The hypoconnectivity environment in which we work, implies an increased risk for all types of organizations.
Cyber security involves not only technology deployment but also a focus that includes prevention, analysis and assessment.
In addition, the most important attack vector is the internal user, reason why security awareness and good practices within organizations (social hacking) are needed.
Preventive, reactive and evolutionary security
We propose cybersecurity as a comprehensive and proactive approach at different times. This includes actions to predict, analyse or assess risks before, during and after an attack
We seek to protect our customer without affecting employee productivity, ensuring security without prohibiting the use of applications or devices.
How we got it
Analysing each business and activity and implementing the necessary measures to mitigate the risk. The success of a cybersecurity strategy involves the integration of different vectors of risk: technology, the user and the environment.
The ultimate goal: to ensure that the organizations we work with become aware of the importance of security and develop best use practices apart from concrete risk situations.
What challenges do we face?
Regulatory compliance to avoid civil and criminal sanctions for non-compliance by GDPR.
The control of information, since it comes from external sources, but it moves and it is stored in our systems.
Avoid loss and corruption of information.
Our vision of cybersecurity
-
It must involve the entire organization. -
It must integrate the agents of the ecosystem (internal and external). -
We believe that technology must be an enabler that enhances capabilities. -
We believe it should be based on continuous improvement and feedback.
Our methodology
Risk assessment
Security requirements established
Security by Design
Security by Default
Control panel for good management in Cybersecurity
Security
Framework
Digital Surveillance
Threat Model
We work on the basis of risk assessment and safety requirements from the very outset.
We have established a framework for good cybersecurity management ruled by a security framework.
We set a model of permanent threats to identify the specific risks of each use case or those not covered in the first instance (Out of the box).
Digital Surveillance. We use technical intelligence (OSINT, SOCMINT, COMINT, NETINT, IDINT, etc.) to identify other risks (Ex: exfiltration of information).
Philosophy Security by Design and Security by Default.
Good practices and quality (compliance) control using Quality Assurance.
- Intelligence
- Advanced resilience and Adapt4ed innovation
- Industrial Security 4.0 and IoT
- Safety in the cloud
- Security laboratory
- Advanced management
- VIP Services
- Advanced Virtual Services
- Design and Safe development
- Diagnostic and evaluation
- Training and Awareness
- Anti-Malware
- Safe communications
- Workstation and Mobility
- Identity, Authentication and Authorization
- Access control
- Confidenciality and Data protection
- Monitoring and Alert
- Diagnostic and evaluation
- Training and Awareness
- Governance
- Business continuity
- Workstation and mobility
- Suitability
- Compliance
- Technical and pericial audits
- Risk
- Safe Development (SSDLC)
- Engineering
- Training and Awaerness
- Safety Governance and Risk
- Defense
- Surveillance and Monitoring
- Early warning and Intelligence of threats
- Detection and response