Continual Cyber Assurance

Breath, Relax,
Let us worry about your cyber risk exposure.

  • Weekly Vulnerability Scanning
  • Dark Web & Internet Monitoring
  • Routine Penetration Testing
  • Monthly Cyber Risk Reporting
  • Monthly dedicated CISO Time
  • Quarterly Awareness Training Briefings
  • 24x7x365 Support

Continual Cyber Assurance Overview

Continual Cyber Assurance (CCA) evolved from the virtual Chief Information Security Officer service, or vCISOTM as it came to be known. Peter was the first to bring this service to market and many subsequently followed.

CCA is a full tailorable solution designed to bring you peace of mind around risk and “cyber” security. Bringing together everything that worked from the vCISO service and combining it with leading penetration testing and security health checks, CCA is the next generation service to help you stay one step ahead of your attackers.

CCA provides you with a continual programme of cyber security that is adapted to your business and spread out across a year.

Continual Cyber Assurance
Continual Cyber Assurance

How Continual Cyber Assurance Works

Continual Cyber Assurance starts with an on boarding week. This is a vitally important time as the success of this week ensures a smooth partnership over the following twelve months. During this week, we will look to gain as much information from you as possible. We will look to gain sight of your policies, processes and procedures, how your IT systems fit together, what defences you currently have in place and what the technology deployment for your business looks like.

We will also look to understand your aspirations as a business. What levels of compliance would you like to meet? What projects you would like to achieve? The more information we know, the better position we will be in to support you.

You will be introduced to the team that will be looking after you. This will typically include an analyst, a penetration tester, a compliance manager and a CISO.

The Continual Cyber Assurance Appliance

For some clients, we may deploy an application, either physical or virtual within their environment, to provide internal vulnerability assessments and monitoring. The appliances are fully hardened secure linux systems with AES256 encrypted drives. They communicate directly to our Security Operations Center in the UK over a TLS1.2 encrypted VPN link to provide our teams with real time vulnerability management information.

What Continual Cyber Assurance Covers

Continual Cyber Assurance is a bespoke service which is tailored to every clients needs. That said, there is a core service which changes very rarely changes. This is the foundation on which Continual Cyber Assurance is build for each client. The core includes:

Each week we will carry out the following tasks:

  • External assessment of your public address space and record any vulnerabilities present. Should we identify any critical or high risk vulnerabilities you will be notified immediately.
  • Active search of the darkweb for mentions of your company name.
  • Review of active intelligence feeds to assess the current level of cyber risk.

Each month we will carry out the following tasks:

  • Internal vulnerability assessment to identify and record any vulnerabilities present on your internal network and systems.
  • Creation of the monthly Cyber Risk Report.

Every quarter we will produce a Cyber Security Management Report which will contain details of what has been identified over that quarter and any trends being identified. We will also produce the quarters Cyber Security Awareness Training briefing based on the trends identified within the Cyber Security Management Report.

We will additionally perform a full internal penetration test against your digital and physical systems to identify security weaknesses.

  • Cyber Security Management Report
  • Internal Penetration Test Report

Every six months will perform a full internal and external penetration test against your digital and physical systems to identify security weaknesses.

  • External Penetration Test Report

Every year we will complete your Cyber Essentials and Cyber Essentials Plus certifications attend to your ISO27001:2013 audits. This includes a full review of policies and the underlying Information Management System (IMS) in line with Annex A of the ISO27001:2013 standard. On top of this, we will review your network device configurations, server and workstation build configurations and, combined with the routine vulnerability testing, we will produce a IT Health Check report.

  • Audit Support & IT Health Check report.

Every business releases new public facing services, so as part of the CCA program we will put new services, features etc. through a full CREST certified penetration test so you can be sure when they are released that they are safe.

Download the Continual Cyber Assurance Whitepaper

Download

Download the Continual Cyber Assurance PDF

Download

Let's get in touch

Send us a message
Call us

UK Office

Tel: 0161 850 0454

10th Floor, 3 Hardman Street
Spinningfields, Manchester
M3 3HF

Gibraltar Office

Tel: 540 65558

1st Floor, 138a Main Street
Gibraltar
GX11 1AA