Includes full range of activities to achieve compliance with regulatory requirements, legislation, international standards (ISO 27000 series, PCI DSS, ISO 22301 and other).
For determination of the current level of compliance pre audit is performed, which allow assess feasibility of applicable requirements. Based on audit results recommendations and action plan with roadmap are developed to fulfill the requirements and achieve the compliance.
Consultancy is provided during action plan implementation. IncSecurity can perform any kind of activity from the action plan if the company lacks some required competencies or resources.
After successful completion of action plan implementation, certification audit is conducted (with the involvement of certificate authority, if needed).
Information Security Management System Audit
Information security management system audit provides evaluation of the current level of maturity of the company in information security aspects and its ability to repel existing and new threats.
During the audit the most optimal methods of information gathering are used to achieve the goals of audit: interview of the employees, verification of regulatory documents, records inspection, and observation of the processes.
During the expert evaluation ISO, NIST recommendations are used as well as own collection of knowledge.
The most frequent social real-life attack scenario is e-mail phishing. Attackers usually spoof the identity of trusted person and send trojan, which connects back to the attacker, or links to fake sites, which attack the client browser or ask the user to enter his credentials. Such messages can be sent to the company employees.
Flash drives with trojan can be also "accidentally" left in the publicly available location in the office and can be used to assess flash drive security awareness of employees.
Other attack scenarios, involving social networks, SMS, phone calls, etc, can be developed for specific goals.
Incident investigation is conducted in case of security breach or suspicion of it. During the investigation the fact of a security breach is established as well as its period, affected resources, unauthorized access traces and data transmission, backdoors usage, unauthorized configuration changes, security flaws that could led to security breach.
Incident response testing
Evaluation of security tools ability to monitor, log and detect and employee’s ability to respond to an incident and perform corrective actions.
During the test certain actions that imitate security breach are performed, the reaction to it and effectiveness of incident analysis and corrective measures to it are evaluated.
Configuration of actions, which imitate security incident, are based on actual company’s risks.