Probiti is specialised in cybersecurity protection. We cover the full spectrum of cyber security and operate on a strategic, tactical and operational level. We focus on the total cyberspace taken business goals and objectives as our security drivers. We make sure that we do not leave any conceptual, logical, physical or component gap to criminals to exploit. Our services spam carouse the full spectrum if cyberspace by taking into consideration the following during our engagement with our clients; identify protect, detect, respond and recover.
The identify stage provides us an insight of your business and allow us to isolate what is important to protect and at what cost. We identify client’s critical systems, business processes, networks and applications that matter the most. Links and connections to and from the organization are identified and the controls designed to protect them are clearly documented to help us Identify systems and applications for backdoors and vulnerabilities.
Identifying governance structure is a key to legal and regulatory requirements regarding cybersecurity, including privacy and civil liberties obligations. We also identify people and their cybersecurity roles and responsibilities; making sure they’re coordinated and aligned with internal roles, external partners, and their responsibility toward assets.
We also review cyber threat intelligence that is received from information sharing forums and sources. We make sure that threats, both internal and external, are identified and documented. The potential business impacts and likelihoods are identified and that the risk responses are identified and prioritised. We try to discover if risk management processes are established, managed, and agreed to by organizational stakeholders. We make sure that the organisational risk tolerance is determined and clearly expressed. Any GAP identified will be highlighted.
We aim to address the protective technology by highlighting and referencing the latest innovation in the cybersecurity space such as artificial intelligence and machine learning to ensure the security and resilience of systems and assets, consistent with related policies, procedures, and agreements.
People, culture, awareness, and processes are a key focus at this stage. We believe awareness and training should be articulated as part of the organisation protection mechanism. Then we can emphasise and make sure that adequate and functional identity management, authentication and access control solutions that address physical and logical access to assets is proposed.
We also address data security and provide a solution to secure it while in transit, processing and at rest throughout the lifecycle of the asset from creation to disposal. Data grows fast and we need to make sure that adequate capacity to ensure availability is maintained. Also, the Integrity of the data is important and we can help you introduce mechanisms to verify software, firmware, and information integrity.
Detection processes are vital to helping you discover anomalous events. This can be achieved by having the right security continuous monitoring solution of sophisticated algorithms to detect malicious activity and deliver security countermeasures, dynamic intelligence and valuable context regarding the intentions and actions of cyber adversaries. The timely analysis and routing of this security information enables us to assess risk in near real-time and allows us to report rapidly to stakeholders.
Respond is all about reaction planning, communications, mitigation, improvements and analyzing to ensure effective response and support recovery activities. The objective of this stage is to evaluate the readiness in case of a cyber-security incident. It aims to identify communication gaps and missing or unclear procedures in handling cybersecurity incidents and how stakeholders should react to such incidents in accordance with predefined standards and IT security incident response’s processes.
Recovery addresses your business continuity, recovery planning, improvements and communications. Our aim is to develop, deliver, and maintain a robust Disasters Recovery management capability that aspires to protect critical IS services and underpinning IT infrastructure against unexpected disasters which can lead to an unplanned outage of critical IS functions. Document disaster scenarios and the potential impact on the services so that appropriate plans can be put in place for each service/platform. Create disaster recovery procedures and test scenarios that can be executed to ensure fastest possible mitigations to limit the business exposure to security risks.
