cybersecurity

Advisory & Compliance

We advise our clients on their security strategy and even take the role of the virtual CISO

Virtual CISO

ISO27001 - Compliance

ADVISORY AND COMPLIANCE

Virtual/Fractional CISO

We provide and outsourced information security officer service covering both the strategic and operational role of cybersecurity.

Advisory / Visco

Virtual CISO offering is based on the NIST CyberSecurity Framework

Identify

Develop an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities.

Protect

Develop and implement appropriate safeguards to ensure delivery of critical services.

Detect

Develop and implement appropriate activities to identify the occurrence of a cybersecurity event.

Respond

Develop and implement appropriate activities to take action regarding a detected cybersecurity incident.

Recover

Develop and implement appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity incident.

Advisory / Visco

The Virtual CISO responsibility covers the aspects of information security

Risk Management

Identification of Information Security risks and the development of controls and processes in order to migrate those risks.

Business Continuity

Development and continuous testing of disaster recovery and business continuity plan.

Monitoring & Enforcement

Continuous online monitoring of information systems, detection and threats and enforcement of cybersecurity.

Vulnerability Management

Continuous testing and identification of potential vulnerabilities with recommendations of mitigating them.

Compliance

Knowing the standards and verifying compliance of security practices and technologies with the required standards.

xAdvisory & Compliance / ISO 27001

ISO 27001 Advisory & Preparation

We provide advisory services to help organisations achieve the ISO27001 certifications with a proven track records of clients succeeding the audit.

  • Certified Information Management System/Lead Auditor;
  • Generating ISMS policies, processes and procedures;
  • Identify the ISMS risks, controls and SOA registers;
  • Develop the IT, business continuity, change management, supplier management manuals;
  • Coaching & conducting the internal audit;
  • Strategic ISMS goal setting and management review.
ISO 27001 Compliance

Certification Process

Once the key stakeholders are identified and the project gets executive sponsorship, these are the steps to success.

1
2
3
4
5
6

Gap Analysis

Access the existing infrastructure and the operations against the requirements of the standards to identify gaps.

Documentation Initiation

Develop or update all the policies and procedure required by the standard.

Awareness Training

Train the stakeholders, the champions and the users on the adoption of the new methodology and standard.

Implementation

Implement the changes in terms of processes, tools and controls identified in the previous phase.

Gap Internal Audit & Management Review

Conduct the internal audits and ensure that the reports issued meet the requirements of the standards.

Certification

Assist the customer in passing the final certification process with the standard auditors.
Contact us

What can EXEO do for your business?

We believe that digitisation is not an end by itself, by a mean to get to a more productive and efficient business operation that supports every organisation’s objectives.

Reach out

Re-Architect

This methodology requires the most effort to implement but it results in the most optimised recurring cost and will provide the best scalability for apps. This involves re-adapting the code of applications and the heavy use of SAAS solutions in order to replace existing hosted applications.

Re-Platform

This method utilizes the power of  PAAS services, like transferring a database to an as-a-service model,  the use of containers for some apps or the use of network/security functions as a service. Greater scalability and lower cost of operation is achieved.

Re-Host (Lift & Shift)

the migration of workloads from  to the cloud without changing the architecture. Machines get to keep their  OS and apps. This is the quickest and easy way to migrate, but since its  utilising IAAS, its is also the most expensive on the long term.