Training & Consulting
Not all data breaches occur from being ‘hacked’ – in fact, nearly all data breaches are directly attributed to some form of human error. Perhaps a lack of training, internal sloppy practices, poor password hygiene, misconfigured IT systems and security, inadvertent disclosure of personal information, incorrect disposal of sensitive data, or the loss of a digital asset (mobile device, laptop etc.).
For many businesses, the threat landscape is too broad to manage alone, and hiring dedicated and experienced resources to mitigate all these areas of potential exposure may not be affordable or practical. Many businesses now recognise the benefits of engaging with independent specialists who can provide end-to-end independent solutions to support their ongoing business requirements.
Cyber Audit Team will support your company’s existing information security and cybersecurity maturity journey by providing specialised training, policy & procedure development, independent IT security configuration, validation and hardening, and CISO-as-a-service.
Cybersecurity Culture & Awareness Training
Cybersecurity is everyone’s responsibility and your people play an integral role in front line cyber defences; however, untrained, they can also be your greatest risk.
Not all data breaches occur from being ‘hacked’. In fact, nearly all incidents and breach can be attributed to some form of human error such as a lack of training, ineffective policies or procedures, inadvertent disclosure of personal information, poor password hygiene, incorrect disposal of sensitive data, or misconfigured IT systems. A 2019 IBM Threat Intelligence Index discovered that the ‘Insider Threat’ still posed the greatest risk to businesses. Therefore, greater emphasis must be placed on user-awareness, staff training and educational programmes.
As part of our Managed Security Services, we will train your staff so they become one of the strongest links in your company’s defences – effectively your “human firewall”.
Starting with your Board and Senior Executives, training is delivered via face-face workshops and our Learning Management Systems (LMS). Our one-on-one training workshops ensure that information security and cybersecurity are forefront of mind, whilst delivering the latest international cybersecurity intelligence.
Information Security Policy and Procedure Development
Information security policy and procedure development and maintenance is an integral part of any information security program. Security policies set the standard for the implementation of all controls associated with managing the risk associated with your company’s information security plan.
As part of our Managed Security Services, CAT will assist your company in highlighting potential deficiencies in existing policies, identify any missing policies, and develop relevant comprehensive information security policies that better align with your business objectives, best practices, and address the risk and compliance requirements of your company’s chosen security framework. We will also assist in developing your company’s Data Breach Response Plan.
Chief Information Security Officer as a Service (CISOaaS)
There are numerous arguments that almost every company should have a Chief Information Security Officer (CISO) however, in reality, this is just not feasible or practical for many businesses. Depending on the size of your business, the cost vs workload factor is simply weighted in one direction, meaning a CISO is generally infeasible.
Through our Manages Security Services, CAT has developed a solution to bridge this gap by providing a CISO “as a service” (CISOaaS), which can be used a little or as often as required. Our CISOaaS will provide your company with information security leadership from an appropriate pool of expertise and technical resources from within CAT. We will provide your company with appropriate security guidance to your senior management that will drive your company’s information security programme.