At Jumping Bean we provide a comprehensive suite of cyber security services to organisations requiring assistance  with their security posture. Our list of services includes:

• Cyber Security Risk Assurance & Advisory service
  • Cyber security strategy,
  • Policy audit review,
  • Policy compliance audit,
  • Policy effectiveness/risk identification audit:
    • Vulnerability Assessment
    • Penetration Testing
  • Cyber Security Training for end-user and security team
• Cyber Security Incident Response
• Cyber Security Digital Forensics

Manage Information System Risk

Since the late 80 and 90's the critical importance of information systems to a companies'competitive advantage and  going-concern status has been widely recognised. What has changed in the interim is the interconnections between organisations, from suppliers, partners, service providers and customers and the global reach of these connections.

Together with the explosion of data, and the seemingly ever accelerating pace of technological change, there has been a qualitative shift in information system risks.  Cyber security and cyber resilience is now a primary business focus.

The list of global corporations that have suffered a cyber security breach as a result of their failure to implement a robust security strategy has alarmed governments and the public across the globe to the extent that a legislative approach to security is being adopted to protect customers and national security.

 

Unfortunately many boards have not yet recognised the risk implications of these changes and are failing to invest what is necessary in cyber resilience and defence. Analogous to the history of motor vehicle safety, as the use of them become more wide spread, so did the need for safety and security features; often imposed by customer demand or government regulation.

With the right approach to cyber security companies can gain a competitive advantage over competitors, with increased customer trust in their protection of customer private data, and by ensuring that a single incident does not lead to corporate failure.

Cyber risk is both a business priority and a technical challenge. With the recognition that cyber risk cannot be completely eliminated the question becomes, "has one allocated human and technical resources and capital, in the most effective manner possible? Are you addressing the highest priority risk first?"

Understanding how effective the controls that have been put in place to address the identified risks are, becomes crucial. At a higher level what are the best practices and how well do established procedures stand up to the changing landscape such as cloud computing?

We offer a range of of assurance and advisory services that can address these concerns. Our services include:

• Cyber security strategy development
  • Assistance with the establishment of the information security function,
  • Review of strategy and future proofing
• Policy audit review,
• Vulnerability scans
• Penetration testing
• Security training
  • End-user training
  • Technical security team training
  • Board awareness sessions on privacy, security etc

In addition to our audit and advisory services we also offer consulting  for security response and secure software development. We assist companies to embed security into an organisations software development lifer-cycle process and provide training to developers on how to write secure code. We also assist with incident response and digital forensics.

We offer incident response support in the case of a security breach. With our understanding of threat actors, their tactics, tools and procedures, we are able to identify affected systems, isolate them, pin point the entry point of the attack,  data that may have been compromised, and then remediate the weaknesses identified and restore systems to operation.

In today's context, it is merely a matter of time when a breach will occur. The imperative is to quickly identify any intrusion, minimise any data loss and repel the attack. To assist with identification of ongoing attacks and any breach that may occur a robust monitoring and response procedure should be implemented as part of the organisations cyber security architecture.  Our experts can assist with the set up and development of intrusion detection, security monitoring and incident response plans.

We also provide digital forensic services in the case of administrative investigations. Recovery of data from damaged or wiped drives, deleted files, examination of hidden operating system, and interrogation of logs, registry entries and meta information to recover evidence in an internal investigation or just to recover important lost data are part of our service offering.

 

Using forensic tools we can reconstruct timeline of events from file timestamps and provide you with a report for use in your internal investigations.