WE BELIEVE THAT TRAINING IS CRUCIAL

 

OUR CYBER READINESS PROGRAM IS STRUCTURED TO CREATE THE BEST POSSIBLE ALIGNMENT BETWEEN THE CURRENT TRAINING THAT ALREADY EXISTS IN YOUR ORGANIZATION, WITH THE CYBERMOAT READINESS TRAINING PROGRAM. THE VAST ON HANDS EXPERIENCE OF OUR TEAM HAS LED US TO PERFECT OUR METHODS AND TO ALIGN THEM ON 2 BASIC TRUTHS:

 

  • Response mechanisms will work only if they are part of your day to day – we customize our training delivery to the existing scale, structure and objectives of your NAC, SOC, SIEM, IRT and IT DR teams or mechanisms. We understand the various challenges posed on these teams in different organizations, and we aim to minimize the disruption of your existing structures. Our goal is to ensure that the unique CyberMoat training will be embedded into your day to day. Since we have witnessed its importance from first hand when responding to our clients’ cyber incidents

 

  • Training and testing cannot be performed “In Situ”– we address the organization as a whole, knowing that a strong, precise and swift cyber response must be through alignment between the response strategy decision makers (senior mgmt.) and the hands on cyber fighters (IT teams & Infosec teams). Our multi sector experience allows us to create a customized table top training for senior management, hands on training in our cyber range, and a combined boot camp structured to take your readiness to reality. One step ahead of your attacker.

 

CYBERMOAT’S CYBER READINESS SERVICES INCLUDE TABLE TOP TRAINING, HANDS ON TRAINING , IRT TRAINING, BOARD OF DIRECTORS TRAINING, PR TRAINING, IT DR TRAINING, BCM TRAINING, STRUCTURING OF ANNUAL CYBER TRAINING PLAN, GDPR TRAINING, ISO PREPAREDNESS TRAINING AND MORE.

 

 

TABLE TOP C-LEVEL EXERCISE

 

Table top training exercises (tttx) allows clients to evaluate their preparedness to respond to a cybersecurity incident by simulating a realistic tailor-made and probable cyber security scenario specific to the client and their industry. The objectives of the exercise(s) are to pose a risk to the organization and evaluate key executives decision making capabilities during a crisis.

 

This document is intended to serve as a framework for conducting ttttx engagements. The document also explains the four phases of a table top engagement; kick off, preparation, execution, and delivery. Each of these phases is covered in depth with a description of the activities that should occur during each phase.

 

INCIDENT RESPONSE PLAN (IRP)

 

Customer has already recognized the importance of having an incident response methodology as a vital part of its overall organizational security governance. Whilst an incident response policy was already formalized, detailed procedures are also required in order to provide detailed action items necessary to execute and support the overall policy. The procedures assist customer related teams to fully function throughout any security incident and improving the overall response level.

 

The suggested project shall enable customer to convert the high-level policy into the daily tasks derived from it.

 

INCIDENT RESPONSE TEAM (IRT)

 

An incident response team or emergency response team (ert) is a group of people who prepare for and respond to any emergency incident, such as a natural disaster or an interruption of business operations. Incident response teams are common in public service organizations as well as in organizations. This team is generally composed of specific members designated before an incident occurs, although under certain circumstances the team may be an ad hoc group of willing volunteers.

 

Incident response team members ideally are trained and prepared to fulfill the roles required by the specific situation (for example, to serve as incident commander in the event of a large-scale public emergency). As the size of an incident grows, and as more resources are drawn into the event, the command of the situation may shift through several phases. In a small-scale event, usually only a volunteer or ad hoc team may respond. In events, both large and small, both specific member and ad hoc teams may work jointly in a unified command system. Individual team members can be trained in various aspects of the response, either be it medical assistance/first aid, hazardous material spills, hostage situations, information systems attacks or disaster relief. Ideally the team has already defined a protocol or set of actions to perform to mitigate the negative effects of the incident.

PENETRATION TESTING    (PT)

 

Verify that your security controls are in place and functioning

Whether you need to prove regulatory compliance, satisfy a request from senior management, or demonstrate security maturity to your clients, a penetration test is a great mechanism to accomplish your goals.

 

What is a penetration test?

Penetration testing, aka “ethical hacking,” is a procedure to evaluate the security of your entire network infrastructure, i.e. Computer systems, networks, users, and applications. It simulates an attack from malicious outsiders (unauthorized) and/or malicious insiders (authorized) to identify attack vectors, vulnerabilities and control weaknesses. It implements a variety of manual techniques supported by automated tools and looks to exploit known and unknown vulnerabilities.

Our security offensive experts identify specific weaknesses in an organization’s security operation. By safely attempting to discover and exploit the vulnerabilities of your network, applications, people, and more, we find the “leaks” in your system before damage occurs.

 

What does penetration testing, test?

  • Networks
  • Wireless local area network (wlan)
  • People (social engineering)
  • Databases
  • Physical security
  • Web applications
  • Applications
  • Red teams
  • Cloud security
  • And more!

 

Do you really need a penetration test?

Penetration testing is often confused with another type of technical security testing, namely: “vulnerability assessments.”They couldn’t be more different from each other.The information obtained, the effort required, and the financial costs incurred are very different between these two assessments.So, make sure you know which one you need, and if you’re unsure about your particular assessment needs, please contact us.