It is hard to think of any modern business that is not highly dependent on data and the IT systems that underpin its use. Using a range of simple tools to understand a business, how it generates value and where the critical dependencies exist is a critical first step. Knowing your dependencies and vulnerabilities is really important in developing an effective set of cyber security control measures. 3SDL use this passive analysis as well as more active techniques, such as penetration testing, to identify your Cyber risks.
All businesses need to know what security controls, both cultural and technical, provide the best protection. This allows the business to develop their cyber security strategy to deliver cyber resilience. As well as helping you identify and classify your risks, 3SDL can help you understand your options and advise on Balance of Investment. Getting the controls right isn’t a static activity, we can also ensure that you constantly ‘check and adjust’ your controls, hopefully staying ahead of the threats.
Having security controls in place is critical, but testing them in use is just as important. The most sophisticated security strategy in the world will only be effective if technology, people and processes are regularly put to the test to identify and iron out any weaknesses. 3SDL has the expertise available to assess all your security controls, not just your IT systems. We can run workshops, red-teams or exercises to allow your staff to test the processes, and themselves, in a realistic scenario.
The information that exists on-line can be used in many ways to make you and/or your business more susceptible to attack. From Phishing to blackmail and scamming attacks, on-line personal detail can be used to make your people and your business vulnerable. Minimising the amount of personal risk is important for you, your business, and your employees. Our team knows how to find what’s out there, assess the risks and potential impacts, and how to minimise your exposure.
Your workforce is your greatest strength and your greatest weakness. We know the culture is always a contentious issue, and achieving lasting behavioural change is hard. But encouraging the right behaviours is crucial in making your business Cyber secure. 3SDL works with a number of other SMEs to ensure an optimum, and measurable, approach is taken to increase the cyber security wisdom of your employees. Given 3SDL’s training pedigree we are able to rapidly develop bespoke packages to support employee Cyber Security understanding.
3SDL offer a range of industry standard compliance checks and certifications (including Cyber Essentials advice and support, Cyber Essentials Plus, ISO 27001 and IASME Governance). But we know that gaining certification is never enough, being compliant is only the start; Cyber security must be an integral element of enterprise risk management. Our experienced team have conducted many compliance checks and we always provide honest and pragmatic advice; for us, certification is never a ‘box ticking’ exercise.
3SDL designs system architectures to address cyber security risks, reviews proposed architectures and assesses existing architectures for security challenges. We provide these highly technical services across a wide range of systems including complex integrated military platforms, aerospace/avionics systems, industrial control systems and e-commerce. Our experienced team can advise how to design and build systems that will protect your vital information. We also have the experience necessary to meet stringent external accreditation standards.
3SDL delivers a range of testing, audit and analysis services to support specific system acceptance testing, detailed technical assessments and routine client assurance. Our ISO27001 and national security policy auditors are able to scope the requirements for security testing at all stages from software unit tests to end user operator scenario based testing. We can also test your systems for technical vulnerabilities using industry standard approaches; our team hold a number of recognised qualifications and have a breadth of experience.