Managed Cyber Security Services
Multi-layered security is no longer an option for businesses in Boston in 2021, we need to be agile and ready for the worst. – Peter Casserly
Your businesses deserve enterprise-level protection
Utilizing cloud services offer significant benefits to small and medium-sized businesses, but with it comes many pitfalls and security risks. Ransomware, malicious internal users, Denial of Service attacks, just to name a few. Layering protection from the endpoint to your IT infrastructure is becoming more important every day. We can help you get this done.
Understanding the business context, the resources that support critical functions, and the related cybersecurity risks enables an organization to focus and prioritize its efforts, consistent with its risk management strategy and business needs.
Examples of outcomes:
- Identifying physical and software assets within the organization to establish the basis of an Asset Management program
- Identifying the Business Environment the organization supports including the organization’s role in the supply chain, and the organizations place in the critical infrastructure sector
- Identifying asset vulnerabilities, threats to internal and external organizational resources, and risk response activities as a basis for the organization Risk Assessment
Developing and implementing the appropriate safeguards to ensure delivery of critical infrastructure services.
Examples of outcome:
- Empowering staff within the organization through Awareness and Training including role based and privileged user training
- Establishing Data Security protection consistent with the organization’s risk strategy to protect the confidentiality, integrity, and availability of information
- Protecting organizational resources through Maintenance, including remote maintenance, activities
Developing and implementing the appropriate activities to identify the occurrence of a cybersecurity event. This function, eEnables timely discovery of cybersecurity events.
Examples of outcome:
- Ensuring Anomalies and Events are detected, and their potential impact is understood
- Implementing Security Continuous Monitoring capabilities to monitor cybersecurity events and verify the effectiveness of protective measures including network and physical activities
- Maintaining Detection Processes to provide awareness of anomalous events
Developing and implementing the appropriate activities to take action regarding a detected cybersecurity event. ItThe Respond Function supports the ability to contain the impact of a potential cybersecurity incident.
Examples of outcome:
- Ensuring Response Planning process are executed during and after an incident
- Managing Communications during and after an event with stakeholders, law enforcement, external stakeholders as appropriate
- Mitigation activities are performed to prevent expansion of an event and to resolve the incident
Developing and implementing the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event. It supports timely recovery to normal operations to reduce the impact from a cybersecurity incident.
Examples of outcome:
- Ensuring the organization implements Recovery Planning processes and procedures to restore systems and/or assets affected by cybersecurity incidents
- Implementing Improvements based on lessons learned and reviews of existing strategies
- Internal and external Communications are coordinated during and following the recovery from a cybersecurity incident
Frequently Asked Questions about Cyber Security Services
What’s the turnaround time?
Most Security Assessments and Analysis Reports can be provided and ready for your review in as little as 1-2 weeks.
What makes Casserly Consulting better qualified than most?
The Casserly Assessment Team has many years experience performing security assessments + industry leading certifications (Assessments performed by personnel with one or more of the following certifications: CompTIA Advanced Security Practitioner, Certified Cloud Security Professional, Security+, Network+, Systems Security Certified Professional, EC Council Certified Incident Handler, EC Council Certified Encryption Specialist, Web Security Associate.
What are the output/deliverables?
The assessment concludes with an interactive executive briefing with prioritized findings and guidance for security maturity. After the briefing, the written summary and any supporting documentation will be delivered in-person or online by Casserly Consulting's team.
What is required to perform this analysis?
- Administrative access to a Microsoft Active Directory domain environment.
- 30-60 min. of a business leader’s time for contextual interviews.
Why do I need an assessment first?
Liabilities and risks vary from business to business, and the Cyber Security Assessment serves as a compass, giving meaningful direction for security efforts. You can buy security add-ons/services/monitoring with or without an assessment, honestly, but if you are to meaningfully improve your security posture/maturity — and do it in a prioritized, cost-effective manner —, SOMEONE is going to have to take a holistic look at what your business is trying to accomplish and what’s being done (or NOT DONE) to secure you against the risks particularly relevant to your business model.
Doesn’t my IT provider already cover me?
Let’s look to enterprises as our guide: In enterprise business, there’s a NOC (network operations center) and a SOC (security operations center). They’re staffed by different people and have different, but synergistic objectives. An MSP is like the NOC, who keeps things running, assists users, and maintains configurations. An MSP may perform a few SOC tasks, but that’s not their primary role. There is typically very little overlap in tasks and duties. There is a new term for MSPs that deliver security services: MSSP (managed security service provider). These entities may or may not overlap with traditional MSPs.
Is the pricing fixed?
Assessments cost will vary depending on size and complexity of the business environment. Book a consultation to scope your assessment and receive an accurate quote fixed fee quote specifically for your environment.
What Cities Do You Work In?
We are located in Billerica, MA and perform security assessments to the entire greater Boston area.