Cyber Security Assessment & Security Testing
Cyber Security Resilient Through Security Assessment & Testing
What is the quickest way to understand an organisation's security posture to perform a Cyber Security Assessment. The client had been a target of multiple attempted breaches and some unknowns. Pragma recommended conducting a strategic Cyber Security Assessment on the clients' entire IT infrastructure and business across seven countries, covering their business process, strategy, network, servers and workstations to avoid future disruption.
The Pragma Cyber Security Assessment is a comprehensive and flexible framework for developing, delivering, communicating, and maintaining an enterprise-wide information security program and strategy. The Pragma model is aligned with the COBIT, COSO, ISO27001, NIST, and ITIL frameworks and is used to evaluate the maturity of the client's security program and highlight capability strengths and gaps requiring immediate or strategic focus. Pragma's Security Strategy methodology covers the people, process, and technology domains. It takes a “threat-centric approach” to identify program weaknesses and align priorities for the organisation to protect critical assets. Pragma's approach to Security Strategy provides traceability and alignment to business objectives while raising the visibility of security. To further support the Cyber Security Assessment, a vulnerability test is performed across the whole estate.
Working with the client's Global Technology and Business Teams, Pragma was able to identify key cyber security risks, with some unique to a few locations and most that are present across all sites and worked to align security initiatives in the client's overall IT Roadmap that required immediate and strategic focus. Pragma provided an OnDemand Vulnerability Assessment and Threat protection service covering the client's entire network, which provides a continuous and controlled (OWASP) based and (CREST) certified vulnerability testing of security controls, policies, and procedure set in place, ensuring that the client's enterprise security capability is up to date and effective.
The client implemented Pragma's recommended remediation action point for each location according to priority; security awareness training has been included in the client's management onboarding process. With the roll-out of new security protocols, all areas have achieved a strong maturity score for their Cyber Security Posture. Risks were rated and enabled the client to prioritise remediation efforts.