At Jumping Bean we provide a comprehensive suite of cybersecurity services to organisations requiring assistance with their security posture. Our list of services includes:

• Virtual CISO
• Managed Security Service Provider
• Cyber Security Risk Assurance & Advisory service
  • Cybersecurity strategy,
  • Policy audit review,
  • Policy compliance audit,
  • Policy effectiveness/risk identification audit:
    • Vulnerability Assessment
    • Penetration Testing
  • Cyber Security Training for end-user and security team
• Cyber Security Incident Response
• Cyber Security Digital Forensics

Manage Information System Risk

Since the late 80 and 90's the critical importance of information systems to a company's competitive advantage and going-concern status has been widely recognised. What has changed is the interconnections between organisations and the global reach of systems.  From suppliers and business partners to service providers, and customers there is a multitude of connections into and out of organisations.

Together with the explosion of data, and the seemingly ever-accelerating pace of technological change, there has been a qualitative shift in information system risks.  Cybersecurity and cyber resilience are now a primary business focus.

The list of global corporations that have suffered a cybersecurity breach as a result of their failure to implement a robust security strategy has alarmed governments and the public across the globe to the extent that a legislative approach to security is being adopted to protect customers and national security.

 

Unfortunately, many boards have not yet recognised the risk implications of these changes and are failing to invest what is necessary for cyber resilience and defence. Analogous to the history of motor vehicle safety, as their use of them became more widespread, so did the need for safety and security features; often imposed by customer demand or government regulation.

With the right approach to cybersecurity companies can gain a competitive advantage over competitors, with increased customer trust in their protection of customer private data, and by ensuring that a single incident does not lead to corporate failure.

Cyber Security Training

We provide a range of courses covering cybersecurity governance, risk management, and technical training.

• ISO27001/27002 - Information Security Management Systems & Controls
• CISSP - Certified Information System Professional
• CISA - Certified Information System Auditor
• CISM - Certified Information Security Manager

Cyber risk is both a business priority and a technical challenge. With the recognition that cyber risk cannot be completely eliminated the question becomes, "has one allocated human and technical resources and capital, in the most effective manner possible? Are you addressing the highest priority risks first?

Understanding how effective the controls that have been put in place to address the identified risks are, becomes crucial. At a higher level, what are the best practices, and how well do established procedures stand up to the changing landscape such as cloud computing?

We offer a range of assurance and advisory services that can address these concerns. Our services include:

• Cybersecurity strategy development
  • Assistance with the establishment of the information security function,
  • Review of strategy and future-proofing
• Policy audit review,
• Vulnerability scans
• Penetration testing
• Security training
  • End-user training
  • Technical security team training
  • Board awareness sessions on privacy, security etc

In addition to our audit and advisory services, we also offer consulting for security response and secure software development. We assist companies to embed security into an organisations software development life-cycle process and provide training to developers on how to write secure code. We also assist with incident response and digital forensics.

We offer incident response support in the case of a security breach. With our understanding of threat actors, their tactics, tools, and procedures, we are able to identify affected systems, isolate them, pinpoint the entry point of the attack,  data that may have been compromised, and then remediate the weaknesses identified and restore systems to operation.

In today's context, it is merely a matter of time when a breach will occur. The imperative is to quickly identify any intrusion, minimise any data loss and repel the attack. To assist with the identification of ongoing attacks and any breach that may occur a robust monitoring and response procedure should be implemented as part of the organisation's cybersecurity architecture.  Our experts can assist with the setup and development of intrusion detection, security monitoring, and incident response plans.

We also provide digital forensic services in the case of administrative investigations. Recovery of data from damaged or wiped drives, deleted files, the examination of hidden operating systems, and interrogation of logs, registry entries, and meta information to recover evidence in an internal investigation or just to recover important lost data are part of our service offering.

 

Using forensic tools we can reconstruct the timeline of events from file timestamps and provide you with a report for use in your internal investigations.