies in the Middle East and beyond. Our 1-2-1 tailor made solutions will give organisations the ability to have a risk based solution in combating against cyber war fare.

Drawing on past experience, our advice to clients focuses on following key areas:

Understand the Cyber Risk Profile in relation to your organisation and critical business operations. The cyber security threat has become more complex, and organisations must first understand what it means for them, the level of acceptable risk and key areas for investment in cyber security.

One-Team approach. An effective cyber security strategy must work across an organisation’s security measures. It is also possible to make smart interventions in key areas of vulnerability to boost overall cyber security. Connect the dots so that you could integrate the ISMS and CS with other compliance programmes such as BCMS, PCI DSS and GDPR.

Cyber Awareness & Training. Users of the systems are the weakest link in IT Security. Tailor-made social engineering training and awareness programs are highly effective in educating your workforce in combating against cyber threats. It also helps businesses to address the threat posed by ‘insiders’ who – knowingly or otherwise – may perpetrate or facilitate cyber attacks.

Accept that some attacks will breach your defences – so plan for it! Organisations need to have an effective incident handling process to combat against cyber attacks. It is important to ensure that they have the skills and resources to quickly identify and isolate problems, determine the level of investigation and response required, and maintain business as usual. Importantly, security measures should make organisations more resilient, and not restrict core business.

CyberStrat have years of experience in these specialist areas where you could put the cyber war fare worries behind you and instead focus on what you are best at.

DATA PROTECTION
ADVISORY SERVICES

“Data is the new oil”

Compliance with data protection laws and regulations is always ongoing. Due to much uncertainty about some of the technicalities of the GDPR regulation, many organisations are still partially compliant and in risk to be fined if found breaching GDPR requirements with fines of €20 million or 4% of annual turnover, whichever is greater. Moreover, when mandated to implement the requirements of multiple data protection laws and regulations, many organisations are finding themselves challenged by the task.

CyberStrat provides support and advice throughout your journey to GDPR compliance. This begins with data classification framework and implementation, data protection impact assessment, and continues with a gap analysis, identifying areas for attention through data security provision, awareness and staff training. Here are some of the main steps needed to become GDPR-compliant:

  • Awareness – Ensure all staff are aware of the requirements of GDPR and how it will affect their working practices
  • Privacy – Review your existing data protection procedures and ensure they will meet the new GDPR standards
  • Right to be Forgotten – Consider how you will identify and delete personal data when requested
  • Access Requests – How will individuals’ data access requests be handled within the GDPR legislation time frame?
  • Consent – Has this been granted, and are existing procedures robust enough for GDPR?
  • Data Loss – Ensure that appropriate measures are in place to protect personal data
  • Privacy by Design – New procedures for data gathering will need to ensure that personal data is protected as it is gathered
  • Data Controller – Someone must be appointed to oversee and take charge of the new data protection procedures

“Where there is data smoke, there is business fire”

BC & DR
ADVISORY SERVICES

BC & DR
ADVISORY SERVICES

"Disasters happen, recoveries have to be orchestrated"

CyberStrat’s Business Continuity and Disaster Recovery advisory services aim to prepare your organisation to maintain ‘business as usual’ in the face of major disruption. Disaster Recovery is an essential element of a resilient organisation, which requires its critical business information to be recovered as quickly and efficiently in order to minimise downtime and keep the business running.

To help your organisation throughout this journey, CyberStrat expert consultants will provide you with independent, expert advice on all aspects of business continuity and disaster recovery. CyberStrat expert consultants will:

Perform assessment and gap analysis to examine your most critical business processes and determine what resources are needed, for example, technology, people, suppliers and premises. Our risk-based approach will help you understand your business continuity requirements, ensuring that they identify and cover all critical areas of your business.

Document your strategy and approach in order to prepare your team to recognise threats at an early stage and empower them to take swift action before incidents escalate to crisis.

Build a Business Continuity Plan (BCP) that is tailored to your organisation and aligned with your business objectives to ensure that your business quickly returns back to normal.

Set out how your organisation will operate in the aftermath of an incident escalated to crisis, and how it expects to return to ‘business as usual’, and can provide system recovery advice for your critical systems to ensure they have comprehensive disaster recovery plans that can be recovered in line with your requirements. CyberStrat will tailor its services based on the DR Plan of your choice:

Immediate DR Plan

Comprehensive DR Plan

Customised DR Plan

Present risk-reducing solutions based on international best practice and framework.

Help you with the development, training and testing of comprehensive business continuity plans to provide you with the assurance that the tests for off-site recovery capabilities will be passed and your business can recover as quickly as possible from an incident escalated to crisis.

Provide training material on all aspects of business continuity and disaster recovery tailored to your organisation. This can include specific guidelines to your employees on what they should do once the BCP and DRP have been invoked.

"By failing to prepare, you are preparing to fail"

OUR SERVICES

  • Simbol Sigla Incadrat Vector Assessments
  • BCMS maturity
  • Current State Assessment (CSA)
  • Business Impact Analysis (BIA)
  • Threat & Risk Assessment (TRA)
  • Exercise your BCM Strategy
  • ISMS / CS maturity and roadmap
  • SDLC security
  • Data Center security
  • Data protection impact
  • Security organization and skills
  • Simbol Sigla Incadrat Vector BCMS / ISMS / CS implementation
  • Strategy
  • Policies, Processes, Procedures
  • Contingency planning and resilience
  • Forms, metrics, test exercises
  • Simbol Sigla Incadrat Vector Secure SDLC implementation
  • Simbol Sigla Incadrat Vector PCI DSS / GDPR / Data Protection implementation
  • Data classification
  • SOPs and processes
  • Simbol Sigla Incadrat Vector Assessments
  • BCMS maturity
  • Current State Assessment (CSA)
  • Business Impact Analysis (BIA)
  • Threat & Risk Assessment (TRA)
  • Exercise your BCM Strategy
  • ISMS / CS maturity and roadmap
  • SDLC security
  • Data Center security
  • Data protection impact
  • Security organization and skills gap
  • Training needs analysis
  • Simbol Sigla Incadrat Vector BCMS / ISMS / CS implementation
  • Strategy
  • Policies, Processes, Procedures
  • Contingency planning and resilience
  • Forms, metrics, test exercises
  • Simbol Sigla Incadrat Vector Secure SDLC implementation
  • Simbol Sigla Incadrat Vector PCI DSS / GDPR / Data Protection implementation
  • Data classification
  • SOPs and processes
  • Simbol Sigla Incadrat Vector Maintain & update
  • Information security strategy and objectives
  • BCMS / ISMS / CS frameworks
  • Contingency planning & resilience
  • Business continuity
  • Crisis communications
  • Critical infrastructure protection
  • Occupant emergency
  • Information system contingency
  • Cyber incident response
  • Disaster recovery
  • Continuity of operations
  • Simbol Sigla Incadrat Vector KPIs and KRIs
  • Simbol Sigla Incadrat Vector Management review
  • Simbol Sigla Incadrat Vector Internal Audit
  • BCMS / ISMS / CS / QMS
  • Pre-certification audit
  • Support during external audit
  • Support in closing audit findings

More about our services