Training & Awareness

We view Information Security Awareness as a continual lifecycle, containing activities to enhance participant
understanding of your Information security policies and procedures.

This approach strengthens your overall security posture, while maintaining alignment with your goals and objectives.

Our program is repeatable, sustainable, and maintainable.
• Information Security
• Annual Trainings
• For software developers
• Security awareness programs

Information Security
Framework

Development of policies, procedures, tools, training, and processes to assist management in maintaining

Effective data protection compliance e.g.:

• Policy & Procedure Development
• Risk Remediation & Control Design & Implementation
• Data Protection Strategy Development & Organisational Design
• Training & Awareness Development & Delivery
• Project Management Support
• Data Protection Resource

Business continuity

Allows you to see how the business impact analysis fits in with your Business Continuity Management Lifecycle,
including Business Process Identification and non-technical dependency analysis to drive other downstream
activities to setup and maintain a successful BCM program.

• Business Continuity Plan (BCP)
• Crisis communication plan (CCP)
• Continuity of Operations Plan (COOP)
• Critical Infrastructure Protection Plan (CIP)
• Information System Contingency Plan (ISCP)
• Disaster Recovery Plan
• Pandemic Preparedness Plan
• Occupant Emergency Plan (OEP)
• Cyber Incident Response Plan

Software Security
Assessment

Our Software Security Assurance service allows you to improve your software security
posture by using our expertise in the field at your service.
Our seasoned professionals will guide your development and architecture
team through the path of continuous improvement.

• Pentesting Services
• Secure Code Reviews
• Security architecture reviews

Forensic Services

Regardless of occupation or activities we carry out, we are technology users. And those
technologies can be vulnerable, causing damage to our business or privacy.

Under these circumstances we need to clarify: What happened? How did it happen? When did that happen?
And in the best case: Who did it? Why did they do it?
• Forensic Investigation
• Forensic Analysis
• Legal Process Companion

Consulting services in Cybersecurity

We would be happy to meet with you

Learn more about industry best practices, keep up with recent product updates, and catch the latest news

COBIT-2019 but not the disease

Dear Reader: This week we will speak about COBIT. But do not worry about being infected. Not to be confused with COVID-19, we´re talking about one of the best compliance frameworks developed to date. COBIT stands for Control OBjectives for Information-related Technologies. It is a framework developed by ISACA for…

ITIL: A misunderstood Library that adds value to organizations

Dear Reader: Thanks for joining us on this trip across the exciting subject of Governance, Risk, and Compliance. As promised last week, we will start speaking about ITIL® in this week’s post. Let’s start by solving the mystery of ITIL®’s Name: ITIL® stands for “Information Technology Infrastructure Library,” however, according…

G for Governance - The GRC Corner #2

Dear reader: Nice to see you again. This week we will be talking about Governance, the first pillar of the GRC process. We can call Governance the foundation stone of the GRC process. Using an analogy, constructing Risk and Compliance without Governance is like trying to build a house roof…