top of page
cyber protection mobile.png

Cyber Prevention

The old mantra that prevention is better than cure still holds true.  At Cyberprae we provide the necessary guidance, advice and tooling to help prevent a Cyber incident from happening in the first place. There are several services that we deliver under the umbrella of ‘Prevention’.

Cyber Assessment

The output of this exercise is a set of recommendations along with a statement of Cyberprae’s view as to the security preparedness of the organisation.  Organisations choose to run through an assessment for various reasons.

Following a recovery

Validation is essential following a recovery exercise as these are done at pace.  It is important that we double check nothing has been missed as the focus switches from recovery to normal day-to-day operations.

Peace of mind

Simply to provide a snapshot and view as to where they sit in respect of Cybersecurity.  The outcome will be reassuring, or it will provide an understanding of the current risks and associated actions required to mitigate those risks.

Planning

To protect what you have, you first need to understand exactly what you have. Once you assess your exposures and risks, you can take steps to mitigate them.

The validation exercise utilises a range of toolsets and processes.  It typically takes around ten to twenty working days and will require the support and engagement of the client’s IT team.  At a high level it includes the following activities;

External Attack Surface Management

An external look at the organisation using only publicly available information as this is the information that malicious actors will use.  We look to identify vulnerabilities, gaps and potential weaknesses.

Dark web Investigation

We look for an organisations key people and system identities (domain names, IP addresses etc.).  This will identify systems and people that may have been previously compromised and therefore could be a specific target.  We use the information to take appropriate preventative action.

Estate Audit

The deployment of several toolsets to give us visibility of the networks and all endpoints.  We then collate the information to identify vulnerabilities that exist across the estate. 

Microsoft 365 Audit

This is a deep dive into the configuration and policy settings of Microsoft 365 to ensure that the security baselines are being adhered to or have not been misconfigured.

Credential Vulnerability Report

User credentials are the keys to any IT environment.  We run a propriety tool across the local Active Directory and Entra ID / Microsoft 365 tenancy, review Kerberos security, all user accounts, privileged accounts and Group Policy Objects (GPO’s) to ensure that user accounts and system configurations are being managed correctly in respect of security.

Cyber Insurance Validation

We partner with leading insurance companies to help validate an organisation's security controls against cyber-attacks.

Where gaps in protection are identified, we assist in implementing the necessary controls, enabling insurers to offer cyber insurance at a reasonable and competitive rate.

The Cyber Insurance Validation process is a Cyber Assessment that is geared to the controls and requirements of the insurance provider.

bottom of page