I’ve spent the week here at RSA talking with current and future customers and a great question I get from customers looking for a trusted security partner is “So what exactly is it you do?” It seems like a simple question but what it usually implies is some level of “consultant fatigue”, CISO’s have had enough assessments, reports and outsiders telling them what their problems are. They want solutions and partners who do real work. Here’s what CyberSheath does to add value …guaranteed.
What We Do
We integrate your compliance activities with security activities and measureably reduce your risk.
How We Do It
Set a security strategy, select standards, implement controls, measure effectiveness.
What Results Look Like
A recent engagement for a customer led us to design and deploy an incident response and management plan. This particular security control happens to be Critical Control 18: Incident Response and Management from the CSIS: 20 Critical Security Controls list. Implementing all 20 controls would have been ideal but we are realists not idealists. The customer had suffered a significant attack where the APT had been embedded for over two years and the lack of process to contain and expel attackers directly contributed to massive amounts of data loss.
What We Did
Documented written incident response procedures that included specific roles and responsibilities for both management and technical personnel during each phase on an incident.
Documented and implemented organization wide service level objectives (SLO’s) related to mitigation of an incident.
The Results
Customer has a documented, repeatable and measureable incident response and management plan for cyber-attacks and mitigates attacks on average in less than 2 hours once discovered.
Our focus is on implementing real results that make you more secure, we guarantee it.