CyberGroup Information Security Consulting Services
CyberGroup realise that a complete information security approach not only includes the actual technical solution that provides the security, but must also consist of a comprehensive Information Security Management Approach.

This approach should be able to uncover the risks that the business systems are facing, address them and then manage them. This is the most neglected part of an information security approach, but CyberGroup's Information Security Consulting Team have developed an easy to understand and implement set of services to assist companies in developing an Information Security Management Approach.

CyberGroup's Information Security Consulting Services consists of the following Security Model:
The following provides a short overview of each phase:
  1. Phase 1, Baseline: The CyberGroup Security Assessment Service involves the creation of a baseline to gain an understanding of the customer's current Information Security situation. The Information Security Compliance Audit creates this baseline, and provides a snapshot of the current risks and vulnerabilities, and compares the assessment report to the ISO-7799 standard. This is an effective, quick and inexpensive way to gain an understanding of the current IT security risks and vulnerabilities. Highly skilled, trained and discrete security experts perform all activities, minimising the consequences for the production systems under fire. The security report will highlight both the problematic and adequately controlled areas, which will assist you with your strategic solutions and choices in the security products or services to stay ahead in a competitive marketplace.

  2. Phase 2, Identify Risks: To gain an understanding of the risks, from a technical point of view, a risk assessment needs to be performed. CyberGroup will obtain an accurate image of the customer's security level within respect to the latest-and-greatest security assessment and penetration technologies. The risk assessment needs to address the business assets protection, scope, intrusive nature and consequences, detailing a complete security architecture review. This phase consists of two main areas, the Network Security Risk Assessment and the Business Risk Assessment, resembles a "classical" audit of the customer's IT system. The first service is of a technical nature, and provides details on technical risks, that function under the IT architecture and infrastructure. Secondly, the Business Risk Assessment section of the CyberGroup offering consists of various security assessment procedure modules. Our security assessment procedures will take the customer on a journey of how to understand the risks, and then how to address and manage them effectively. We provide these phases to our customers, in order to assist companies to understand the risks associated with their policies and procedures. We refer to this phase as the grey area in Information Security in the above-mentioned Security Model diagram.

  3. Phase 3, Address Risks: Once we understand a company's risks and vulnerabilities in terms of their Information Security, we can start to address the security risks without compromising the technical and business logic of the customer. Shortcomings are immediately identified and countermeasures are proposed where possible, together with a cost estimate of these actions. The latter result in a real-world security assessment is unavailable through theoretical security-centric design. We address the risks by creating and applying remedies to problem areas, by applying preventative measures and by designing, or updating an effective Information Security Policy with the focus on the business needs, as well as the security needs of an organization.

  4. Phase 4, Manage Risks: With reference to the Security Model diagram above, we call this phase the Secure Zone. It is favorable to have a well-defined Information Security Policy, but if the policy is not implemented correctly, it will have little or no effect on the business. Hence, for all practical purposes it would be seen as if no Information Security Policy is in place, which should protect your business from exposing themselves from real everyday security threats and unorthodox behavior of the under world. The CyberGroup Information Security Consulting Service team will assist a customer to develop their own standards; procedures and guidelines based from the current ISO standards. A unique Information Security Policy are specially customised and adapted to the company's business needs. The customer's new policy will still fall within the ISO security regulations, which are necessary to enforce a successful and well-defined Information Security Policy. Once the Information Security Policy have been created, implemented and all the security vulnerabilities been addressed correctly, the customer only needs to apply proper management. From hereon the "ship" will virtually steer it self.
The risks are out there and they are real, what you don't know can and most probably will harm you. All systems are vulnerable to attack from both internal and external threat agents. Security threats facing businesses today have never been greater, and they only promise to become more sophisticated and dangerously effective in the future. Now is the best time to get your Information Security Management in order, don't wait until you've been compromised.

CyberGroup have put significant effort into developing a Security Model that works, and that will deliver on the expectations where Information Security can easily be managed effectively, and will in affect simultaneously reduce unnecessary security risks that could easily have been prevented with our Security Model approach. Our Security Model will take the customer on a journey of how to understand the risks, and then how to address and manage them effectively.

These Information Security Services can be done separately if required, but understandably would be of greater benefit should all four steps be completed. However, we do understand that sometimes the only requirement is to pin point a specific area of concern.

CyberGroup offers you its expertise for customized security solutions by giving you direct access to the core assets of the company, are proof of our commitment to concentrate on the security of your e-Business.

For more information on any of the services described feel free to contact us.

Now is the best time to get your Information Security Management in order, don't wait until it's too late. Hackers don't sleep!