Cyber Essentials Enablement Package
Cyber Essentials is a government-backed, industry supported scheme to help organisations like yours protect themselves against common cyber attacks. High profile Cyber attacks have left companies confused and concerned about how to protect their businesses and where to turn. As a long standing group of Information Security experst, our partners provide help and guidance for any size and type of organisation who is looking to understand and review their current IT security measures and adopt policies and controls recommended by the Cyber Essentials Scheme and other Information Security standards such as ISO 27001.
Our ‘Cyber Essentials Scheme Enablement package’ has been designed specifically for small businesses and is a cost effective way to achieve Cyber Essentials certification and for the smaller companies, also includes Cyber Insurance.
More About This Service
- Benchmark current IT processes, controls, policies and procedures with Cyber Essentials Scheme guidelines and recommendations
- Highlight the gaps that need to be addressed for Cyber Essentials compliance
- Work with the company to Identify the remediation effort and costs relating to complying with all Cyber Essential scheme
- Produce example Information Security policies relating to the Cyber Essentials categories
- Work with the IT team to self certify against the Basic Level of Cyber Essentials Scheme
- Following successful Cyber Security Scheme certification Cyber Insurance is provided
OneSecure is a multi-layered Security service designed to protect your information and data against all types of common Cyber attacks and threats around the clock.
We have used our experience and knowledge of Information Security and Data Protection to bring together best of breed security tools within a single service framework and combine Proactive, Detective and Reactive Information Security protection components.
More About This Service
- Risk Intelligence - real time networking scanning for threats.
- Cyber Essentials Certification - readiness assessment and certification
- Cyber Security Control Environment - reduce risks by up to 80% through policy and control
- GDPR Compliance Review (annual)
- GDPR Compliance Service (ongoing compliance service)
- Remote Monitoring 24x7x365 (Servers and Desktops)
- Web Protection
- Patch Management
- Port Scanner
- Email Security
- Bandwidth Monitoring
- Mobile Device Management
- Anti-Virus / Malware
- Permissions Analysis
- Remote Support
- Data Recovery Testing
- Business Continuity Plan Review
Penetration Testing Service
The goals of a penetration test vary, but the typical focus is to find vulnerabilities that could be exploited by cyber attacks and informing you of those vulnerabilities, along with recommended mitigation strategies. Penetration tests are one component of a full security review and audit.
More about this service
The typical scope for the penetration testing service is shown below:
Network Vulnerability Assessment
A network vulnerability assessment is a test to identify vulnerabilities, which includes vulnerability scanning, but stops short of attempts to penetrate target systems by exploiting any discovered weaknesses.
Infrastructure Penetration Testing (Key Threats)
- External internet infrastructure penetration testing
- External third-party WAN infrastructure penetration testing
- Internal infrastructure penetration testing
- Device identification and network mapping phase
- Service identification phase
- Service enumeration
- Vulnerability and misconfiguration identification phase
- Exploitation phase
- Post-exploitation information gathering
- Post-exploitation privilege escalation
- Post-exploitation further information gathering
- Firewall and network device configuration assessment
Once completed you will recieve a report that includes; details of all security vulnerabilities discovered and how these vulnerabilities could be combined to achieve a compromise of the system.