INCIDENT RESPONSE CONCEPTS
- 2. 2
• Presentation goal;
• Who am I;
• Who we are;
• Our customers;
• IR framework
benefits;
• Data breach statistics;
• Incident cost;
• Incident readiness;
• Incident response
concept;
• Teams and mandates;
• Registers and
purposes;
• Registers and
reporting synergy;
• IR policy & plan
overview;
• Incident playbook
overview;
• NIST IR lifecycle;
• NIST IR steps;
• Preparation
• Detection & Analysis;
• Containment,
Eradication &
Recovery;
• Post-incident activity;
• Incident Response
Check list
• ELYSIUMSECURITY
Incident Response;
• Overview;
• Rules of Engagement;
• Preparation;
• Detection;
• Categorization;
• Containment;
• Investigation;
• Remediation;
• Reporting;
• Lessons Learnt;
CONTENTS
PUBLIC
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
• Short Term – How to
start?;
• Long Term – IR
Implementation;
• Extra Resources.
- 3. PRESENTATION GOAL
3
LEARN HOW TO START
3
LEARN HOW TO APPLY AN IR
FRAMEWORK
2
LEARN ABOUT IR CORE
ELEMENTS
1
TO LEARN ABOUT CYBER INCIDENT RESPONSE (IR) MAIN CONCEPTS
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
Icons: from The Noun Project unless stated otherwisePUBLIC
- 4. WHO AM I
4
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
LIVED AND WORKED IN FRANCE, UK, USA AND MAURITIUS
CONTRIBUTING AND LEADING VARIOUS OPEN SOURCE CYBER
SECURITY PROJECTS FOR THE LAST 20 YEARS
VETTED, TRAINED AND OVER 20 YEARS OF CYBER SECURITY
EXPERIENCE WORKING FROM LARGE INTERNATIONAL CORPORATIONS
PASSIONATE ABOUT IT FROM VERY EARLY YEARS
FOUNDER AND RUNNING THE MAURITIUS SECURITY CLUB (MU.SCL)
WITH FREE SECURITY AWARENESS PRESENTATIONS EVERY MONTH
- 5. WHO WE ARE
5
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
FOUNDED IN 2015 BY SYLVAIN MARTINEZ
INCORPORATED AND OPERATING IN MAURITIUS (2017)
AND IN THE UK/EUROPE (2015)
PROVIDING INDEPENDENT EXPERTISE IN CYBER SECURITY
MULTITUDE OF RECOGNIZED PROFESSIONAL CERTIFICATIONS
20 YEARS OF INTERNATIONAL CYBER SECURITY CORPORATE
EXPERIENCE
OUR BOUTIQUE STYLE APPROACH PROVIDES A DISCREET, TAILORED
AND SPECIALIZED CYBER SECURITY SERVICE THAT FITS YOUR WORKING
ENVIRONMENT
- 7. INCIDENT RESPONSE FRAMEWORK BENEFITS
7
• REDUCED OPERATION DOWNTIME
• REDUCED INCIDENT IMPACT
• REDUCED/AVOID FINES
REDUCED IMPACT COST
• IMPROVED RESPONSE TIME
• IMPROVED INCIDENT CONTAINMENT
• IMPROVED INCIDENT VISIBILITY
IMPROVED SECURITY
• CONTRACT REQUIREMENT
• INDUSTRY REQUIREMENT
• LAW REQUIREMENT
BUSINESS ENABLEMENT
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 8. DATA BREACH STATISTICS
8
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
EVERY DAY
6,313,865
RECORDS
EVERY HOUR
263,078
RECORDS
EVERY MINUTE
4,385
RECORDS
EVERY SECONDS
73
RECORDS
DATA RECORDS ARE LOST OR STOLEN AT THE FOLLOWING FREQUENCY
DATA RECORDS LOST OR STOLEN SINCE 2013
4 7 1 7 6 1 8 2 8 6, ,,1
Source: Breach Level Index - May 2019PUBLIC
- 9. INCIDENT COST
9
ELYSIUMSECURITY INVESTIGATIONS
MAURITIUS
JANUARY 2018 – JUNE 2019
80% FINANCIAL FRAUD
20% RANSOMWARE
100% PHISHING
JAN 2018
MAY 2018
AUG 2018
APR 2019
MAY 2019
JUNE 2019
$0.5M
$1M
$2M
$0.5M
$1M
$0.5M
AVERAGE COST PER DATA BREACH
AVERAGE COST PER MALWARE INFECTION
AVERAGE DETECTION TIME
FROM OUTSIDERS CRIMINALS
DATA BREACHES FROM HEALTHCARE ORGANISATIONS
$3.86M
$2.4M
197 DAYS
73%
24%
WORLDWIDE
WORLDWIDE STATS FROM SAFEATLAST.CO – APRIL 2019
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 11. INCIDENT RESPONSE CONCEPT
11
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
INCIDENT RESPONSE STRUCTURE
INCIDENT RESPONSE HANDLINGCOORDINATION
&
INFORMATION
SHARING
TO MINIMISE OPERATIONAL, FINANCIAL & BUSINESS INCIDENT IMPACT
NIST
SP 800-61
PUBLIC
- 12. INTERNAL
AUDIT TEAM
COMPLIANCE
TEAM
SUBJECT EXPERT
VENDOR
SUPPORT TEAM
IT SUPPORT
TEAM
TEAMS AND MANDATES
12
CYBER SECURITY TEAM
SECURITY OPERATIONS
AND PROJECTS
CYBER RISK TEAM
RISK IDENTIFICATION
AND MANAGEMENT
CYBER INCIDENT
(VIRTUAL) TEAM
INCIDENT MANAGEMENT
AND RESPONSE
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 13. REGISTERS AND PURPOSES
13
CYBER ISSUE REGISTER
POTENTIAL AND CONFIRMED
SECURITY ISSUES DETAILS
CYBER RISK REGISTER
POTENTIAL AND CONFIRMED RISK
DETAILS
CYBER INCIDENT REGISTER
PAST AND CURRENT INCIDENTS
DETAILS
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
IT OPERATION REGISTER
CURRENT GENERAL IT ISSUES
DETAILS
PUBLIC
- 14. GLOBAL ISSUE REGISTER
REGISTERS AND REPORTING SYNERGY
14
CYBER SECURITY REGISTER
CYBER ISSUE REGISTER
CYBER RISK REGISTER
CYBER INCIDENT
REGISTER
IT OPERATION REGISTER
IT ISSUE REGISTER
NETWORK ISSUE
REGISTER
PROJECT ISSUE REGISTER
ONE VIEW
ONE PROCESS
DIFFERENT ACCESS
DIFFERENT TEAMS
DIFFERENT VIEWS
DIFFERENT ACCESS
DIFFERENT TEAMS
DIFFERENT VIEWS
DIFFERENT ACCESS
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 15. INCIDENT RESPONSE POLICY & PLAN - OVERVIEW
15
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
INCIDENT RESPONSE POLICY
INCIDENT SCOPE
INCIDENT DEFINITION &
PRIORITIZATION
INCIDENT REPORTING
INCIDENT RESPONSE PLAN
INCIDENT HANDLING
INCIDENT COORDINATION
CONTINUOUS
IMPROVEMENT
- 16. INCIDENT PLAYBOOK SCENARIOS
INCIDENT PLAYBOOK OVERVIEW
16
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
CONTAIN INCIDENT
UNDERSTAND CAUSE
OF INCIDENT
ANALYSE SIGNS OF INCIDENT
READY MADE SCENARIOS
PRACTICAL RESPONSE ACTIONS
AVAILABLE AND COMMUNICATED
PUBLIC
- 17. NIST INCIDENCE RESPONSE LIFECYCLE
17
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
PREPARATION
DETECTION &
ANALYSIS
CONTAINMENT,
ERADICATION &
RECOVERY
POST-INCIDENT
ACTIVITY
NIST SP 800-61 REV 2
- 18. NIST INCIDENCE RESPONSE - STEPS
18
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
PREPARATION
DETECTION &
ANALYSIS
CONTAINMENT,
ERADICATION &
RECOVERY
POST-INCIDENT
ACTIVITY
1. COMMUNICATION &
FACILITIES
2. HARDWARE &
SOFTWARE
3. RESOURCES
4. ATTACK VECTORS
IDENTIFICATION
11 CONTAINMENT
STRATEGY
15. LESSONS LEARNT
5. SIGN OF AN INCIDENT
6. SOURCE OF
PRECURSORS
7. INCIDENT ANALYSIS
8. INCIDENT
DOCUMENTATION
9. INCIDENT
PRIORITIZATION
10. INCIDENT
NOTIFICATION
12. EVIDENCE
GATHERING & HANDLING
13. IDENTIFYING THE
ATTACKING HOST
14. ERADICATION &
RECOVERY
16. USING COLLECTED
INCIDENT DATA
17. EVIDENCE
RETENTION
- 19. PREPARATION - OVERVIEW
19
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
1. COMMUNICATION &
FACILITIES
CONTACT DETAILS
PHYSICAL LOGISTICS
COORDINATION SYSTEM
2. HARDWARE & SOFTWARE 3. RESOURCES
GENERAL IT SPARE
EQUIPMENT
FORENSICS SPECIFIC
EQUIPMENT
TRUSTED SOURCED
SOFTWARE
ARCHITECTURE DIAGRAMS
DOCUMENTATION
INCIDENT PLAYBOOK
PUBLIC
- 20. DETECTION & ANALYSIS - OVERVIEW
20
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
4. ATTACK VECTORS
IDENTIFICATION
5. SIGN OF AN
INCIDENT
6. SOURCE OF
PRECURSORS &
INDICATORS
7. INCIDENT ANALYSIS
SECURITY ALERTS
SECURITY LOGS
PEOPLE FEEDBACK
NETWORK LOGS
SYSTEM LOGS
EXPLOIT
ANNOUNCEMENT
BASELINES
LOG ANALYSIS
DATA RESULTS
FILTERING
SOURCE OF ATTACK
TYPE OF ATTACK
METHOD OF
ATTACK
- 21. DETECTION & ANALYSIS - OVERVIEW
21
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
8. INCIDENT
DOCUMENTATION
9. INCIDENT
PRIORIZATION
10. INCIDENT
NOTIFICATION
UPPER
MANAGEMENT
STAFF
EXTERNAL BODIES
FUNCTIONAL
IMPACT
INFORMATION
IMPACT
RECOVERABILITY
STATUS
WORK DONE
NEXT STEPS
- 22. CONTAINMENT, ERADICATION & RECOVERY - OVERVIEW
22
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
11. CONTAINMENT
STRATEGY
12. EVIDENCE
GATHERING &
HANDLING
13. IDENTIFYING THE
ATTACKING HOST
14. ERADICATION &
RECOVERY
SOURCE IP
ATTACKER
RESEARCH
COMMUNICATION
MONITORING
INCIDENT
INFORMATION
TIME AND DATE
LOCATION
REMOVING
IMMEDIATE THREAT
REMEDIATING
VULNERABILITIES
GROUP WIDE
CHANGES
INCIDENT IMPACT
EVIDENCE
REQUIREMENTS
SOLUTION
SUSTAINABILITY
- 23. POST INCIDENT ACTIVITY - OVERVIEW
23
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
15. LESSONS LEARNT
16. USING COLLECTED
INCIDENT DATA
17. EVIDENCE
RETENTION
PROSECUTION
DATA RETENTION
COST
INCIDENT
STATISTICS
INCIDENT SLA
INCIDENT
ASSESSMENT
INCIDENT DETAILS
TECHNOLOGY AND
PROCESS GAPS
POSSIBLE
IMPROMENTS
- 25. ELYSIUMSECURITY INCIDENT RESPONSE - OVERVIEW
25
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PRACTICAL IMPLEMENTATION OF NIST
GUIDED PROCESS
SHORTER PROCESS
USED NIST AND FIRST CORE ELEMENTS
17x STEPS -> 8x STEPS
CLIENTS REQUIREMENTS ELYSIUMSECURITY IR FRAMEWORK
5x ACTIVITIES PER STEPS
PUBLIC
- 27. {es} INCIDENT RESPONSE - RULES OF ENGAGEMENT
27
DO NOT
MAKE
THINGS
WORSE!
DO NOT ENGAGE OR INTERACT WITH THE
HACKER/THREAT GROUP
1
DO NOT CONNECT TO THE THREAT’S RELATED
NETWORK(S) FROM YOUR ORGANISATION
2
PRESERVE EVIDENCE3
COORDINATE INTERNAL AND EXTERNAL
COMMUNICATION WITH MANAGEMENT
4
ALL INCIDENT DETAILS MUST BE TREATED AS
CONFIDENTIAL
5
PUBLIC
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
- 28. {es} INCIDENT RESPONSE - PREPARATION
28
INCIDENT RESPONSE PLAN1
TEAM, PROCEDURES, DOCUMENTATION,
APPROVAL, MANAGEMENT COMMITMENT
INCIDENT RESPONSE PLAYBOOK2 PHISHING, RANSOMWARE, KEYLOGGER, DDOS
LOGISITICS3
MEETING ROOMS, LAPTOPS, REMOVABLE
STORAGE, PHONES, STATIONNARY, PRINTERS,
SLEEPING AND CATERING ARRANGEMENTS
CONTACTS4
TEAM, ALTERNATIVE CONTACT METHODS,
ESCALATION, ON CALL, SUPPORT, VENDOR,
SUPPORT5
INCIDENT REGISTER, ARCHITECTURE DIAGRAM,
NETWORK DIAGRAM, DATA FLOWS, APPLICATION
AND SYSTEM DOCUMENTATION
ACTIVITIES EXAMPLE
1. PREPARATION
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 29. {es} INCIDENT RESPONSE - DETECTION
29
WHO/WHAT DETECTED/REPORTED THE THREAT?1 IT STAFF, SECURITY TOOLS
WHAT IS THE DATE AND TIME OF THE THREAT
DETECTION/REPORT?2
NORMALISE TIME AND DATE ACROSS
REPORTING – RECORD TIME IN GMT
HOW WAS THE THREAT DETECTED/REPORTED?3 EMAIL, TEXT, WARNING POP UP, PHONE CALL
HAS A SIMILAR THREAT ALREADY BEEN
REPORTED?4 PREVIOUS INCIDENT REGISTER LOGS
IS THE THREAT VALID?5 CONFIRMED, FALSE POSITIVE
ACTIVITIES EXAMPLE
2. DETECTION
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 30. {es} INCIDENT RESPONSE - CATEGORISATION
30
WHO/WHAT IS THE TARGET OF THE THREAT?1 USER, SYSTEM, SPECIFIC DATA
IS THIS AN ON GOING/LIVE THREAT?2 ON GOING, STOPPED, UNKNOWN
WHAT IS THE IMPACT OF THE THREAT?3
FINANCIAL, OPERATIONAL, REPUTATIONAL,
LEGAL
CATEGORISE THE PRIORITY OF THE INCIDENT4 PRIORITY 1, 2 ,3 (P1 > P2 > P3)
CLASSIFY THE INCIDENT COMMUNICATION5 RESTRICTED / UNRESTRICTED
ACTIVITIES EXAMPLE
3. CATEGORISATION
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 31. {es} INCIDENT RESPONSE - CONTAINMENT
31
COORDINATE INCIDENT MANAGEMENT1 TEAM, COMMS, ACTIVITIES, DOCUMENTATION
LIGHT AND QUICK THREAT ANALYSIS2 NETWORK, SYSTEM, USER
IDENTIFY MAIN ATTACK AND COMPROMISE
VECTORS3 IP, PORTS, SIGNATURES, EMAIL
ISOLATE THE TARGETED ASSET4 REMOVE FROM NETWORK, DISABLE ACCOUNT
IMPLEMENT EMERGENCY CHANGES AS
REQUIRED5 NETWORK, SYSTEM, USER
ACTIVITIES EXAMPLE
4. CONTAINMENT
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 32. {es} INCIDENT RESPONSE - INVESTIGATION
32
THREAT NETWORK ANALYSIS1
FIREWALL, CLOUD APP LOGS, ASSET LOGS,
INTERCEPTED TRAFFIC, TRAFFIC AND DATA
FLOWS, SIEM
THREAT MALWARE ANALYSIS2
A/V VENDORS, FOOTPRINT, BEHAVIOR, REVERSE
ENGINEERING
THREAT SYSTEM ANALYSIS3
EVENT LOGS, APP/PLUGINS INSTALLED,
AD/EMAIL ACTIVITIES, AUTHENTICATED
VULNERABILITY ASSESSSMENT, SIEM
THREAT USER ANALYSIS4
INTERVIEW TARGETED USER, CONTEXT,
TRIGGERS, RECENT UNUSUAL ACTIVITIES/ALERTS
THREAT RESEARCH ANALYSIS5
ONLINE SEARCH FOR SIMILAR THREATS,
PROFESSIONAL FORUMS, VENDOR
ENGAGEMENT
ACTIVITIES EXAMPLE
5. INVESTIGATION
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 33. ELYSIUMSECURITY INCIDENT RESPONSE - REMEDIATION
33
THREAT NETWORK REMEDIATION1
BLOCK IP, PORTS, DOMAINS, EMAILS.
UPDATE F/W, IDS, APT AND SIEM RULES
THREAT MALWARE REMEDIATION2
UPDATE SYSTEM AND NETWORK A/V
SIGNATURES. ENGAGE WITH VENDORS
THREAT SYSTEM REMEDIATION3
REMOVE/BAN INFECTED APPS/PLUGINS, CLEAR
INBOX RULES, REMEDIATE ISSUES FOUND WITH
THE VULNERABIULTIY ASSESSMENT
THREAT USER REMEDIATION4
INDIVIDUAL AND GROUP USER AWARENESS
SESSION RELEVANT TO THE THREAT
DECLARE THE INCIDENT REMEDIATED5 FULL, PARTIAL, ACCEPTED
ACTIVITIES EXAMPLE
6. REMEDIATION
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 34. {es} INCIDENT RESPONSE - REPORTING
34
ON GOING REPORTING1
DOCUMENTATION AND EVIDENCE SHOULD BE
GENERATED AS MUCH AS POSSIBLE DURING THE
PREVIOUS PHASES
EVIDENCE GATHERING2
THREAT ACTORS, ATTACK VECTORS, ATTACK
SURFACE
INCIDENT DOCUMENTATION3
THREAT AND INCIDENT DETAILS, TRIGGERS,
OWNER, FINDINGS, TIMELINE
INCIDENT REGISTER4
CREATE/UPDATE AN OVERALL INCIDENT
REGISTER TO TRACK PROGRESS AND GENERATES
STATISTICS
INCIDENT REPORT COMMUNICATION5
INTERNAL, EXTERNAL, STAFF, MANAGEMENT,
BOARD, VENDORS, CLIENTS, GOVERNMENT,
REGULATORS, LAW ENFORCEMENT
ACTIVITIES EXAMPLE
7. REPORTING
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 35. {es} INCIDENT RESPONSE – LESSONS LEARNT
35
ROOT CAUSE ANALYSIS1
IDENTIFY AND DOCUMENT INCIDENT TRIGGERS
AND SECURITY GAPS THAT ENABLED THE
INCIDENT TO OCCUR
CONTROLS AND PROCESSES READINESS2
EVALUATE THE EFFICIENCY OF CURRENT
SECURITY CONTROLS AND PROCESSES IN LIGHT
OF THE INCIDENT
INCIDENT TRENDS ANALYSIS3
ARE YOU LEARNING FROM PAST INCIDENTS? IS
YOUR RISK PROFILE CHANGING?
MITIGATION PLAN4
MITIGATE IMPACT OF SIMILAR FUTURE
INCIDENTS
IMPROVEMENTS PLAN5
STOP OCCURRENCE OF SIMILAR FUTURE
INCIDENTS
ACTIVITIES EXAMPLE
8. LESSONS LEARNT
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
PUBLIC
- 36. SHORT TERM – HOW TO START?
36
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
REVIEW EXISTING INCIDENT PROCESS1
ESTABLISH INCIDENT TEAM2
CONDUCT REGULAR INCIDENT TEAM
MEETING
3
SET GROUND RULES4
DEFINE WHAT IS AN INCIDENT5
INFORM STAFF OF RULES AND
INCIDENT CONTACT
6
CREATE INCIDENT REGISTER7
DOCUMENT RECENT AND FUTURE
INCIDENTS
8
FOLLOW NIST INCIDENT HANDLING
METHODOLOGY
9
CREATE HIGH LEVEL PLAYBOOK TO
COMPLEMENT CHECKLIST
10
PUBLIC
- 37. LONG TERM – INCIDENT RESPONSE IMPLEMENTATION
37
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
SELECT INCIDENT RESPONSE FRAMEWORK
(NIST SP 800-61 REV 2 RECOMMENDED)
1
IMPLEMENT FULL INCIDENT RESPONSE
FRAMEWORK
2
DEDICATED INCIDENT RESPONSE TEAM AND
TRAINING
3
INCIDENT RESPONSE SIMULATION4
CONTINUOUS IMPROVEMENT5
PUBLIC
- 38. EXTRA RESOURCES
38
CONCLUSIONCASE STUDYHANDLINGSTRUCTURECONTEXT
FORUM OF INCIDENT RESPONSE AND SECURITY TEAMS (FIRST) FRAMEWORK
(HTTPS://WWW.FIRST.ORG/EDUCATION/FIRST_SIRT_SERVICES_FRAMEWORK_VERSION1.0.PDF)
NATIONAL INSTITUTE OF STANDARDS & TECHNOLOGY (NIST) SPECIAL PROCEDURE (SP) 800-61
(HTTPS://NVLPUBS.NIST.GOV/NISTPUBS/SPECIALPUBLICATIONS/NIST.SP.800-61R2.PDF)
INTERNATIONAL ORGANIZATION FOR STANDARDIZATION (ISO) ISO/IEC 27035-1:2016
(HTTPS://WWW.ISO.ORG/STANDARD/60803.HTML)
INTERNATIONAL ORGANIZATION FOR STANDARDIZATION (ISO) ISO/IEC 27035-2:2016
(HTTPS://WWW.ISO.ORG/STANDARD/62071.HTML?BROWSE=TC)
CONTACT US!
(CONSULTING@ELYSIUMSECURITY.COM)
PUBLIC
- 39. © 2015-2019 ELYSIUMSECURITY LTD
ALL RIGHTS RESERVED
HTTPS://WWW.ELYSIUMSECURITY.COM
CONSULTING@ELYSIUMSECURITY.COM
ABOUT ELYSIUMSECURITY LTD.
ELYSIUMSECURITY PROVIDES PRACTICAL EXPERTISE TO IDENTIFY
VULNERABILITIES, ASSESS THEIR RISKS AND IMPACT, REMEDIATE THOSE
RISKS, PREPARE AND RESPOND TO INCIDENTS AS WELL AS RAISE
SECURITY AWARENESS THROUGH AN ORGANIZATION.
ELYSIUMSECURITY PROVIDES HIGH LEVEL EXPERTISE GATHERED
THROUGH YEARS OF BEST PRACTICES EXPERIENCE IN LARGE
INTERNATIONAL COMPANIES ALLOWING US TO PROVIDE ADVICE BEST
SUITED TO YOUR BUSINESS OPERATIONAL MODEL AND PRIORITIES.
ELYSIUMSECURITY PROVIDES A PORTFOLIO OF STRATEGIC AND TACTICAL
SERVICES TO HELP COMPANIES PROTECT AND RESPOND AGAINST CYBER
SECURITY THREATS. WE DIFFERENTIATE OURSELVES BY OFFERING
DISCREET, TAILORED AND SPECIALIZED ENGAGEMENTS.
ELYSIUMSECURITY OPERATES IN MAURITIUS AND IN EUROPE,
A BOUTIQUE STYLE APPROACH MEANS WE CAN EASILY ADAPT TO YOUR
BUSINESS OPERATIONAL MODEL AND REQUIREMENTS TO PROVIDE A
PERSONALIZED SERVICE THAT FITS YOUR WORKING ENVIRONMENT.