Posts made in October, 2017

Cyber threats change over time – businesses change all the time. As a result, keeping a business cyber secure requires expertise & experienced–based decisions to make suitable adjustments to cyber defences over time. Our customers can benefit from access to that quality of security resource through our ongoing, retained CISO advisory service.
Whether or not they are a customer for implementation or managed services

Cyber CISO Advisory service:

A. Provides expert, experienced security leadership & advice on a retained basis
B. Provides for a fixed number of days of advice per month, with provision for extra time on a T&M basis
C. Can provide mentoring to internal security teams & strategic & practical advice to teams, executives & Board
D. Retained Cyber CISO advisory support – 1 to 5 days per month

For most businesses Cyber Defence is a necessary, but not mainstream, activity. It makes sense for some businesses to partner with an expert & experienced resource like Cydefence in the ongoing management of their security measures – to ensure the right security is maintained without becoming a burden to the operation of the rest of the business.

Cyber Defence Management service:

A. Initial cyber defence scoping study – requires Services 2 & 3 to be contracted
B. Implements cyber defence service delivery management for agreed high-priority services
C. Finalises second phase “Cydefence Introduced” service contracts
D. Cydefence Managed total fees dependent on the cyber defence services selected & agreed with the customer – typically paid as a monthly service fee, including both Cydefence costs & contracted (Cydefence Direct & Managed) vendor service fees
E. Expected managed service initiation timeframe – 1-3 months from Service initiation
F. Followed by managed service operation as agreed with customer – with 1 year minimum and minimum 3 months termination notice (subject to negotiation to meet customers’ needs)

We have many years of experience of the challenges & tricks of implementing cyber security measures efficiently. So not only can we provide our customers with a suitable, realistic plan, but we can manage the process to plan & budget, to deliver an effective set of defences.

Cyber Defence Implementation service:

A. Implements high-priority cyber defence services (as optionally justified in Service 1 (Strategy) & planned in Service 2 (Planning))
B. Finalises priority services through “Cydefence Introduced” service contracts
C. Initiates on-going cyber defence services by customer, third-party – or potentially Cydefence under Service 4
D. Total fees are dependent on the cyber defence services selected & agreed with the customer
E. Expected timeframe for implementation – 3-6 months from service initiation, dependent on scope of security measures
F. Cost in line with customised proposal to meet each customer’s needs

A Cyber Defence Strategy is an essential business tool because it shows how to go beyond basic cyber security hygiene to tailoring of additional security measures to meet the risks that are specific to the business – it lays out a roadmap for continuing improvement over a number of years, as the risks evolve.
Cyber Defence Strategy service:

• Defines a Cyber Defence Strategy that will:
  Identify key cyber risks
  Clarify the security mechanisms necessary to manage those risks
  Lay out a medium-term roadmap for the customer’s deployment, with credible measures of the reduction in risk over time
• Aims at providing a risk justification for all the services eventually implemented
• Requires 4-8 weeks elapsed time
• Provides a suitable preparation for service 2 (Planning)
• Results in a documented strategy, risk assessment & service implementation plan

Cyber Defence Planning is necessary for most businesses – apart from the smallest – to ensure that the security measures that the business invests in are implemented fully, efficiently – and at optimal cost.
A Cyber Defence Plan may lay out the first steps (e.g. for the first year) in following a Cyber Defence Strategy
Cyber Defence Planning service:

• Provides a detailed implementation plan for the customer’s front-line cyber security mechanisms
• Specifies the need & priority for cyber defence mechanisms in phases of deployment as suitable for the customer’s strategy & growth, with indicative costs for later phases
• Requires 4-8 weeks elapsed time
• Results in a documented cyber defence implementation plan
• Optionally, can result in a commercial contract draft for provision of front-line services under “Cydefence Direct” arrangements
• Optionally, can result in prepared contracts for third-party provided cyber mechanisms as “Cydefence Introduced” services