Project Description

A positive and active Cyber Security Culture translates into less exposure to cyber related risks. This leads to lower costs due to both the decreased frequency of cyber-related loss-incidents and the severity of those incidents for the organisation.

Our Cyber Security Operating Model Addresses

Cyber Security Capability

A business capability is the expression or the articulation of the capacity, materials and expertise an organisation needs in order to perform core functions. We adapted the US Department of Energy (DOE) developed Cybersecurity Capability Maturity Model (C2M2) for use within South African organisations to determine the level of maturity of cyber practices.The model caters for IT & OT technology and is aligned with the NIST Cybersecurity Framework.

Enterprise Security Architecture

Enterprise architects use business capabilities to illustrate the overarching needs of the business in order to better strategise security solutions that meet those business needs. We use the TOGAF Architecture Development Method, tailored to fit the NIST Cybersecurity Framework as Enterprise Security Architecture Method to perform business driven security architecture. Our approach ensures security budgets and implementation roadmaps are geared towards businesses critical operations and infrastructure.

Cyber Security Governance

The NIST Cybersecurity Framework (NIST CSF) provides a policy framework of computer security guidance for how organisations can assess and improve their ability to prevent, detect, and respond to cyber attacks. The NIST CSF incorporates practices from COBIT5, ISO 27000 & the Center for Internet Security. We advocate the use of an Information Security Management Systems based on ISO 27001 and implemented with guidance from NIST CSF.

Cyber Security Operations

We provide support for cyber & IT operations teams by doing vulnerability scans and remote network monitoring. A large percentage of security breaches are caused by human behaviour and we specialise in providing tailored awareness training and compliance monitoring through custom built training modules based in organisational policies.

Contact Us