[Type text]

I.T SECURITY ASSESSMENT PROPOSAL

NETWORK AND SECURITY AUDIT

2016
CYBERSENSE
Advice, Defend & Monitor

CYBERSENSE
Advice, Defend & Monitor
I.T SECURITY ASSESMENT PROPOSAL

info@cybersenseltd.com
+254 721 683 142 / +254 733 477 889
CYBERSENSE
Advice, Defend & Monitor I.T SECURITY ASSESSMENT PROPOSAL

Contents
EXECUTIVE SUMMARY .................................................................................................................................. 3

Vital Questions Business Leaders in Both Strategic and Operational Roles MUST Answer: ........................ 4

What is I.T. Security Assessment?................................................................................................................. 4

Cyber-security Assessment is Essential in an Enterprise Because: .................................................... 5

Why do you need I.T Security Assessment? .......................................................................................... 5

The Goals of I.T Security Assessment are: ............................................................................................. 6

Scope an I.T Security Assessment ................................................................................................................. 6

Deliverables................................................................................................................................................... 7

How Much does it Cost? ............................................................................................................................... 7

Who is CYBERSENSE? .................................................................................................................................... 8

CYBERSENSE Approach .......................................................................................................................... 9

Why Choose CYBERSENSE ..................................................................................................................... 9

Clients.......................................................................................................................................................... 11

2|Page

Our Goal: To make your digital infrastructure more robust and secure.
CYBERSENSE
Advice, Defend & Monitor I.T SECURITY ASSESSMENT PROPOSAL

EXECUTIVE SUMMARY

I.T Security Assessment (penetration testing) can help protect applications

by exposing weaknesses that provide an alternative route to sensitive data.
CYBERSENSE will help protect your digital enterprise against cyber-attacks
and internal malicious behavior with end-to-end monitoring, advising and
defensive services.

The more you know about your vulnerabilities and security controls, the
more you can strengthen your organization with effective procedures for
governance, risk and compliance.

With the growth in cyber-attacks and data breaches costing business and the
public sector millions every year, cyber security is now high on the strategic
agenda.

The deliverables will be a report and result analysis with the client and
remedial action which will be dependent on the results and what the next
course of action should be.

Whether you are looking for advice, testing or auditing services, it is our job
as information risk, security and compliance specialists to keep our
customers protected in todays dynamic risk environment. Our elite team,
experience and proven approach keeps you protected with future-proofed
advice delivered in plain English.

By thinking outside the box, and keeping up to date with all the latest
developments, we ensure we keep you one step ahead of the cyber threats
and vulnerabilities.

CYBERSENSE is a full-service information security consulting firm

specializing in security assessments, application security, penetration
testing, policy development, regulatory compliance, security research, and
security training. Its consultants come from a wide range of backgrounds
and specialties.
3|Page

Our Goal: To make your digital infrastructure more robust and secure.
CYBERSENSE
Advice, Defend & Monitor I.T SECURITY ASSESSMENT PROPOSAL

Vital Questions Business Leaders in Both Strategic and

Operational Roles MUST Answer:

1. How do you know if your business is resilient enough to cyber-

attacks and fraud?
2. Breaches are inevitable. How prepared are you?
3. Are you compliant with privacy and security regulations and
corporate policy?
4. Is it possible to combine IT transformation with acceptable risks?
5. How secure are your website, apps, data centers and data?
6. Do you have a way to transform your current practices to
manage increasing threats?

What is I.T. Security Assessment?

The IT (Information Technology) landscape is sophisticated. Dealing with

multiple contractors and suppliers, different IT architectures, and multiple
hosting provisions has made it further difficult to maintain a consistent view
of the cyber threat at all levels. And the threat is constantly evolving.

Even when you might think a system is secure, traditional preventive

security methods may not fully detect or block frauds and cyber-attacks.
That is why businesses cannot afford to let these threats stand in the way of
growth and expansion.

I.T. Security Assessment, which involves probing applications, operating

systems and device configurations with the goal of gaining access to
protected data, is a good way to determine what weaknesses may be
present in an organizations IT infrastructure.

This is among the first steps an organization can take to systematically

eliminate risky configurations before attackers can exploit these openings.
4|Page

Our Goal: To make your digital infrastructure more robust and secure.
CYBERSENSE
Advice, Defend & Monitor I.T SECURITY ASSESSMENT PROPOSAL

Cyber-security Assessment is Essential in an Enterprise Because:

By putting in place proper cyber-security assessments and audits, your

organization can define the right strategy and growth/expansion program to
protect your sensitive data and assets. By doing the following:

1. Proactive Security Auditing/Testing: is the best safeguard against

hackers and fraud.
2. In case if the software system is already hacked (backdoor) and
organization wants to determine whether any threats are still present
in the system to avoid future hacks.
3. Organizations want their data to be secured, and security audit/testing
is essential to ensure security.

Why do you need I.T Security Assessment?

It is an important service that any business with sensitive data on their

networks should consider. The information obtained from an audit/test may
help prevent security breaches in critical public (web) facing infrastructure,
as well as flaws within the LAN (Local Area Network).

Also the information obtained from the assessment can be used to better
prepare your business against the ever present threat of cyber-attacks.

Getting tested may also provide additional intelligence to help complete risk
assessments and to seek additional funding when changes need to be made.

5|Page

Our Goal: To make your digital infrastructure more robust and secure.
CYBERSENSE
Advice, Defend & Monitor I.T SECURITY ASSESSMENT PROPOSAL

The Goals of I.T Security Assessment are:

1. To determine whether and how a hacker or/and malicious user can

gain unauthorized access to assets that affect the fundamental
security of the system, files, logs and/or data.

2. To confirm that the applicable controls, such as scope, vulnerability

management, methodology, and segmentation, required in compliance
are in place.

Whether you are looking for advice, testing or auditing services, it is our job
as information risk, security and compliance specialists to keep our
customers protected in todays dynamic risk environment. Our pragmatic
approach translates across industries to make robust, sustainable security
possible, irrespective of standards or regulations.

Our elite team, experience and proven approach keeps you protected with
future-proofed advice delivered in plain English.

Our expertise is only surpassed by our dedication to get excellent customer

service. By thinking outside the box, and keeping up to date with all the
latest developments, we ensure we keep you one step ahead of the cyber
threats and vulnerabilities.

Scope an I.T Security Assessment

The scope of an I.T Security Assessment must include the entire perimeter
and any critical systems that may impact the security of the information
assets as well as the environment. This includes both the external perimeter
(public-facing attack surfaces) and the internal perimeter (LAN-LAN attack
surfaces).

6|Page

Our Goal: To make your digital infrastructure more robust and secure.
CYBERSENSE
Advice, Defend & Monitor I.T SECURITY ASSESSMENT PROPOSAL

Deliverables
Upon completion of the security test, a detailed report is sent to the client,
including the following:
1. Executive summary: summery of the purpose of this test, as well as a
brief explanation of the threats facing the organization from a business
perspective
2. Findings: a detailed, technical explanation of the findings of the tests,
with steps and proofs of the findings.
3. Conclusion and recommendations: this section provides final
recommendations and summary of the issues found in the security
test.
4. Problem identification to solution.

How Much does it Cost?

Costs of a security audit / penetration test can vary considerably, depending
on the project size, and often what the clients scope or objectives are. Each
test is quoted for once a full understanding of all the aims and objectives
from the client have been made clear.

7|Page

Our Goal: To make your digital infrastructure more robust and secure.
CYBERSENSE
Advice, Defend & Monitor I.T SECURITY ASSESSMENT PROPOSAL

Who is CYBERSENSE?

CYBERSENSE LTD is a vendor neutral consulting firm that specializes in

Information Security Services. The team is experienced, trained and are
certified security professionals with a broad range of information security
skills supplemented by subject matter expertise in one or more of the
security domains.

Having experience in breaking into most targets, CYBERSENSE has a very

good understanding of what it takes to secure them

We are the only provider of true performance based information security

services/consulting. Let CYBERSENSE secure your business by letting us find
the issues before others (attackers/hackers/insider threats) do.

8|Page

Our Goal: To make your digital infrastructure more robust and secure.
CYBERSENSE
Advice, Defend & Monitor I.T SECURITY ASSESSMENT PROPOSAL

CYBERSENSE Approach

CYBERSENSE is a full-service information security consulting firm

specializing in security assessments, application security, penetration
testing, policy development, regulatory compliance, security research, and
security training. Its consultants come from a wide range of backgrounds
and specialties.

With a forward thinking approach of potential cyber-security attacks and

incidents is necessary. Security auditing/testing assessment allows
identification of weaknesses within the digital infrastructure system through
non-nosy tests by.

Identifying methods for securing client systems and services.

Helping prevent security incidents.

Prompting secure coding within applications.

Providing a case for investing in security controls.

Identifying areas for investments through security improvements

initiatives.

Why Choose CYBERSENSE

9|Page

Our Goal: To make your digital infrastructure more robust and secure.
CYBERSENSE
Advice, Defend & Monitor I.T SECURITY ASSESSMENT PROPOSAL

Weaknesses in information security can jeopardize your mission, threaten

your profitability, and invite fines and penalties from regulatory bodies.

If you arent completely confident in your information security posture or

your ability to manage IT risk, talk to CYBERSENSE.

Our cyber security consultants provide services and solutions that deliver
continuous security assurance for business, government, and critical
infrastructure.

By having around the clock monitoring and analysis, security is now a

business enabler to help enterprises embark on their transformation journey
confidently.

10 |
Page

Our Goal: To make your digital infrastructure more robust and secure.
CYBERSENSE
Advice, Defend & Monitor I.T SECURITY ASSESSMENT PROPOSAL

Clients
Projects done in collaboration with CYBERSENSE and IICFIP (International Institute of
Certified Forensics Investigation Professionals) - http://www.iicfip.org/

Malawi Revenue Authority

Ant-corruption Bureau Malawi
Federal Inland Revenue Services - Nigeria
Civil Aviation Authority Uganda
Kenya Meat Commission
Local Government of Namibia
Swaziland Revenue Authority

Computer Pride LTD www.computer-pride.co.ke

Institute of Advanced Technology - www.iat.co.ke

Techno Brain www.technobraingroup.com

Office of the President Kenya (NDA)

Partnership with Sensepost to do I.T security analysis for safaricom

THE NAIROBI LAW INSTITUTE (www.nbilawinstitute.com)

Government Web Application Audit (Details are NDA) Kenya

Information System (External) Network Perimeter analysis for Kengen Kenya

Exploratory Forensics for SBC Holdings (Pepsi East-Africa Franchise holders). Nairobi
(Kenya) office.

Vulnerability Assessment and Penetration Testing for Meridian Medical Center.

Kenya Institute of Data and Forensic System (www.kidfs.co.ke) Safaricom and NBK
(National Bank of Kenya)

THANK YOU IN ADVANCE FOR THE OPPORTUNITY

Get in touch

info@cybersenseltd.com

+254 721 683 142 / +254 733 477 889

11 |
Page

Our Goal: To make your digital infrastructure more robust and secure.