How we help company directors beat the rising cost of cybercrime

Insight

Discover the most critical cyber threats and determine how poorly prepared your organisation is at predicting and preventing these.

Foresight

Develop a strategy that prepares you and reduces the operational inefficiency of spontaneously and reactively dealing with cyber attacks,

Oversight

Get to the heart of the cybercrime problems and build a culture of people, process, technology and communication that can combat cybercrime.

Insight

Why you should consider Insight

You need to make important decisions about how to deal with cybercrime in your organisation. The power to choose how to invest budget, without fear, because you know that the investment being made will yield a return on investment relies upon useful and timely information in language you understand. Sadly, IT will always fall short in providing you that information.

Colourful heat maps, risk described in terms of high, medium or low likelihood and impact, reports showing IT working overtime to prevent threats or an increase in the number of viruses detected are not even close to the information you need.

Insight was conceived to look at the most likely cyber threats to your organisation and to assess how well prepared your organisation is to identify the assets that those threats will target, the vulnerabilities that are exposed to those threats, and the operational, physical, personal, legal, reputational and financial impacts to your organisation when your organisation encounters those threats. Impacts are measured in likelihood, as a percentage, and impact, as a financial cost, should those threats turn into breaches based on your organisation’s current cyber resilience maturity.

How Insight works

  • We interview various functions of your organisation, from executive to IT, HR to marketing, legal to finance and even reception and janitorial services.
  • We assess existing plans, processes and any other pertinent documentation to help us understand which are the most critical assets to your organisation and to identify what the vulnerabilities are in those assets, keeping in mind that assets are those which process, store, or transport information and could be digital, physical or even human.
  • We go beyond the technology, and learn about the people who are increasingly becoming the most likely targets for cybercriminals.
  • We establish the eight most likely cyber threats given the assets your organisation relies upon and the inherent vulnerabilities and start to look at the impacts to your organisation if those threats were to manifest.
  • Finally, we explore the opportunities to help you determine how you can better reduce risk, gain operational efficiency, a return on investment, and competitive edge.

Insight relies upon a four-step process you would already be familiar with, SWOT:

  • Strengths: assessing the maturity of your organisation to identify and classify digital, physical, and human assets upon which the organisation relies to survive, and ideally thrive
  • Weaknesses: assessing the maturity of your organisation to discover and remediate vulnerabilities in your organisation’s most critical assets, observing that vulnerabilities can occur at various stages of an asset’s lifecycle from design, to implementation, to operation
  • Opportunities: assessing the maturity of your organisation to accept, avoid, transfer, and mitigate the impact when a cyber threat was unable to be prevented and resulted in a cyber breach
  • Threats: assessing the most likely threats to target your organisation based on the most critical vulnerabilities in the most critical assets recognising that threats can be political, economic, social, technological, environmental or legal in nature.

What insight gives you

You will receive a report written entirely in jargon free, executive level, language highlighting:

  • A dossier on the eight most likely threats to target your organisation
  • The motives of cybercriminals who would be behind those threats
  • Which assets those threats will target
  • Which vulnerabilities exist which significantly expose your organisation to those threats
  • The current level of risk to your organisation should those threats target your organisation with risk measured as a likelihood (percentage) and impact (financial cost)
  • A prioritised list of recommendations that should be carried out to reduce risk, and improve operational efficiency, return on investment and competitive edge.

A two page executive level summary will be provided with links to greater detail for company directors that want to gain a deeper level of understanding.

The outcome is real tangible insights with which you can make truly informed decisions about how to invest in people, process, technology and communications to combat cybercrime.

If you are not getting visibility into how cybercriminals are targeting your organisation and what the repercussions might be, you need Insight

Foresight

Why you should consider Foresight

You need to know that the investment in combating cybercrime your organisation has made today has prepared it for tomorrow’s cyber threats. The ability to remain relevant in a rapidly moving digital world in which uncertainty lurks around every corner requires careful analysis and planning.

It is so heavily focused on threat prevention, which is increasingly failing. The highly tactical and reactive nature approach o new cyber threats not only leaves you in a precarious situation, but is also burning through money quickly.

Foresight has been developed to look at the six areas of preparation required to effectively reduce the risk of cybercrime to your organisation. Analysis of current management practices around assets, vulnerabilities, threats, incidents, business continuity and crisis are used to formulate an action plan to move your organisation from its position of vulnerability and reactivity to new threats to one where it is proactive and resilient. The result is significant improvements in operational efficiency, return on investment, and even a competitive edge.

How Foresight works

  • We interview various functions of your organisation, from executive to IT, HR to marketing, legal to finance and even reception and janitorial services.
  • We assess existing plans, processes and any other pertinent documentation to help us understand how to better foster collaboration amongst your people, create missing processes and improve existing processes, better leverage existing technology, and enable communications between existing organisational functions.
  • We explore how to better use your communications, people, process and technology to carry out critical cyber resilience activities such as asset management, vulnerability management, threat management, incident management, continuity management and crisis management.
  • Finally, we map out a strategy to take your organisation from the current vulnerable or reactive maturity level to one of cyber resilience.

Foresight relies upon a unique but proven six-step process that we have created at The Security Artist:

  • Asset management: defining how to leverage communications, people, process and technology to identify and classify assets.
  • Vulnerability management: defining how to leverage communications, people, process and technology to discover and remediate vulnerabilities.
  • Threat management: defining how to leverage communications, people, process and technology to predict and prevent threats.
  • Incident management: defining how to leverage communications, people, process and technology to detect and respond to attacks.

What Foresight gives you

You will receive a documented cyber resilience strategy written entirely in jargon free, executive level, language detailing:

  • The steps, goals and timeline required to achieve asset management
  • The steps, goals and timeline required to achieve vulnerability management
  • The steps, goals and timeline required to achieve threat management
  • The steps, goals and timeline required to achieve incident management
  • The steps, goals and timeline required to achieve continuity management
  • The steps, goals and timeline required to achieve crisis management

The strategy will focus on what can be achieved over the next year given that the fast pace of the digital world, and our experts will also set up quarterly reviews with you to:

  • Measure how effectively the strategy is being implemented
  • Determine whether your organisation has the right skills and experience to continue implementing the strategy
  • Determine whether your organisation is on course with respect to its strategy execution or has deviated from course
  • Help you make any adjustments to the strategy given changes in the organisation such as recent or impending product or geography launches, organisational restructure, changes in personnel, divestitures, mergers or acquisitions

The outcome is greater comfort that your organisation has a perfectly tailored, up to date, and highly functional plan of attack enabling it to be prepared for tomorrow’s cybercriminals today.

If your organisation goes into a highly reactive and panic stricken mode every time a new cyber threat emerges, you need Foresight

Oversight

Why you should consider Oversight

You need to know that the reputation you have spent a lifetime building will not be ruined in minutes when your organisation suffers a cyber breach. As much as we would like to eliminate cybercrime, it is not possible. Sooner or later your organisation as equipped as it may be, will be breached.

It all comes down to how you respond. Ignorance or negligence will leave shareholders and customers less than satisfied. The media will portray you as a villain. Who cares most about your reputation, would that be IT, or would that be you?

Oversight has been developed to look at the cultural change that is required to take your organisation with you playing a small, but vital role. It will involve adopting new beliefs, thoughts, words, actions, habits and values to reach a destiny of cyber resilience. Silo busting, roles and responsibilities reallocation, empowering the people of your organisation to become a weapon in combating cybercrime, better leveraging existing technology, development of missing processes, and clear and concise communications will enable you to maintain your personal and organisational reputation.

How Oversight works

  • We interview various functions of your organisation, from executive to IT, HR to marketing, legal to finance and even reception and janitorial services.
  • We assess existing plans, processes and any other pertinent documentation to help us understand the culture of the organisation, roles and responsibilities, thought patterns, strategies, behaviours and expectations of the organisation when combating cybercrime.
  • We help you better leverage your existing empower your people to become the ultimate weapon against cybercriminals by enabling them through a combination of communications, processes, and technology.
  • We augment any gaps you have in terms of people, process, technology or communications and close these gaps as soon as viable.
  • Finally, we help you measure that your cybercrime combating strategy is yielding the desired results in terms of risk reduction, operational efficiency, return on investment and competitive edge.

Oversight relies upon a unique but proven four-step process that we have created at The Security Artist:

  • Communications: relevant and timely communications to ensure that key messages are communicated to relevant parties.
  • People: armed and ready to ensure maximum effect against the rapidly changing barrage of emerging threats.
  • Process: documented and followed to ensure consistent and repeatable results for operational efficiency.
  • Technology: implemented and maintained to become an aid rather than a crutch in prevention, detection and recovery scenarios.

What Oversight gives you

You will gain access to some of the most talented cybercrime specialising executive level management consultants in the world that will use their thought leadership and problem solving abilities to help you move closer to the destiny of cyber resilience. Some of the areas they can help you with include:

  • Mapping out the path to cyber resilience.
  • Defining new cyber resilience governance structures.
  • Preparing for a culture where everyone plays a part in moving the organisation to cyber resilience.
  • Developing missing cyber resilience processes or improving existing cyber resilience processes.
  • Developing communications plans for each cyber resilience process.
  • Educating people on their role within cyber resilience and how to carry out that role.
  • Assessing the return on investment from existing investments in communications, people, process and technology.
  • Forecasting the return on investment for new investments in communications, people, process and technology.
  • Measuring the effectiveness of your cyber resilience strategy implementation.

The outcome is peace of mind that your combating cybercrime reduces the risk to within your acceptable risk tolerance levels and that the costs are reduced.

If you haven’t been briefed on how to respond to the media when your organisation has suffered a cyber breach, you need Oversight

Pin It on Pinterest