The longer term aim of any engagement must be to improve security of the network in general, and defence against targeted attacks or APT in particular. The Protect phase of our services consists of a number of very different activities, including both one off exercises and operations which should continue and become part of an organisation’s Business As Usual practice.
It is important to understand that targeted attacks and APTs – those carried out by sophisticated and well-resourced attackers – will not go away and cannot ever be completely mitigated. Techniques, tools and delivery methods will all change; and the ability to find attacks this week is no guarantee that you will be able to detect attacks next week. If your data is worth stealing today, it will be worth stealing tomorrow. The Protect phase has no end point; it consists of a series of ongoing measures designed to continuously raise overall network defences.
Each client will have a different set of circumstances: no two organisations are exactly alike; budgets will differ, internal skillsets will vary, and the value of the data to be protected will vary both by client and over time. Context recognises this and will support a client, whatever their goal, with a range of well-established, bespoke services which will ultimately improve protection from attacks and increase the ability of an organisation to detect attacks at an earlier stage.
These services include:
- Training in any aspect of security
- Briefings and presentations to raise awareness of targeted attacks and exercises to test responses
- Penetration testing (infrastructure or application)
- Preparation and implementation of a Cyber Security Strategy
- Incident response and forensic readiness planning
- Gap Analysis of current security posture compared to industry best practice