Cyber Security Review

To meet the ever-increasing range of cyberthreats facing today’s businesses, a robust security infrastructure and forward-looking security processes are essential. In order to help businesses build and test their infrastructure and processes, Nettitude offers a comprehensive, onsite Cyber Security Review performed by Nettitude’s team of expert Information Security Consultants. Nettitude’s Information Security Consultants are accredited Qualified Security Assessors (QSA) for PCI-DSS compliance, as well as holding CISSP, CISA, CISM, CRISC and ISO27001 Lead Auditor certifications.

Nettitude’s Cyber Security Review is based on industry standards, such as the National Cyber Security Centre (NCSC) 10 steps framework, a nationally recognised standard for businesses to ensure the security of their infrastructure. As part of the review, an Information Security Consultant will: 

1. Review the scope of your environment;

2. Review your organisation against industry standard best practices;

3. Identify where gaps exist;

4. Seek to understand where quick wins are possible;

5. Document the findings in a detailed report, providing recommendations against gaps identified;

6. Deliver an on-site or remote debrief with the consultant, and advise on next steps to improve your cyber security.

Request a free quote

What are the NCSC 10 Steps?

The NCSC 10 Steps to Cyber Security (“NCSC Ten Steps”) provides guidance on how organisations can enhance their cyber security and protect themselves in cyberspace. The guidance includes advice on risk management, policies, procedures, network architecture and other critical protective measures.

Since its release in 2012, it has been adopted by a majority of FTSE350 companies, to help them to address common cyber attacks with a view to reducing the risk to the enterprise. The NCSC believe that understanding the cyber environment and adopting an approach aligned with the 10 Steps is an effective means to protect your organisation from attacks.

  • STEP 1 – Setting up a Risk Management Regime

  • STEP 2 – Secure Configuration

  • STEP 3 – Network Security

  • STEP 4 – Managing User Privileges

  • STEP 5 – User Education and Awareness

  • STEP 6 – Incident Management

  • STEP 7 – Malware Prevention

  • STEP 8 – Monitoring

  • STEP 9 – Removable Media Controls

  • STEP 10 – Home and Mobile Working

Nettitude’s Approach to the Cyber Security Review

Assessments of this type are core to our business. During the review, Nettitude will perform detailed, onsite analysis to review the organisation against each of the NCSC ten steps, and produce a report detailing the findings. The review can also consider other standards and industry best practice guidelines including ISO27001 and the CIS Controls.

Why perform a Cyber Security Review?

A Cyber Security Review based on the NCSC 10 Steps, performed by a Nettitude Information Security Consultant, can help organisations gain better visibility and greater assurance that the controls and governance they have in place are effective. This is becoming increasingly important as cyber attacks on businesses are at the highest point they’ve ever been.

Over half of the impacted businesses experienced costs ranging from £1000 for small businesses to £22k for large businesses. But financial damages are not the only consequences. When businesses are hit by a breach, over 25% reported that it prevented employees from completing their day-to-day duties.

The current lack of internal or external assurances have left many organisations – who may recognise that cyber security is important – seeking to implement at least some basic controls, but still experiencing breaches that severely impact their business.

Why Nettitude?

Company accreditation

Nettitude is a highly qualified and experienced information security consultancy practice since 2003. We pride ourselves on taking a pragmatic approach to information security, partnering with our clients to understand how their organisation works, and implementing bespoke information security solutions that fit our clients’ needs.

We demonstrate quality through offering the highest technical capabilities/depth, industry accreditation and customer experience.

Individual accreditation

Our team of consultants are experienced information security professionals. They hold a wide array of certifications including CISSP, PCI DSS QSA, CISA, CISM, CRISC, ISO27001 Lead Auditor & Implementer as well as a wide range of technical certifications.

Our broad information security and technical backgrounds mean we are able to consult as well as assess, and support our clients with tasks as diverse as policy writing, network design, development processes, and server hardening.

Experience

Nettitude has a long history of helping our clients improve their overall security posture. We achieve this across a wide range of sectors, and in businesses of all sizes. We believe passionately in delivering value for money to our clients, providing strategic advice and guidance and genuine value by maturing security postures and reducing risks.