We provide
to our customers -

safe business

We provide
to our customers -

safe business

Provide our customers

safe business

Your Information Security –

our care!

Services

Based on the experience and competence of our team, we are ready to provide a full range of consulting services in the field of cybersecurity

servivces-description-img-1

maturity assessment of safety management processes

Key points:

  • identify potential “threats”, conduct their statistical analysis, give an accurate picture of the structure of possible losses at the facility;
  • to form a common vision of all stakeholders in the matter of ensuring the safety of the facility, taking into account the strategic goals of the company;
  • to form the optimal (from the point of view of the cost / effectiveness ratio) complex of security systems taking into account the most probable risks and threats;
  • ensure the harmonization of various elements of the security system within a single concept;
  • set the parameters for evaluating the effectiveness of the future security system.
servivces-description-img-1

risk analysis and assessment

Risk analysis refers to the procedure for identifying risk factors and assessing their significance. Thus, risk is the likelihood that certain undesirable events will occur that adversely affect the achievement of the goals of a particular business process. Risk analysis includes risk assessment and methods to reduce risks or reduce adverse effects associated with it.

Risk analysis can be divided into two mutually complementary types: qualitative and quantitative. Qualitative analysis aims to identify (identify) factors, areas and types of risks. A quantitative risk analysis should provide an opportunity to quantify the size of individual risks and the overall risk in general. The final results of the qualitative risk analysis, in turn, serve as initial information for conducting a quantitative analysis.

However, the implementation of a quantitative assessment meets the greatest difficulties associated with the fact that a quantitative assessment of risks requires appropriate baseline information and a well-defined jackal of assessment.

servivces-description-img-1

the formation of a strategy for the creation and development of cyber security in the organization

The need for a cybersecurity strategy, as a rule, arises for companies that already feel confident enough in the market to make plans for the years ahead, but have faced the following challenges:

  • lack of correlation between the strategic goals of the company and the directions of cybersecurity development;
  • insufficient information security of the company’s key business processes;
  • low return on investment in the development of information security.

The cybersecurity development strategy should be considered as some kind of map that defines landmarks on the ground and directs to the goal. It allows you to make achieving your goal manageable by setting limits and priorities for making tactical decisions for those who are responsible for the development of the company and / or individual areas. It is worth noting that the cybersecurity strategy should not be static and, as the uncertainty factor decreases over time, the strategy should be reviewed and, if necessary, adjusted, setting new priorities for tactical decisions.

servivces-description-img-1

training your specialists

Training employees and developing their skills in applying advanced IT security technologies is one of the key elements of an effective corporate strategy aimed at protecting against threats and minimizing the consequences of cyber attacks. The courses are aimed at companies that consider IT security one of their priority areas of activity and strive to provide a higher level of protection for their infrastructure and intellectual property. The information, safe and educational program offered by the company has a wide coverage of topics and approaches related to ensuring IT security, and offers various types of certification – from the basic to the expert level.

servivces-description-img-1

cyber security office staff training, repelling phishing attacks

Technical protection measures against phishing, such as filtering and analysis of mail / web traffic, limiting the software environment, preventing the launch of attachments, are very effective, but they cannot resist new threats and, more importantly, they can not resist human curiosity and laziness. There were cases when a user, being unable to open / launch malicious content at the workplace, sent it to his home computer and started it, with all the ensuing consequences.

Therefore, no matter what solid technical security system we build, we should not forget about the main link in the entire chain – the user, and his training.

Periodic briefings and newsletters are an important component of staff training, but, as practice shows, their effectiveness is much lower than training employees on their own mistakes.

What will we do to conduct testing and training of personnel to identify phishing attacks.

  1. Send phishing emails to users;
  2. When you click on the link in the body of the letter to notify the user of his error – send to the web site with a training page;
  3. Keep statistics on inattentive users.
servivces-description-img-1

implementation of solutions and their support

We provide a full range of work on the implementation of solutions with subsequent support.

Our partners

SOTI
IBM
Qualys
Cobwebs
Thunder
splunk
Wallix
lankom
END
Verint
Cynet

Decision

SOTI MobiControl – MDM solution and implemented cases

Problem: employees using unapproved software at workplaces, losing mobile devices with service information.

 

Solution: allows centralized management of corporate devices to ensure security, support and management of business devices.

 

Implementation: this solution was implemented in LifeCell UA.

 

Result (s) achieved: loss of confidential information was minimized, the policy of installed software was regulated.

Thunder NSI solution and implemented cases

Problem:

Thunder NSI solution and implemented cases

Decision:

using a cloud platform, it takes care of all the DNS queries, analyzes them and sends only trusted queries to the client’s network.

Results Achieved:

300K + threats blocked, reduction in the number of calls to the support service, the database “Big Data” 2B + data points was created, the caching speed was increased to 90%.

IBM solution and implemented cases

Problem:

Collection and analysis of logs. Prioritization of information security events. Investigation of incidents. User Behavioral Analysis.

Decision:

IBM Qradar, UBA, Watson.

Results Achieved:

Collection and analysis of 1.3 TB of logs per day. Prioritize all information security events. The threat response time has been reduced from 5 hours to 10 minutes. The time to investigate incidents decreased from 6 days to 4 hours. Behavioral analysis of all employees for risks to the company and infrastructure. All events from different sources of information are now in one interface.

Splunk solution and implemented cases

Problem:

a wide variety of network devices.

Decision:

a wide variety of network devices.

Results Achieved:

  • the presence of a single processing center;
  • and monitoring data from network devices;
  • allowed to reduce response time;
  • for an incident up to 5 minutes, which reduced costs;
  • associated with downtime 1.8 times.

Qualys solution and implemented cases

Problem:

Vulnerability Management. Inventory of IT assets. Investigation of incidents. Reporting to management and regulators.

Decision:

Visibility picture of the vulnerability of the entire network 24/7. Inventory of all IT assets, certificates and licenses. Automatic reporting of closed vulnerabilities and the state of infrastructure today. Monitoring and compliance with regulatory requirements. Equipment settings according to world standards GDPR, PCI DSS, ISO.

Results Achieved:

Vulnerability visibility on the network 24/7. Prioritize vulnerabilities from most critical to less important. Ways to solve and patch each of the vulnerabilities found, which allows to reduce the incident closure time to 2 hours. The report preparation time for the regulator and top management was reduced to 1 hour, which saves the resources of IS employees by 1 business day. An inventory of IT assets and licenses increased the productivity of procurement and IT staff by 4 times. Investigation of incidents was reduced to 2.5 hours.

Endpoint protector solution and implemented cases

Problem:

one of the leaders of DLP solutions (Data Loss Prevention).

Decision:

monitors and analyzes all passing user data and identifies leaks or possible risk data.

Results Achieved:

  • loss prevention;
  • confidential information;
  • allowed to keep the news secret;
  • from competitors.

Lancom Systems solution and implemented cases

Problem:

variety of network equipment on the market.

Decision:

network equipment from one manufacturer.

Results Achieved:

reduction of equipment setup time.

Cobwebs solution and implemented cases

Problem:

Publication of confidential company data on social networks; leakage of your corporate or personal data.

Decision:

through its accounts and accesses, it collects information according to the criteria specified by the customer and issues a report.

Results Achieved:

unreliable employees found in companies.

Thunder NSI solution and implemented cases

Problem:

consolidation of a distributed network into a single virtual network.

Decision:

using a cloud platform and end physical devices allows you to build a virtual network of the enterprise.

Results Achieved:

single point of administration, simplicity of settings allowed to reduce the requirements for the qualifications of duty administrators Encrypted tunnels, DNS Security, Cloud Firewall, Load Balance are now all in one device and controlled automatically by Machine Learning.

Wallix solution and implemented cases

Problem:

What do system administrators, database administrators, remote programmers do on your system? Who controls them? What actions led to data loss, inaccessibility of resources?

Decision:

monitors and monitors the actions of privileged users of your network.

Results Achieved:

differentiation of access by device groups, access and action control, working hours, prohibition of critical teams, all this allowed to increase the level of performing discipline among privileged users and reduce incidents with a negligent attitude to work.

Verint solution and implemented cases

Problem:

to date, receiving a video image is not enough to quickly respond to threats.

Decision:

allows you to process large amounts of video data, which is to obtain a protected object by quickly responding to threats.

Results Achieved:

The speed of response to incidents has increased significantly, and most importantly, the quality of incident detection has increased. If earlier the percentage of identifying unreliable visitors was 34%, then after the introduction of the system it increased to 72%.

  • Defense costs decreased by almost 1.4 times in terms of 3 years, but the client received a single point of protection against attacks.
  • there is no need to train company specialists in different solutions, 24/7 support.

Scheme of work

Typical algorithm of our work:

Selection and coordination of solutions that best meet the requirements of the customer’s company and eliminate existing vulnerabilities
1

Selection and coordination of solutions that best meet the requirements of the customer’s company and eliminate existing vulnerabilities

Formation of a proposal for identified vulnerabilities and taking into account the company’s plans for the development of network infrastructure
2

Formation of a proposal for identified vulnerabilities and taking into account the company’s plans for the development of network infrastructure

Auditing existing network vulnerabilities with testing
3

Auditing existing network vulnerabilities with testing

Implementation solutions
4

Implementation solutions

Support for implemented solutions
5

Support for implemented solutions