SERVICE OVERVIEW

CSOC: The Cybersecurity Operations Centre provides full 24/7 support for the operational management of incidents and issues as well as root cause analyses and remediation.

CASB: Cloud Access Security Broker: The CASB module offers leading edge technology in the access and management of cloud applications whether they be sanctioned or unsanctioned. This delivers solutions for Data Loss Prevention capabilities to protect an organisation’s data.

WAF: The Web Application Firewall delivers a single proxy approach for an organisation introducing full protection, including DDOS attacks as well as load balancing and browser protection.

GRC: The Governance Risk & Compliance module delivers all policy and compliance aligned to international standards and regulations as well as the delivery of Management reports.

Advanced End Point Security: Offering advanced protection against all forms of threat to Servers and End User devices including the capability to hunt threats and remotely quarantine suspect apps or devices.

Cybersecurity Awareness: As part of the overall capability, CP also delivers a number of awareness campaigns to support and educate the organisations against threats that are directed at the User community

IDAM: ID & Access Management that includes multifactor authentication as well as intelligent based authentication on all end user and mobile devices

GOVERNANCE, RISK & COMPLIANCE

Our GRC experts help your organization to ensure alignment and compliance with international Security and Industry standard regulations.

Our experts provide guidance and support to ensure compliance with international standards and regulations, identify areas of non-compliance and exposure to address Cybersecurity risks, as well as implementing capabilities and process improvements as part of service improvement sprints to mitigate risks identified.

This work is crucial in supporting an organization to identify and address a multitude of unknown Cybersecurity related risks and exposure.  As threats to an organisation are becoming overwhelmingly complex and continually evolving to mitigation methods.

Our GRC experts have delivered risk and compliance improvement programmes for a large number of Blue Chip organizations within all industry sectors spanning the globe delivering improvements across Enterprise GRC and not limited to Cybersecurity, this experience makes our professional services team uniquely positioned to assist organizations at all levels of maturity to gain compliance and deliver assurance.

COMMAND POST consultants also deliver GRC capabilities through the COMMAND POST platform or in delivery of the  GRC solution, alternatively using the skills and experience delivering any GRC solution on the market, depending on the organisations approach, this experience enables COMMAND POST to expedite the delivery of compliance and assurance programmes in an agile fashion to achieve the business needs relating to International and Industry regulations and standards.

Risk Assessment

The COMMAND POST had developed an adaptive approach to support an organization to mitigate risk through assessments, utilizing the COMMAND POST platform COMMAND POST consultants can complete a detailed assessment of organisations risk exposure including mitigating actions based on the organization’s regulatory requirements utilizing the full integrated Risk Assessment solution delivered as part the COMMAND POST Platform.

Further to the integrated risk assessment, COMMAND POST have in-depth experience and a predefined approach to support an organization in a top down or bottom up risk assessment that aligns to all relevant Cybersecurity related International and Industry standards.

The agile approach to service improvement means that risks are managed as identified and cost based assessments and mitigation actions and controls can be managed within the GRC module within the COMMAND POST platform or through the organizations proprietary GRC solution.

Compliance

Compliance is not a paperwork exercise for any organisation and COMMAND POST recognise this and the work involved in achieving compliance, understanding these challenges COMMAND POST are able to leverage our Cybersecurity experience to identify an organisation’s cyber threat weaknesses, and implement Service Improvement strategies through sprint cycles to mitigation non-compliance and deliver real impacting improvement cyber defence at the business level.

Utilising their previous experience developing global standards and international industry regulations, our compliance experts understand the organizational change and the impact to manage across the business domains allowing for an efficient and effective improvement delivery.

Our compliance consultants comprise of experts from within Cybersecurity and Industry specific that includes Military, Government (including Intelligence), Manufacturing, Logistics, Financial and Banking, Oil & Gas, Pharmaceutical, Telco and Aviation & Transport giving us a deep understanding of Compliance and how risk mitigations will work within each industry and sector.

COMMAND POST provide support for both public and private sector entities with the challenges faced within compliance, relating to standards such as EUGDPR, PCI (Payment Card Industry) Data Security Standards, ISO 27001 and 27002, NIST (National Institute of Standards and Technology), POPI (Protection of Personal Information Act Africa), IEC (International Electro technical Commission) 62443 and the ISACA COBIT framework.

Managed Services

In addition to the COMMAND POST Integrated Platform, we offer a range of specialized Cybersecurity managed services to compliment an organizations existing capabilities enabling a fast-track approach to implement and manage Cybersecurity BAU activities which include:

  • End to End Cybersecurity
  • Data Classification and Data Loss Prevention
  • ID & Access Management including MFA & PAM
  • Advanced End Point Protection including EDR
  • Governance, Risk & Compliance
  • Command Post SOC
  • Cloud Security Access Broker Management
  • Awareness & Training

End to End Cybersecurity

Understanding the challenges and costs of running Cybersecurity within an organisation, COMMAND POST have developed a predefined approach in delivering a fully managed service that enables an organisation to concentrate on running the business services and allow COMMAND POST to manage the Cyber services to deliver assurance and confidence that the organisation is safe and protected by experienced professionals, fully scalable the COMMAND POST managed services can deliver rapid support without the internal overhead of hiring and managing resource.

This service delivers the full range of Cybersecurity services and fully integrates with the organizations Service Management service to deliver a cohesive support model which is completely seamless to the business departments.

Data Classification and Data Loss Prevention

Most organisations struggle to identify how to introduce data classification and how to deliver effective DLP, given the expanse and depth in which our organisations are dependent on data COMMAND POST adopt a pragmatic approach to Data Management and utilising the COMMAND POST Data Classification tool we can easily classify existing data that resides within the organisations key databases and introduce piecemeal approach to DLP so DLP can be effectively introduced without over complex processes and labour intensive activities, COMMAND POST assists an organisation to identify the “Crown Jewels” and then delivers tried and tested processes to control the management and access of the identify data.

Our platform uses cloud-ready data tokenisation, encryption, masking, access controls, and monitoring from the application to the file system levels, and support a wide variety of platforms and applications.

This managed services approach removes the headache from the organisation and is delivered in line with the business services to enable a successful delivery with little or no operational business impact.

ID & Access Management including MFA & PAM

In today’s world access control and passwords are used in generally all tasks we complete, this now has introduced a rising threat to an organisation through exploitation of personal accounts which can then compromise business accounts, conscious to these risks and the complexities of the IDAM processes COMMAND POST offer an end to end IDAM managed service which integrates seamlessly to an organisations existing access management and can deliver full account provisioning, intelligent multifactor authentication and the management of privileged access for key business privileged users or end points to an organisation removing the overhead and resource intensive activities relating to access management and control.

Advanced End Point Protection & EDR

The protection of end points within an organisation is a crucial activity but in the recent years it has come to understanding that basic virus protection is not enough, end points are compromised in a multitude of elaborate and technically complex ways which can expose an organisation at the highest level, COMMAND POST comprehend these risks and have developed an approach to protect an organisation at all levels, assisting in firstly identifying the high-risk end points and then delivering Advanced End point protection capabilities that are fully managed and monitored real time.

This continuous management ensures any attempt to compromise an end point with malicious code is stopped before the code is executed and the machine can be remotely quarantined, additionally to the prevention, COMMAND POST can complete the full Endpoint Detection and Response to enable our analysts to hunt the threat within the estate and prevent any further infection.

All these services right the way from the agent deployment to ongoing monitoring and management run in the background to an organization business operations and run completely concealed to the end users.

Governance, Risk & Compliance

Governance and Compliance can be one of the most challenging areas within Cybersecurity, our managed Governance, Risk and Compliance service includes a complete end to end Cybersecurity risk assessments, Audit, Risk and Compliance monitoring and management.

This service delivers operational policies and processes as well as the organizational change to adopt these new ways of working with continuous assessment to ensure compliance is maintained and support prior to, during and post external audits.

Our GRC managed service team work alongside business units during the engagement to ensure assurance is managed and compliance maintained as an integral part of the organization.

CP Security Operations Centre

The COMMAND POST Security Operations Centre is a remote managed service that works on the COMMAND POST platform, fully integrated with the existing monitoring capabilities and well as the COMMAND POST Cyber capabilities, the COMMAND POST SOC is able to provide a full 24/7 threat detection and management.

Using the fully integrated suite of capabilities within the COMMAND POST platform our Security Operations Centre is able to identify suspicious activity, monitor for attacks, anomalies, malicious activities or threats to your data, systems, and operation.

 We will work with the existing service management and support teams to manage the incident and ensure remediation actions are complete throughout the incident lifecycle and complete a full post-incident review of any serious breach.

The defining characteristics of our COMMAND POST SOC solution include:

  • Remote monitoring, remediation, and resolution

  • Advanced correlation analysis

  • Monitoring of security technologies

  • Governance, risk and compliance monitoring

  • Continuous vulnerability management

  • Advanced cyber network defense services

  • Deployment and Provisioning of Access Controls

Cloud Security Access Broker Management

Whilst the use of cloud solutions may be limited in some organisations COMMAND POST has found with experience that most companies are not actually aware of the sanctioned or unsanctioned cloud applications in use, this lack of knowledge is a huge risk profile for the organisation, especially in areas of regulatory compliance such as EUGDPR.

COMMAND POST have created a customer journey in delivering the COMMAND POST CASB solution within the platform and then supporting the organisation in the adoption of the capability, on-boarding applications and managing the organisational change around the introduction of Shadow IT function and access control within the cloud applications.

Awareness & Training

One of the biggest threats to an organisation is the workforce that delivers the business services, lack of awareness or understanding combined with the sophisticated phishing techniques of hackers introduces huge risks to an organisation, its data or its credibility.

The use of Malware, exploits and ransomware has increased at an alarming rate and no matter how effective Cybersecurity capabilities are, exposure still exists through the internal workforce.

COMMAND POST recognise these threats and understands the work involved to raise the awareness of the organisation and introduce assessments and training to achieve this, COMMAND POST can also deliver independent simulated phishing campaigns to test the improved awareness of staff and identify areas of improvement, this spans across all areas that could be related to opening suspicious mails to sharing restricted data or social media use.