Cyber security, information security, privacy online, secure communications, surveillance devices in offices and homes, (data in transit, voice, data at rest on PDA, laptop, mobile phone) – all of these are very real concerns.
Often a client simply does not know if any damage is being done to them through a cyber attack or event, until we are asked to look, fix or else prevent it from happening again, following an attack.
Incident Response services helps a client prepare for and respond to an actual incident. These services include the development of incident response plans as required by most security regulation and also standards like the Payment Card Industry standard. We also provide rapid deployment of incident response teams to either manage or assist a clients own incident response team, or else to provide the entire incident response capability.
We retain a specialized isolated lab and highly trained staff in order to provide forensic analysis of compromised systems and related information. We can uncover evidence which we can then pass on to law enforcement and official agencies where appropriate, which is of a suitable quality to support prosecution.
This forensic analysis can help answer questions like “How was my network breached?”, “What information was stolen?”, “Who initiated this attack?”, and even “Am I still compromised?”.
For example, a recent client having suffered an “attack from a virus online”, was shocked to be told that this was in fact cover for “a back door” which was placed and had been open, for 3 months. This was a multi national client engaged in commercial negotiations with other multi-nationals and several governments.
PSG Assessment Services include technical, non-technical, and regulatory compliance assessments of your existing environment. An assessment provides a clear understanding of the organization’s information security posture, identifies inherent weaknesses and measures regulatory compliance.
Our specialized project management consultants and / or teams, help clients build their security capabilities to a standard which is fit for the purpose for which it is intended, without compromising ease of use for the users. This might include the development of policies and procedures, development and delivery of custom training and awareness programs.