Through a combination of face-to-face meetings video chats and employee questionnaires we examine your maturity against each of these steps identifying risks and providing contextualised and actionable recommendations. This approach ensures organisations have the foundations to defend against cyber security risks and protect information relating to customers employees and business operations. First we work with you to understand your business services and assets and how you interact with your customers and third parties. Then we walk you through the 10 Steps to Cyber Security to ensure you understand the scope of each step and are able to identify the appropriate stakeholders for initial interviews. At this time, we will agree the resources required to support the review. Once the review of the resource and the stakeholder interviews are completed we are able to assess your capability against the 10 steps. Your maturity level will then be determined by reffering to a Capability Maturity Model (CMM) based on an industry standard methodology providing a maturity score between 0-5 where 0 is non-existent and 5 is optimised.

Deliverables

The findings are then formalised in a written report which provides a CMM score and recommendations against the 10 Steps and prioritises recommendations to fast-track your maturity.

The 10 Steps

• Risk Management Regime - Defining and communicating your Information Risk Management Regime is central to your overall cyber security strategy.

• Secure Configuration - Having an approach to identify baseline technology builds and processes for ensuring configuration management can greatly improve the security of systems.

• Home and mobile working - Mobile working and remote system access offers great business benefits but exposes new risks that need to be managed.

• Incident management - All organisations will experience security incidents at some point.

• Malware prevention - Malicious software or malware is an umbrella term to cover any code or content that could have a malicious undesirable impact on systems.

• Managing user privileges - Giving users unnecessary system privileges or data access rights means that if the account is misused or compromised the impact will be more severe than it needs to be.

• Monitoring - Good monitoring is essential in order to effectively respond to attacks and is often a key capability needed to comply with legal or regulatory requirements.

• Network security - By creating and implementing some simple policies and appropriate architectural and technical responses you can reduce the chances of these attacks succeeding (or causing harm to your organisation).

• Removable media controls - Removable media provide a common route for the introduction of malware and the accidental or deliberate export of sensitive data.

• User education and awareness - Users have a critical role to play in the security of the organisation and so it is important that security rules and the technology provided enable users to do their job as well as keep the organisation secure.

Customers can now purchase software solutions in AWS Marketplace directly from Blue Cube Security helping customers to leverage our knowledge of their business provide localised support and our expertise and receive the same fast and friction-free purchase experience you are accustomed to in AWS Marketplace.