Welcome to Cyber Security International

A Dutch cybersecurity consultancy company

We are a team of experienced cybersecurity professionals with at least more than 25 years experience in the (cyber)security arena. At CSI we are engaged to discuss the security issues, business impacts, and potential strategies of industry, government, and educational organizations that create and maintain data, such as digital repositories, databases, data warehouses, aggregated information systems, (hybrid) cloud solutions and more. Feel free to get in touch with one of our experts.

Services

High-profile security breaches have become routine. Organizations still rely too much on traditional assessments that fail to identify new emerging threats. Ad-Hoc pentesting will generate a myriad of data that can be lost or wrongly interpreted. In our opinion, it is the sum of additional services that can make the difference in the fight against cybercrime. To find solutions for cybersecurity risks or mitigation we need to think differently. It can never be β€œone-shoe-fits-all,” it always a tailor-made approach. We have built our services in such a way we can combine them as building blocks to provide a solution for our customers.

Assessment >

Assessments

As one of the starting elements in every cybersecurity engagement, we offer some assessments for our clients to choose from.

Security Risk Assessment (SRA)

Our security risk assessment is a combination of a threat assessment, vulnerability assessment and in most cases include mitigation measures and recommendations. These recommendations and measures are customer specific so their management will be able to decide what processes or procedures should be in place at their pace and management cycles. We recommend to include a site security survey into the vulnerability assessment to be as complete as possible.

Privacy Impact Assessment

Privacy impact assessment is a process to identify and to reduce the privacy risks of an organization. Security and privacy should be a mandatory step in every new or existing project management cycle. A PIA analyzes systematically the privacy posture of the organization including individuals (subjects) involved. We support PIAs as part of the requirements of the General Data Protection Regulation (GDPR) at organizations. The GDPR is an EU regulation with the intent to strengthen and unify data protection for all individuals within the European Union. The GDPR will be in effect within the European Union as of 25th May 2017.

Vulnerability Testing

Our vulnerability testing is a process that defines, identifies, and classifies the security holes (vulnerabilities) in a computer, network, or communications infrastructure. Also, our vulnerability assessment can forecast the effectiveness of proposed countermeasures and evaluate their actual effectiveness after they are put into use. Mostly this will be a part of a PenTest or RedTeam engagement.

Penetration Test

We provide cybersecurity assurance through penetration testing. Our penetration tests (PenTests) include network infrastructure, applications, and operating systems. By using known vulnerabilities of (unpatched) systems to elevate rights gained from decrypted hashes and reconnaissance (Recce). All our consultants are certified to ensure high quality.

Red Team

Our independent RedTeam challenges organizations to improve their operational security readiness, architectures, and internal processes. Our RedTeam will perform pentests as part of their β€œcheck.” It is a valuable approach when organizations want to test their Blue Teams. A blue Team can be a local security team, a security operating center (SOC) or any combination of internal or external organizational security expertise. We have experience in performing these tests for all types of companies. Small and medium businesses up to multinationals and governmental.

Cyber Security >

Cyber Security

Cybersecurity is the methodology used to identify information security risks by addressing all topics to safeguard the confidentiality, integrity, and availability of information systems. We identify this as a compilation of technology solutions and processes to enable cybersecurity in any organization.

Architecture Design

We can assist or to advise organizations in the design and build a cybersecurity infrastructure that enables their business and be secure against latest threats. If needed we can assist, collaborate or design from scratch an infrastructure that fits organizational needs.

Architecture Review

Due to a shift in business or another rationale we can support the local team of an organization to review and make recommendations of their security architecture to be robust and compliant.

Cyber Defence Design

For many organizations, their Intellectual property, databases, and other sensitive data need to be secured. We can assist in designing custom-made cyber defense environments.

Cyber Defence Review

Organizations need to test the availability and integrity of their proposed solutions. We have experience in testing and recommend solutions to fit the new tomorrow.

Cyber Threat Analytics

For many organizations, it is mandatory to enable insights of the latest generation of cybersecurity risks and threat vectors. It is requesting more robust and cyber-secure environments as before. We have experience in monitoring and analyzing data in real-time. On-site monitoring or a centralized (outsourced) monitoring solution to safeguard the organizational environment is one of our core services.

Workshop >

Workshops

If organizations want to be up-to-date with latest threat vectors, cybersecurity solutions, cyber defense techniques or regulatory requirements its mandatory to exchange knowledge. A workshop setting is the best way to exchange our knowledge to organizations. The knowledge demand is different and can go from simple processes to intriguing architectural cybersecurity principles.

Leadership Awareness

A leadership Awareness workshop is a type of workshop where we discuss the latest emerging cybersecurity threats landscape on a high level with the customer. What they should know on board level, and how to control these processes in their organizational environment.

Security Architectural Design

A robust security architectural design is a mandatory item for most organizations. Any organization is unique, so their design should be unique too, and taylor made for their (future) need. We have experience cybersecurity architects who can support organizations in a workshop setting to identify their needs and build the blueprints from scratch.

Cyber Defence

Cyber defense is the executive part of de combination between cybersecurity and cyber resilience. How good are the defenses of organizations against threats and what is needed to be able to be back in business after a cybersecurity-related attack. In a workshop session with architects, policymakers, and management we can discuss these topics to make organizations futureproof.

Compliance

If it is Cybersecurity, Privacy or any other relevant cyber issue. It is for most organizations a challenge of how to proceed, or what should they do (invest in?). To create a justification based on facts and organizational requirements we can support in a workshop setting the customer in taking the right decision at the right time to lower liability and raising their organizational compliance posture by addressing the items needed to remediate to be compliant.

Management >

Management

Security management is a profession on itself. Organizations or individuals can certify them against latest technologies, processes and compliance requirements. As an organization with a long history in the cybersecurity world, we have experienced colleagues (associated partners) available to support the need of organizations to support (cyber) security management.

CSIRT Management

Cybersecurity Incident Respons Team (CSIRT) is a special and well-documented approach on how to deal with cybersecurity related incidents. However, emerging threats and intrusive techniques make it mandatory to have skilled and experienced managers that can deal even with the latest real-time data analytics. We support organizations with our knowledge and experience.

Forensics

A (cyber) security breach is an issue in itself, to deal with the aftermath or to find the root cause of the issues on hand organizations need insight in what happened. We have experience in assisting organizations with forensic expertise. In some situations, we can assist CSIRT teams in additional forensic capabilities to remediate an incident and find and analyze the root cause.

Security Program or Project Management

We have experienced project managers with cybersecurity background to support organizations that need this type of expertise to run a cybersecurity program, or temporarily support organizational staff.

Interim CISO

A chief information security officer (CISO) is the end responsible security officer in an organization. He responds to incidents, establishes standards, is responsible for compliance and processes to reduce IT risks. We can support organizations in a temporary CISO to solve their security issues on hand and giving organizations time to find a permanent solution.

Interim DPO

Data privacy is a growing market due to new compliance regulation on national and EU level. Large organizations need to have a Data Privacy Officer (DPO) to keep up with the privacy related processes and procedures. Some organizations do not want or need a full-time DPO. As an organization with experience in data privacy, we can support organizations in a temporary DPO. This role may also be an outsourced role, in those cases, we can support a DPO on contractual arrangements that cover according to compliance rules and regulations.

Get in touch


Twitter