Security

In recent times security has risen up the priority list for most firms as the threats of security, both cyber and informational have become existential threats to the bottom line and reputation of firms. At MSI we have a pool of expertise and have advised operators and governments on how to handle these issues.

It is now deemed essential that most companies have policies and methods that manage security from the CEO down.

ISO27k - A Global framework for Information Security Management

We can help to audit your existing organisation, security and policies or create the policies where they don't already exist

An audit might typically take a few months to visit your premisies and review all aspects of secuirty.

As a result we make recommendations to imporve the methods and policies and rank the most severe threats.

An audit typically encompasses 3 stages.

Initially reviewing the processes and policies, we would then compare to best practice and standards.
Finally assessing the confidentiality, integrity and availability. The output would be a gap analysis with recommendations.

Cyber Security and Pentration Tetsing

The existential threat of a cyber attack has increased in recent times. It is especially important to guard against theft, malicious attacks and attacks that cause reputation damage for the organisation. We help on several levels with operators, SME’s and regulators to form policies, penetration test and ensure that your organisation is protected against threats through its data architecture and deployment.

We can provide a team that regularly tests your security by finding any potential flaws or routes in. We do this through 3 methods: black box, grey box and white box tests. We use the standard framework supplied by ITU X805. We can also assist you to create a small scale Security Operations Centre (SOC). For larger scale SOC we would bring partners or help you create an RFP and select the right one for your needs.

Forming the right Policies

At a governance level much of security is about having the correct policies in place and ensuring that they are applied. A successful security policy maps the processes, skills and responsibilities from the CEO down.
We can help create the policy document and help to embed it within your organisation. We firstly build an inventory of affected assets (network, IT or other) and a responsibility matrix for each. Then we apply standard operating procedures to each. We can assess your current situation, create a gap analysis and produce a change programme to ensure the successful implementation of the policies. Throughout the process we reference best practice from the industry and use cases from our experiences.