Cybersecurity Services

Risk Assessment

Don’t risk your security, compliance or your job – start with the only proven method for building a cybersecurity program.

Compliance

New regulations are being enforced and fines are getting higher, jumpstart your cybersecurity program that aligns with your compliance efforts.

Incident Reporting

Immediatly respond to breaches, ransomware, malware and cyber attachs as well as fraud, maliscious insiders and cybercrime.

Penetration Testing

Test your defences before cybercriminals do.

Vulnerability Assessment

Your application, servers and networks are all vulnerable – build a common sense plan to address the most critical weaknesses.

Governance

Create a governance team that ensures effective risk and resource management is met under your strategic direction.

vCISO

What are the benefits of retaining a virtual CISO?

Cybersecurity is finally gaining the attention either due to whistleblowers or cyber-criminals. Data breaches, loss of privacy or stolen information are now covered as headline grabbers in the news. Governments globally are trying their best in controlling this menace by enacting new laws and regulations are being enforced across board. Organizations of all sizes are expected by their stakeholders to protect their data at all costs. Demand for cybersecurity professionals are at an all-time high, and yet the talent pool remains stagnant. When all are said and done, the pressure and responsibility to maintain the confidentiality, integrity, and accessibility of private data goes to the CISO in every organization.

  • Experience – Our vCISOs provide immediate value because of their skills and experience in both the business and security side, which is a critical combination for an effective vCISO. They also have an established network which can act as an extended resource for you and your team. Not to mention that they also act as mentors to your security team and are incredibly adaptable to your needs — as they’re not technically part of the organization, there are no agendas and the vCISO is free to skip the politics and just go straight to work.
  • Cost Effective – As of March 2017, the median salary of a CISO is $229,964, which is commensurate to the skills needed, the demand for this position, and the severe shortage of talent. That said, not all organizations have this budget, nor do they need a CISO full-time, so a vCISO is the more logical choice. A vCISO does not require any benefits nor will there be an onboarding necessary (saves you time and resources). Not to mention that you will only pay for what you need.
  • Flexibility – vCISOs are generally on-call and are available to help whether on-site or off-site (depending on your needs and your agreement). They are also incredibly scalable; they have a vast network of professionals so they can expand if necessary, depending on the needs of your team. Retaining a vCISO is essentially a short-term relationship with limited risk.

vDPO

Virtual Data Protection Officer

Data security breaches and data privacy stories are making customers more aware of their data privacy rights – and more concerned about how companies handle and store their personal data.

At the same time companies are facing increasing challenges and legal hurdles when using personal data, with complex new legal rules that vary from country to country.  Adding to this is the upcoming GDPR, or General Data Protection Regulation, that stipulates fines of up to 4% of global turnover!

Organisations have started to realise that data breaches and thoughtless use of data can threaten client confidence, destroy brand reputation, affect the company share price, lead to signifcant fines, and even result in senior executives losing their jobs.

Our Data Protection Officer (DPO) will take the lead on privacy matters, being the focal point or go-to person for management and staff on privacy concerns. While privacy controls are widely distributed throughout the organization and many employees have explicit privacy obligations, the DPO is ultimately accountable for the adequacy of the organization’s privacy arrangements as a whole, including your privacy framework and compliance with privacy-related obligations.

The benefits of an outsourced Data Protection Officer are great for small and medium companies. First, it is cheaper – you subscribe according to what you need and you complement what you already have in-house. For larger companies, it is an opportunity to complement in-house capability and flex resource as required.

Secondly, being part of a larger network means that your business is at the forefront of any changes that take place within the regulatory/legal sphere. Be it the Data Protection Bill, the new e-privacy regulation or the sharing of data post Brexit. You do not need to rely on one person to keep track of all the changes, the changes come to you. Instead of looking at one piece of legislation, you can ensure you incorporate more, so you do not have to start the work all over again further down the line.

Our Virtual DPO will work closely with  operations and technology risk management, compliance and legal teams to identify legal and regulatory obligations emanating from any of the key legislative areas. Our v-DPO assist by:

  • Evaluating impact of regulatory obligations on service delivery, make recommendations for corrective action and track progress toward compliance.
  • Providing organisations with regular communications related to new and changing regulations impacting the delivery of solutions across various jurisdictions.
  • Providing interpretive guidance to Risk and Control teams on specific legal and regulatory requirements, and necessary compliance controls.
  • Work with Cross Border Data Clearance to understandthe  impact of data privacy regulations on application development, support and staffing.
  • Working with Risk Managers to ensure appropriate controls are implemented across the organisation to meet regulatory compliance obligations.
  • Assisting in answering Data Protection or Data Privacy questions as they arise.
  • Making recommendations for achieving business objectives while maintaining compliance.
  • Working with the IT and information security functions to ensure that systems operate in a privacy-compliant way, and that data security is ensured.
  • Providing Data Privacy Awareness training and support in building a corporate privacy culture.
  • Being responsible for continuous compliance and good practice in the group’s management of data protection issues in the context of continuing legal and regulatory developments.