We can help you from Cyber Essentials and GDPR through to ISO27001, data security testing, audit preparation and information architecture, policy writing and implementing. We also offer vCISO services that fits around your business need.
The world is becoming ever digital and as it does we find ourselves having to cope with an increasing number of potentially open doors. Imagine your home with a single door, no windows and a cellar. Placing your valuables in a safe located in a locked cellar belonging to a house with a single door that has a lock and a chain, is pretty strong security. However, add a back door, 8 windows and a loft hatch and suddenly the convenience of natural light and quick access to the back garden has opened up multiple vulnerabilities and your valuables aren't so safe any more!
We recommend the first step being the implemations of Cyber Essentials so talk to us and see how can help.
As a baseline, all businesses should aim to comply with Cyber Essentials, the Government established Cyber Security standard. It is surprisingly easy to obtain and maintain with guidance, direction and regular review.
Businesses that take payment via card should also be PCI DSS compliant, ensure all inventory and services involved are scoped correctly, scanned and backed up with policies and procedures that are reviewed on a regular basis.
Sophistec consultants are Certified Information Systems Auditors accredited by ISACA (Information Systems Audit & Control Association).
Structure and framework are at the core of every secure, stable and scalable system. Information Security is no different with Regulations, Acts and Standards needing to be interpreted then crafted into Policy, Procedures, Guidelines and Handbooks so that staff, suppliers and contractors meet your compliance needs.
Sophistec can craft these documents, undertake assessments and recommend controls that help you maintain control and retain your compliance standard across the entire organisation.
In order for information to become effective it needs to be controlled. Information overload is dangerous and can cause confusion, especially when it needs to be regularly reviewed updated and reissued.
Sophistec can undertake an information stream analysis as it flows through the entire organisation, identify business critical information and present it inside of a controlled environment. Having brand publishing guidelines are obvious if you want to ensure consistency across all media, but most businesses miss the fact that this level of control is also important when publishing and sharing information.