Strategic Business Objectives

A pragmatic approach to Information Security starts with a thorough understanding of the long term goals of the business. Strategic business goals define how an organization invests its time, money, and personnel resources. These may include items such as:

• • Financial Objectives
• • Customer or Revenue Objectives
• • Internal / Culture Objectives

Data Types and Usage

Performing a data use inventory documents what types of data are created, transmitted, processed, and stored by the customer. Furthermore we will review all critical applications to better understand how this data is used to support the day to day business of our customer.

Regulatory Compliance and Industry Requirements

There are several Privacy and Security laws that define the minimum expectations an organization must implement to protect their applications, networks and data.

Network Controls

The Cyberwatch Remediation phase starts with an identification process to discover all network attached devices including Internet of Things (IoT) unmanaged devices. This simple process allows organizations to understand the Threats and Vulnerabilities that could be exploited by a malicious program or entity.

Security Event and Information Management (SEIM)

For organizations that have regulatory and compliance requirements Cyberwatch can provide a SEIM solution that can aggregate, correlate and provide relevant statistics. Depending on the needs of the customer we can tailor the appropriate SEIM solution.

Patch and Configuration Management

Most organizations are not informed or aware of the various vulnerabilities that exist on network devices because manufacturers do not necessarily provide this information. Poorly configured services, ports and network protocols should present a “hardened” and secure posture. CyberWatch will provide detailed reports on any patches, misconfigurations, or inappropriate security postures of all devices found on the customer’s network.

General CyberSecurity Training

Cyberwatch Security Awareness starts with an understanding of basic Cybersecurity concepts such as passwords, access controls, recognizing sensitive date, and network hygiene.

Phishing, Smishing, and Vishing

80 % of all malware that infected organizations in 2018 was introduced to the network through users simply clicking on an email. This focused training allows organizations to test and train large or small populations of staff to prevent malware, ransomware, or viruses from being introduced to the organization.

Compliance Training

Many of our customers must comply with various Federal and State, and International laws. As such our CyberWatch Compliance training will provide the basic concepts for general and technical staff on how to manage regulated data and information systems to meet these stringent expectations.

Incident Resolution

If a customer would like, the CyberWatch team can monitor, alert and even help resolve various Cyber related incidents for a customer. CyberWatch has various service models that a customer can choose from based on their own specific needs.