Born out of 20 years experience within IT Security we offer a truly unique Cyber Security & Organisation Maturity Assessment, packaged and delivered to your Executive team for a full independent review of IT, Security, Cyber and Business Processes.
Free Cyber Security Assessment
We are currently offering a few Cyber Security Assessment for your organisational, with this no obligation assessment targeted to give you an overview of your current Cyber Security levels, free recommendations and advice. This assessment is conducted hassle free via 2 online based conference calls and a short questionnaire, ideally suited to kick start your Cyber Security strategy. Please get in touch with us via our contact form or email Sales@outboundsolutions.co.uk
Organisational Maturity Assessments
Do you know your organisation? Understand all the different departments and their processes? Know if all these departments have a focus on security (whether this is Cyber Security, Data Security, Data Classification, Data Leakage, Supplier Management, Workforce Management or Training), we focus on 10 core domains under the Cyber Security Capability Maturity Model (C2M2):
- Risk Management
- Asset, Change & Configuration Management
- Identity & Access Management
- Threat & Vulnerability Management
- Situational Awareness
- Information Sharing & Communication
- Event & Incident Management, Continuity of Operations
- Supply Chaim & External Dependancies Management
- Workforce Management
- Cyber Security Programme Management
Conducted within an informal interview based sessions looking at policy owners, people that carry out your policies / procedures and senior management who agree and sign off the policies. The report follows the C2M2 which is a framework and methodology to assess organisations posture on Cyber Security, the outputs of the assessment provide a valuable foundation if you are considering adopting one of the many formal information security standards such as ISO 27001 or the NIST Cybersecurity Framework, as the content of C2M2 correlates well with these other standards.
Free Security Scan
We offer a full public domain scan of your domain, this free free report is designed to give you a high level overview of what public information is available both on the internet and dark web including some information on your public websites, think of this as a very light touch security assessment.
Public Discovery Testing is performed to collect personal and/or sensitive data about the company that is publicly available. This information is usually accessible to every internet user. Such information is then tested with the possibility of data theft in mind. In a simple and quick way, this activity exposes basic security risks that the organisation may be open to from the outside world.
Get in touch via our contact form or email us on email@example.com
Vulnerability & Security Testing
We can also carry out vulnerability and penetration testing including web application testing for all your internal and external infrastructure and applications.
Discover, identify and classify the vulnerabilities and security weaknesses in the organisation’s computer, network, or communications infrastructure. Vulnerability Assessment provides an insight into an organisations current state of security, and the effectiveness of its countermeasures.
This would be a must and is included on all our assessments.
Testing the security controls of an organisation by simulating an attack which a hacker might undertake to exploit the weaknesses in your organisations network and applications. This service identifies external and internal vulnerabilities which would give access to the critical assets of the organisation.
Validate the configurations of Information Technology (IT) Assets and produce a list of known vulnerabilities present in the systems and applications and mitigate them before they are exploited by adversaries.
Simulate a real hacking event to test the strength of existing security defences and Countermeasures
Web Application Testing
Also referred to as web application vulnerability scanning is an automatic security program that searches for software vulnerabilities within web applications. The software first crawls and builds a software construct of the entire website. This gives the scanner an insight into the
application, which then performs automatic audit for common security vulnerabilities by launching a series of web attacks. The consultants then manually verify these security vulnerabilities.
- Identify security vulnerabilities and issues that exists in customer’s web site using a vulnerability scanner.
- Issued identified by the vulnerability scanner are manually inspected and reported.
- External Web Application Scanning: Performed remotely against customer’s web site(s) that are publicly accessible. The customer would provide the necessary credentials to the application prior to the investigation. The consultants would configure the vulnerability scanner to scan the web application(s). The identified vulnerabilities are then verified manually.
Corporate Risk Management
If you need help in designing, building and running a corporate risk management framework, risk registers and risk assessments we can come in and set the ground running for your business to maintain moving forward.
Having a robust and tested business continuity plan is not only good practise and healthy for organisations but also proves to your customers and suppliers that you are a mature and proactive business. We can review your plans and procedures, write them and arrange for testing or put a strategy in place to ensure your organisation builds and maintains these moving forward.
Virtual Security Officer
Employing dedicated security teams and Security Officers is costly, if you organisation is a small – medium keeping these people could be a challenge. This is why we offer a virtual Security Officer (or vCSO) service and “loan” you a dedicated person to act as your security team and take care of your IT and data security activities.
We offer remote and onsite training for your IT teams and business staff targeted with different audiences in mind and tailored for your business, these course offer awareness of different cyber security topics, industry trends and different attack vectors. We recommend these are conducted annually to ensure your staff are trained and can be included as part of an induction course.
Recent additins to these courses include topics for distributed work forces, working from home and protecting the corporate assets in this new post pandemic era.