In order to assess the Cyber Security Posture of governmental and vital organizations, NCSC has developed a package of assessments that will help to define the organization’s level of security and identify security issues in compliance with international Cyber Security Best Practices. This assessment will help to identify, validate, and assess technical vulnerabilities and assist organizations in understanding and improving the security posture of their systems and networks. NCSC will provide technical recommendations and advisories based on this assessment, where applying them would be under the organization’s responsibilities.
Cyber Security Maturity Assessment
To help in assessing the security maturity of a client network and security management, a Security Gap Assessment Framework and minimum security requirements based on ISO27001: 2013, CMMI and the SANS TOP 20 Controls has been developed. NCSC will provide recommendations on executing the suitable and effective controls based on the results of Risk Analysis. Also, NCSC will provide the needed KPIs in order to measure the performance and effectiveness of those controls.
Security Architecture Review
Security Architecture Review service assesses an organization’s overall network design from a security perspective, including DMZ placement, network segmentation, external presence, and hardening techniques. NCSC will provide recommendations based on the performed assessment; those recommendations will be based on security best practices.
NCSC will provide an assessment of the configurations on different network devices (i.e. FW, Routers, Switches, and provide recommendations in order to mitigate the identified risks.
NCSC aims to improve the security posture of governmental and vital organizations through on-site visits to perform a vulnerability assessment. This assessment will help to identify, validate, and assess technical vulnerabilities and assist organizations in understanding and improving the security posture of their systems and networks. NCSC will provide technical recommendations and advisories based on the assessment, where applying them would be under the organization’s responsibilities.
By using a real hacking techniques and tools we will put your systems under attack to determine the security issues including improper system configuration, software or hardware vulnerabilities, security weakness and web application vulnerabilities. NCSC will simulate attack scenarios to exploit the vulnerabilities after being identified, and provide recommendations to fix the security issues and minimize the risk on the organization information systems.
Cyber Security Consultations
Based on the observations that NCSC witnesses within the national cyberspace, we will provide information assurance-related consultation services in order to achieve the goals of different organizations. NCSC will provide consultation services in areas such as reviewing the organization’s information security strategy and assisting in writing and reviewing RFPs for security solutions and services.