COVID-19
Our focus is on people, whether in our own business or that of our partners and clients.
Our focus is on people, whether in our own business or that of our partners and clients.
Read about how ICA Consultancy has supported Hampshire Trust Bank in the definition and delivery of an Enterprise Security Strategy
Click on the images below to read our current factsheets for some of the services we deliver.
ICA Consultancy’s focus is on delivering security leadership and advisory services through experienced resources that have previously held leadership position in industry.
However, we are often asked to support those services with technical delivery and/or managed services.
As to not dilute the value of the services we offer we fulfil these requests through a network of trusted partners, whose experience and expertise complements that of our resources.
Security testing is a critical part of any security model. Whether you require software development reviews, penetration testing, or full red team/simulations we can support you through our network of trusted partners. We can complement these services with our advisory services, helping you interpret the results and make risk based decisions on next steps. This ensures your investments directly reduce your risk profile.
Attracting and retaining the capabilities required to effectively manage security operations is difficult, let alone dedicating time to maintain and tune the required tools. Through our network of trusted partners we are able to provide a variety of services, including an identity focused offering providing unparalleled visibility into activity within your estate. Optionally coupled with our CISO-as-a-Service, we can ensure the right management decisions are made.
This form is protected by reCaptcha and the Google Privacy Policy and Terms of Service apply.
As part of our Assess services the Cyber Security Posture Review (CSPR) helps organisations understand their current maturity, identifying risks and providing recommendations, mapped to the National Cyber Security Centre’s 10 Steps to Cyber Security, to ensure they operate an effective cyber security framework against the ever-evolving threat landscape.
Through a combination of questionnaires, face-to-face interviews and follow-ups we examine your maturity against each of these steps, identifying risks and providing contextualised, actionable recommendations. This approach ensures organisations have the foundations to defend against cyber security risks and protect information relating to customers, employees and business operations.
Assess the risks to your organisation’s information and systems with the same vigour you would for legal, regulatory, financial or operational risks. To achieve this, embed a Risk Management Regime across your organisation, supported by the Boardand senior managers.
Apply security patches and ensure the secure configuration of all systems is maintained. Create a system inventory and define a baseline build for all devices.
Protect your networks from attack. Defend the network perimeter, filter out unauthorised access and malicious content. Monitor and test security controls.
Establish effective management processes and limit the number of privileged accounts. Limit user privileges and monitor user activity. Control access to activity and audit logs.
Produce user security policies covering acceptable and secure use of your systems. Includein staff training. Maintain awareness of cyber risks.
Establish an incident response and disaster recovery capability. Test your incident management plans. Provide specialist training. Report criminal incidents to law enforcement.
Produce relevant policies and establish anti-malware defences across your organisation.
Establish a monitoring strategy and produce supporting policies. Continuously monitor all systems and networks. Analyse logs for unusual activity that could indicate an attack.
Produce a policy to control all access to removable media. Limit media types and use. Scan all media for malware before importing onto the corporate system.
Develop a mobile working policy and train staff to adhere to it. Apply the secure baseline and build to all devices. Protect data both in transit and at rest.
We work with you to understand your business services and assets, and importantly how you interact with your customers and third parties.
We then walk you through the 10 Steps to Cyber Security, ensuring you understand the scope of each and are able to identify the appropriate stakeholders for initial questionnaires and interviews. At this time, we will agree with you the artefacts we require to support our review.
Your maturity level will then be determined by reference to a Capability Maturity Model (CMM) based on an industry standard methodology, providing you a maturity score for each area of the review.
Our findings are then formalised in a written report. The report will provide you an overview of your maturity, recommendations against each of the 10 steps, and will set out the priority of our recommendations to fast-track your maturity.
Whilst the report documents your maturity against the 10 steps, its value to your organisation is the prioritised recommendations. Each recommendation will be contextualised to your environment, ensuring they are pragmatic, implementable and result in appropriate, measurable improvements to your maturity.
Whilst the posture review is not positioned as a deep-dive assessment, it will provide a top down assessment, enabling you to identify areas that may require further review.
The Cyber Security Posture Review is a fixed price engagement, pricing is dependent upon;
ICA Consultancy provides advisory and consultancy services, and Capability-as-a-Service (CISO, DPO etc.) engagements, helping organisations identify, manage and mitigate information, cyber and privacy risks.