As an on-going business, you want to be sure that your network infrastructure, systems and processes work together to ensure that you achieve your business objectives. You want to know that your IT programme implementation provides adequate level of security that protects your information assets. The driver for cyber security improvement may be legal, regulatory, internal governance or increasing demands from customers to keep confidential data secure. Whatever the driver is for your organisation, Macznet has specialist skills and unique expertise to provide you assurance for your on-going security operations in the following areas:
- Risk Management
- ISO 27001
- PCI DSS
- Vulnerability Assessment
- Project Assurance.
How does your risk management help you to remain in business and achieve your goals?
Our security consultants have specialist skills and a total of over 25 years’ experience in supporting organisations to manage the risks to their businesses. We use tried and tested approaches that help you to identify the threats to your specific business environment and the vulnerabilities within that environment.
In your business, the important question you continually ask is:
How will our business be impacted if our critical assets become exposed to unauthorised access, corrupted or unavailable when we need them?
Our risk management approach will give you the answer to the above question.
We work with our clients to implement a risk management approach that is aligned to ISO/IEC 27001: 2013. Through our partnership with ACUITY RISK MANAGEMENT, we use Acuity STREAM Governance, Risk and Compliance solution to automate your risk management processes. This makes your processes structured, repeatable and gives you capabilities to continuously monitor your environment and rapidly react to unwanted events.
The ISO/IEC 27001 standard provides a best practice model for the implementation of an effective information security management system (ISMS) for organisations.
Making your business operations compliant with the ISO/IEC 27001 series of International Standards enable you to operate a management system that includes organisational structure, policies, planning activities, responsibilities, practices, procedures, processes and resources which ensure superior service delivery.
Macznet has a team of experienced security consultants with extensive experience in helping organisations implement the ISO 27001 standard and work towards independent, accredited certification.
Our service offerings include:
- Pre-ISO 27001 implementation gap analysis – we review your business environments in order to determine the appropriate scope of your implementation project
- ISO 27001 implementation which establishes your Information Security Management System
- ISO 27001 audit
Each of the above is a distinct service offering which we provide independently or together in stages for a client which does not already have an Information Security Management System in place.
If your organisation performs payment card processing and handles cardholder data (CHD) then you certainly will need to comply with the stringent requirements of PCI DSS.
We work with our partners to help your organisation through PCI DSS certification as well as compliance assessment projects.
Our consultants also are experienced in helping Payment Card Production and Personalisation Vendors become compliant with MasterCard and Visa certification requirements.
Our service offering includes:
- Payment Card Production Pre-certification consultancy
- Payment Card Production certification audit against the PCI Card Production Logical Security Requirement 2013 and PCI Card Production Physical Security Requirements 2013.
Our Cyber Security assurance service supports your cyber security operations and ensures that your organisation is able to identify, assess, manage, measure and report on your compliance with security requirements that are based on a framework of standards like ISO 27001, PCI DSS and ISO 22301 (Business Continuity Standard).
Macznet’s offerings here include:
- In-project cyber security consultancy to ensure that security requirements are built into your project throughout the project lifecycle.
- IT Security Audit/Information Security Audit
- Third Party Supplier Assurance Audit
- Support with the remediation of audit findings.
The question is not whether vulnerabilities exit in your organisation’s environment, rather it is: How do you manage vulnerabilities within your environment to reduce risks to confidentiality, integrity and availability of your valuable and critical business assets? Vulnerability management is also an aspect of your Information Security Management System (ISMS) that demands technical expertise, experience and resources which your organisation may readily not have.
Macznet works with partners with specialist capabilities and expertise in vulnerability management. We can help your organisation to manage vulnerabilities better.
Key areas include:
- Vulnerability scanning
- External Penetration Testing
- Internal Penetration Testing
- Web Application Penetration Testing
- Security Awareness Training and inculcation
To discuss your requirements or to support you with scoping and initial gap analysis, complete the Enquiry Form or call us today.
Breaches and attacks on data and the IT infrastructure have assumed alarming dimensions in recent years. One of the best ways to fend against these attacks is to build enhanced capabilities that will enable your organisation to detect, investigate and respond to security incidents in order to mitigate their impacts on the business. This capability is usually provided in a Security Operations Centre (SOC) that provides enhanced visibility, alerting and investigation of events in your IT infrastructure.
Macznet’s consultants have extensive experience in building SOCs for organisations of all sizes. We work with our partners to provide industry-leading SIEM solutions that are scalable to the needs of organisations of all sizes.
We offer the following:-
- Use Case Workshops to determine your SOC requirements
- -Scalable SIEM solutions (All-in-One or Distributed)
- -End-to-end Incident handling procedures and integration with change management systems