Preventing a cyber security breach from occurring in the first place is far more preferable to having to recover from a successful attack. A relatively small financial outlay can often prevent around 80% of current cyber security attacks. We can help you identify the risks (Assess) and then work with you to prioritise their remediation at a pace and expenditure which you are comfortable with.
The services outlined below are some of the services we offer, which enable us to work with you to make your networks more secure and prevent an attack from occurring in the first place:
It used to be a case of out of sight and out of mind, however, these days Cloud offerings and containers are becoming a soft target for attackers, whether you are using AWS, Azure or any number of other cloud offerings, it is imperative that they are secured correctly and monitored.
Our consultants will review your cloud services to understand how they are being used and what could be done to configure them more securely.
Cloud service providers have recognised that their services are being attacked and have responded with a succession of configuration options to make their offerings more secure.
Our experts work hard to stay on top of these security developments, in fact we use a multitude of cloud services ourselves and practice what we preach.
The security functionality available within Office 365 is increasing rapidly, CND have a great deal of expertise in configuring Office 365 to be more secure, from setting up multi factor authentication, to tuning Data Loss Prevention setting and much more in between.
Security isn't always present by default in most networks or even products, our architects will configure existing products to make them more secure or add dedicated security products to guard against a number of attacks covering a wide range of solutions. These include boundaries, cloud, endpoints and networks to name but a few.
Our security architects design security into a range of systems from entire solutions to individual components and from requirement capture through to implementation. We are vendor neutral, though we do have found some products that we lean towards as we have found them to be best of breed.
Many of our staff have the highest level of security clearance and can work within a number of architectural frameworks including TOGAF
With over 20 years of cyber security experience our service is called upon to fulfill all manner of security architectural tasks, in addition to our permanent staff we can also select from thousands of subject matter experts from our Associate Pool.
Maritime has been described as the Perfect Storm for a cyber security attack. Each modern vessel is a floating computer network with numerous systems including navigation and even the Industrial Control Systems associated with managed the vessel connected together.
Cyber Security was never an issue as the ships presented a moving target with minimal external connectivity, this has now changed and vessels are often constantly connected to the Internet and therefore a target to anyone who cares.
Ships and ports are being are facing cyber attacks on a regular basis, their every move tracked and some ships have even been taken over remotely.
Please click on the link below for more detail
Originally designed for cryptocurrencies, other uses for Blockchain are emerging due to it's unique properties around ownership, cryptography, immutability and transparency, especially in finance and governance.
This makes Blockchain an extremely attractive target for criminals and nation states. CND are currently devising a comprehensive Blockhain Security Service and amongst our staff are some of a handful of Certified Blockchain Consultants in Europe.
MORE COMING VERY SOON
Unauthorised exfiltration of data is a huge concern for most system owners, the information might be personal, confidential or intellectual property. The parties responsible could be legitimate users within the organisation acting maliciously or accidentally, or the data loss could be the result of a breach.
We offer a range of services around data loss prevention from the configuration of operating systems and applications, through to the deployment of products which are specifically designed to prevent data loss either at the network level, endpoint or server.
By default many operating systems and applications are afforded a basic level of security in order to provide an almost guaranteed level business function. The security of the operating system and applications can be greatly enhanced through the application of specific settings,
At CND we either create bespoke hardening (clamp down) instructions for the systems in question, or follow, usually with some adaptation, existing hardening guides from a number of sources.
These changes are undertaken carefully and we tune the changes to the environment ensuring continued business function through thorough testing.
The insider threat is when legitimate users of a system turn bad and do harm. Whether they are exfiltrating data or causing malfunction, because they are legitimate users of a system it makes it very difficult to catch them.
Insider Threat Prevention also works very well at impeding external attackers during a breach.
In order to prevent their activity we work with you to fine tune each users privileges and permissions to ensure that they have just enough to do their job. We also identify information which might attract a rogue user and apply measures to ensure it can only be accessed by authorised staff.
In order for Insider Threat Prevention to be fully effective, a defence in depth strategy is required which goes beyond just the technical measures which prevent sensitive data exiting a network boundary.
This includes but is not limited to deterrence and heuristical checks which detect deviations from a users usual pattern of life.