CYBERSECURITY SERVICES -
WE DO THE WORK:
Every SEIRIM practitioner has worked more than a decade in web application security, development, systems administration or consulting. Our teams have the hard won experience, skills and certifications to secure your organization.
Get you Up to Speed Quickly
In cybersecurity it's what you "don't know that you don't know" that can get you. Most companies and their staff only have a cursory, fleeting awareness of security and how important it is. There isn't, unfortunately, a simple one, two or just three things you can do, purchase or implement and be secure. The list is long and overwhelming of everything that needs to be done right.
SEIRIM helps you understand the complete, big picture and enlighten you to the main points that should be concerning you and the processes that can put into place to account for every small detail.. We quickly highlight the possible and most dangerous weak points in your organization's infrastructure, systems and processes and what it will take to secure them.
We are platform agnostic and do not make commission or get discounts from recommending any vendor's particular solutions. We specialize in helping SME's and guarantee to recommend the most cost effective measures possible for your budget and needs. And only what you really need and no more.
Your risk profile, comprised of the nature of your business and the type and value of your assets, will determine the appropriate level of security services, hardware, systems and training that we recommend for you. Some companies by the nature of their work must go to the greatest lengths, others may be well protected with less.
Areas of Work
We work primarily in general "Services" type company environments, focusing on corporate office information, networks and physical security. This includes office IT networks and partitioned HVAC, building control and security systems.
We also support Multi Office, Remote Worker and Work from Home challenges.
Risk and Compliance Management
SEIRIM assists your company to comply to standards and frameworks such as PCI DSS, GDPR, NIST CSF, ISO 27001 & 2, Sarbanes-Oxley, HIPAA, industry and partnership specific standards, SLA's and more.
Risk Assessments are all about getting specific.
We work together with you to identify all assets (data, networks and physical), their worth to the organization and the potential liabilities for their loss. We determine with you to what lengths and at what cost they should be protected and secured.
Regarding planning, we assist to determine and prioritize the application of our security recommendations. And with our Systems Hardening services we can implement them for you if you wish.
We help devise the administrative and technical policies your company should put in place to ensure all of your staff have clear and proper guidelines and standards to follow to remain secure.
Disaster Recovery Planning
What to do when things go wrong? And not every issue and incident requires calling in the cavalry. We help your company plan for the range of possibilities with documentation showing the clear steps and procedures to mitigate risk and damage in every scenario.
We help you get your security methodology organized in your preferred system. We're comfortable working in the paradigms of NIST SP 800-53, ISO 27001 (also 27002, 27701 and 31000), or ITIL 4 as you prefer.
Our preference is to use the 2 following frameworks from NIST (National Institute of Standards and Technology from the USA) because they are most approachable for SME clients:
- RMF (Risk Management Framework) - Very useful as it informs steps in an ongoing cycle of cybersecurity improvement and strengthening.
- CSF (Cybersecurity Framework) - Leaned on heavily by us as we like the process it lays out to Identify, Protect, Detect, Respond and Recover.
Compliance and Governance
We assist your organization to comply with the requirements for your industry, including PCI DSS, GDPR, HIPAA, for the general proper handling of Personally Identifiable Information (PII), Personal Health Information (PHI) and more.
Let's Kick the Tires
How secure is your company today? Your websites, office IT network, your cloud services, your team member's working from home laptops and mobile phones? How at immediate risk is your most valuable and critical data from the world of dedicated and even automated bot attackers?
Our Vulnerability testing, scanning, probing and researching will go to great lengths to immediately and quickly uncover every weakness in your digital sphere you will want to be patching and resolving ASAP.
Using a very wide array of tools, methods, premium services and more we will provide your company a very large amount of information about what is currently good and what is very concerning and needs immediate attention.
Interpreting and Prioritizing the Info
We don't just data dump on you, we well organize and explain what all the discovered data means. We highlight which issues are the most important and pressing, which can be worked on in subsequent phases, and which can be considered down the road.
Navigating the Fixes and Optimizations
If you wish our help to do so via our Systems Hardening services we can assist to repair and strengthen all found issues for your company. We can make recommendations on paid services, systems and devices you may consider adding, and assist to implement them. Note we are very vendor neutral and agnostic, and will only recommend and use the most cost effective and appropriate solutions for your needs and budget.
Serving Nearly all IT Applications and Environments
We help with assessing your web applications, mobile applications, in-house built software, network and servers infrastructure, cloud environment, remote workers, BYOD infrastructure, partitioned services at physical locations and more.
Better the Devil You Know...
The idea behind Penetration Testing is that instead of waiting for the day a hacker attacks your company (because it's only a matter of time) and hoping you're prepared enough, you have a trusted firm do it now to really put your systems to the full test.
This goes beyond the Vulnerability Assessment (which you absolutely want to have done first, and have implemented all the recommended fixes) to actually attack your systems and personnel to "find any way in possible". This uses force and methods beyond the more passive scanning to uncover weaknesses deeper in the system.
This is a labor intensive process beyond scanning, though we can apply the relative amount of manpower and limited scope to the testing as you require. We further will detail in advance the nature of attacks we will employ for your company's selection and approval.
After your employees have undergone security training (we can advise on it), we can test them with safely-monitored and simulated social engineering attacks to put their awareness training and skills to the test. With "people being the weakest link" these exercises will help them to take the real risks very seriously and learn lessons from their mistakes.
Before full force penetration testing we recommend Threat Hunting, whereby we proactively look for weaknesses to exploit - but we hold back from the next stage of invasive and potentially disruptive steps in a pen test. This is a step up from Vulnerability Assessments but not as invasive as full on Penetration Testing.
Documentation and Recommendations
Just as in our quality Vulnerability Testing, we don't just data dump on you, we detail the meanings behind the results of our actions and discoveries, and highlight for you the fixes and optimizations recommended to repair the exposed weaknesses. If interested we can help make the changes via our Systems Hardening services.
We're not going to sugarcoat it, we're taken aback by the moral depravity of these malicious actors wrecking the productivity of companies large and small, including those handling critical infrastructure or medical services. Even if you're company isn't in an industry where life is immediately on the line, if all your business activity is suddenly frozen up it can certainly affect your livelihoods.
In the face of such drastic threats, we fight back with greater dedication, resources and creativity.
You want to be the company that doesn't have to pay the ransom, that can tell them to bugger off because your preparations were so thorough and resilient that you can weather the loss of all the data and capability that they could reach.
How can this be achieved? Well, we don't want to give our whole system and concepts away and create a weakness by having doing so, but we can summarize it by these terms: Aggressive Data backups and Security, and Resiliency of Capability. In these two veins, your data is backed up and safe and can be restored, and also importantly your company's ability to work is redundant and unstoppable.
Aggressive Data Backups and Security
We all learned a long time ago we have to back up our data, many of us the hard way. But "just backing it up" isn't good enough anymore. Malicious actors can reach those backups and lock them up, too. Even just accidents can occur, whether technical errors or natural disasters, your backups also must be protected and they themselves backed up.
We advise and follow industry best practices for conducting multiple backups, in multiple locations and ways, with encryption, redundancy, over write protection, versioning and more to help protect against malicious intent, accidents and errors. So, if the first level of backups is contaminated, the second or third (or more? for critical data yes) can still be called upon. If the latest version is affected, then historical versions are available, and so on.
The data generated by your company can reach mind-boggling amounts, and backing it all up can prove to be cost prohibitive. In your Risk Assessment process you will want to carefully identify the most important, valuable, and sensitive data in varying levels, to choose the extent of extreme safeguarding appropriate for each if you cannot budget enough to do it for all.
Resiliency of Capability
How would you do your job tomorrow with your workstation? What if the workstations of all your employees were to be wiped out, locked down or washed away in a flood? How would your machines operate? It's not just the data, but the ability to work that is a major issue.
We can help prepare for the worst with the build up of redundant workstations which are mirrors of your existing ones, whether they be Virtual Desktops ready in the cloud, actual physical ones in reserve or combinations of both.
Your company's threat profile and the nature of your work will determine the exact systems required and the extent and expense you will want to go to in their preparation.
The #1 most important protection against ransomware is user training, actually, as the users are the weakest link in an organization. But when they remain trained, all your vulnerabilities are well managed and you are monitoring your security closely hunting down threats, the next step is to build up extreme resiliency to be strong enough to bounce back from any attack.
We do all of the above and more with creativity and dedication to help keep your company secure.
We can act as your whole or just additional support staff in a Computer Security Incident Response Team (CSIRT). Depending on your own internal team assets, we can be added as Incident Response Managers, Security Analysts, or as more simply Support personnel to help your own internal IT team.
We assist your company to be prepared for data breaches, accidents, hacks, internal rogue actors and more. We will formulate documentation covering all steps and procedures to handle any situation that may occur. You will be prepared for the worst, and we can be there to help if needed.
This goes beyond IT solutions to also account for communicating with senior management, internal and external communications, human resources actions, informing your legal teams and law enforcement with detail if required.
It's important to recognize that not every security issue is equal, with not every incident requiring maximum resources in response and our planning will prepare you to act effectively to any occurrence.
Identification & Containment
We can help identify the nature and severity of abnormal activity in your IT infrastructure to help calculate the best response.
Quick action is most often required, and we can help you act quickly, augmenting or your leading your IT team to take the best steps to quell any damage.
We can also help preserve snapshots of forensic evidence to assist later investigations into who may be at fault, identify the attacker and understand what defenses failed.
We assist to remove the threat or attack, thoroughly ensuring the risk for ongoing damage has been stopped.
Recovery & Post-mortem
We work on data restoration, system repair, and re-starting the networks, servers and infrastructure that may have been taken offline by the attack or for safety during the incident response.
We also include fixing of all the issues as possible that allowed for the attack in the first place.
We can help you document all aspects of incidents covering from their origin, the vulnerabilities exploited, the remedies employed and the solutions for preventing further occurrences.
Managed Security Services
If you are a SME with growing cybersecurity needs, but not yet able to make a big budget for your own internal security team, SEIRIM can be right right fit to add on as your full or part-time committed outsourced security partner.
Managed Security Services Provider (MSSP)
As your dedicated MSSP we will assign the required amount of dedicated focus to your company's security on an ongoing full or part-time basis, with 1, 2 or more analysts assigned to your company plus a security manager.
Network and Systems Monitoring and Management
The team will work hand in hand with your internal IT department to ensure monitoring services are installed, configured and functioning properly. We will spend the majority of time continuously reviewing logs and studying abnormal findings looking for indicators of compromise, misconfigurations and attack.
The team will work to make sure firewalls, intrusion detection and prevention systems and anti-malware are all functioning well on a daily, ongoing basis.
Our team will be tracking and work to fix as much as is allowed within their remit all found vulnerabilities always focusing on the most critical. Our analysts are backed up by SEIRIM web and software application developers, and network security engineers who all specialize in systems hardening who can be called on to help resolve issues in case your IT team would like the support.
The team will run new vulnerability scans weekly or as desired so as to always be working with the most up to date perspective of your network's actual security posture.
Threat Modeling and Intelligence
Beyond scanning and repairing, the MSSP team will be researching open and proprietary services for the latest updates on threats that apply to your exact specifications of network, devices, servers, industry, location and more. They will use this gained knowledge to double check the actual threats that may apply to your company and ensure you are protected against them. A report of this research will be provided to you weekly included measures taken to address the issues.
The Most Pro-Active Step Towards Greater Security
Having advanced Next Generation Firewalls, impressive Intrusion Prevention Systems, a SIEM, anti-malware and all the rest is important, but without dedicated professionals monitoring them closely, actually checking the logs looking for missed issues with a trained eye, and continuously following up on issues, your security will still lag with weak links exposed. Whether SEIRIM, another MSSP or your own internal team, please put some dedicated professionals on the case for your security full time!
Let's do the Fortification Work
Scanning, testing, probing, attacking - the Vulnerability Assessment and Penetration Testing will most probably have uncovered a wide range of fixes, optimizations and security systems and implementations to be made.
SEIRIM can help your firm apply them properly and ensure the configurations are correct. We can work closely with or for your own IT teams to support the evolution of creating better and better defenses.
We are Developers and Programmers
Our cybersecurity team is comprised of not only cybersecurity practitioners such as penetration testers, vulnerability scanners and consultants, but also by actual software and web application developers who have worked building production applications for decades each and now apply their considerable skills to fortifying your IT assets with a cybersecurity mindset and focus.
Whether its websites, networks, web applications, software or devices we have the years of experience, training and skills to help you make them steadfastly more secure.
Critically we mention a distinguishing characteristic of SEIRIM - we are vendor neutral, agnostic, and do not receive any commissions or discounts for recommending any particular vendors products, services or systems. We are concerned that you get the most protection for your budget so we continuously help choose the most cost-effective solutions whether they may be open source or premium paid solutions as the situation requires.