Cyber Security and Information Risk Management

Cyberis has a wide range of consultancy services for the information age and to support your organisation in an increasingly interconnected world.

Our security experts have many years’ experience and can advise you on all cyber and information security matters enabling you to manage threats and information security risks in a way that supports your business objectives effectively.

  • ISO 27001:2013 Consultancy – ISO/IEC 27001:2013 is the international information security standard that is accepted as best practice in the UK and worldwide, providing a competitive advantage for many organisations.  We provide services to support all aspects of the ISO 27001 certification roadmap, including awareness seminars, ISMS scoping, risk assessments, business impact analysis, risk management (ISO 27005), gap analysis, detailed controls assessments (ISO 27002) and security policy reviews/development.
  • Maturity Assessment – A Cyberis maturity assessment is an executive-level appraisal of your information and cyber security maturity & performance, using objective measures and scores over multiple information security facets, aligned to the ISACA COBIT maturity model.  Cyberis’ experience across all industry sectors enables us to provide a comparison of your position against peer organisations.  Following the maturity assessment, we can also provide a ‘future-state’ model and prioritised roadmap to plan short and long-term objectives.
  • Enterprise Cyber Threat Assessments – We provide enterprise-level cyber threat assessments, based on current threat intelligence associated with your organisation and its information assets, to provide a prioritised list of threats sources, actors and events, based on the threat determination model of NIST 800-30.  The cyber threat report will include an executive-level summary that describes the cyber threats facing your organisation.  The information provided can be used as input to an extensive cyber risk assessment.  Our risk consultants can also assist in providing risk management frameworks through to delivery of a full cyber risk assessment.
  • Tactical Risk Assessments – In addition to enterprise risk management, most organisations will encounter potential issues, concerns or perceived risks with specific information systems, which can be effectively managed through a tactical technical system risk assessment.  Using a methodology that best suits your organisation, Cyberis risk consultants will provide the tailored risk assessment with risk treatment advice, drawing on our direct experience in delivery of penetration testing, cyber-attacks and vulnerabilities, using a methodology that best suits your organisation’s approach to risk management and its appetite.
  • CPNI / CIS Critical Security Controls for Effective Cyber Defence Assessment – The critical security controls are a baseline of high priority information security measures that can be applied across an organisation in order to improve its cyber defence.  The Center for Internet Security (CIS) brings together world community expertise in sharing cyber defence information and effective practices.  Cyberis will assess your organisation’s current control set against the twenty controls and provide a prioritised roadmap taking into account the priorities of your organisation or business.
  • Legal, Regulatory and Contractual Advice – From Data Protection to PCI DSS, Cyberis can provide independent advice and assessments based on a wide-range of common legal, regulatory and compliance requirements.