are you cyber prepared? · preparedness enrich business protection enable cyber agility and...
TRANSCRIPT
Are You Cyber Prepared?
When I joined Littlefish just over 2 years ago, I was genuinely thrilled at the chance to work with such a customer centric business that could see the Cyber Security market was challenged and challenging. For over a year, Littlefish had been approached by many valued customers asking for assistance with their Cyber strategy and business protection needs – a desire to be more Cyber prepared.
Since then, Littlefish’s Journey into Cyber Security has gathered significant momentum. Our portfolio of Cyber services is comprehensive and supported by market leading Global product partners and enhanced further with authentic partnerships that deliver those Cyber elements that Littlefish choose not to specialise in.
Being Cyber Prepared is very much a board table discussion, yet security within many organisations is still a relatively immature discipline. Security unfortunately tends to be a downstream issue, which causes lots of cost, impact and business disruption after a Cyber incident has taken place, instead of being truly at the forefront of an organisations attention, proactively approached and causing little to no disruption as a result of modest investments upstream.
Unfortunately, because of the way the Cyber market and its purveyors have behaved, there is a misconception that the answer to Cyber Security is throwing big money at complex and expensive security point products or solutions. Whilst for all organisations, products and solutions have their place they are not a silver bullet to safeguarding your organisations assets. When you look at the big breaches retrospectively, of which there are more and more to review, many of them are due to very basic security failures around patching, asset management or employees simply mistakenly responding to fake emails.
Ultimately the safety and security of an organisation, its people and its assets are the responsibility of the CEO. It is therefore important to remember that from a
Business Process perspective, Cyber Security is about “Risk Mitigation Management”. How, as a Board, as a business and as an IT department, do you identify and understand your risks, and then work strategically to prioritise the mitigation thereof. Understanding the risk, means understanding the impact of failing to mitigate those risks, concepts that are critical to the survivability and viability of all businesses.
We have within, compiled a comprehensive yet simple overview of how Littlefish Cyber Security services, as part of our wider Managed Services offering, can really help you to enhance your Cyber Preparedness and help you drive maturity into your Cyber Security purpose and risk mitigation strategy.
I have purposely left COVID-19 until my summary as Littlefish are not an opportunist business, but clearly, this global event has created misery and misfortune for the majority. However, Cyber criminals have taken it wholeheartedly as an opportunity to further compound this very challenging time. Whether you’re up to date with the latest commentary from the National Cyber Security Centre (NCSC) in the UK, the National Security Agency (NSA) in the USA or any of the leading Cyber Security influencers, Cyber incidents and criminal activity is unfortunately on the rise dramatically.
Like you may be, customers who have engaged us, are underwhelmed by the vast majority of companies and feared selecting one of the many starts up’s or scale up’s as many Cyber Security businesses are loss making. As a result, many entered, or were at risk of entering, administration, or closed their doors after a relatively short period of operation. And as you can imagine, the current climate is going to enforce more of the same, and our market intelligence tells us more Cyber organisations will unfortunately fail.
Cyber Security was important before, it still is important now and if you believe now is the time to discuss it in more detail, we would love to hear from you and help.
Wishing you, your colleagues and all your family and friends a happy and healthy summer. Keep well.
Katy Hinchcliffe Head of Cyber Security, Littlefish
Being Cyber Prepared is very much a board table discussion, yet security within many organisations is still a relatively immature discipline.
Cyber incidents and criminal activity is unfortunately on the rise dramatically.
”
”
“
“
1
Protect Your Business And Enable Your Users Let Littlefish Ensure You’re Cyber Prepared
Littlefish has extensive experience in providing a professional, practical and proven approach to cyber risk mitigation management. Our experts can advise on how best to proactively protect your technology, data, assets and your people, through carefully selected Cyber Security solutions tailored for your business need and budget. By making Littlefish your cyber partner of choice, we will help you to:
Enhance CyberPreparedness
Enrich BusinessProtection
Enable Cyber Agilityand Velocity
Extinguish Business Risk
Eliminate ExpensiveInvestment
£
Our Cyber Security services are designed to contribute to the safeguarding of your business critical, digital assets in a rapidly responsive yet comprehensive and cost effective manner. With the ultimate aim of ensuring your organisation is cyber prepared, Littlefish will work with you to co-create a Cyber Security strategy that meets your business need, fits within your business budget and prioritises the remediation of any gaps identified, starting chronologically with the mutually agreed highest risk. Our approach is to tailor our services from assessment through to remediation and assist organisations in improving their Cyber Security maturity. In addition we always focus on delivering exceptional user experience and customer service excellence.
Littlefish Cyber Service Outcomes
Cyber SecurityOperations Centre
Critical Hour Framework
User Education and Awareness
Vulnerability Management
Chief Information Security Officer as a Service
Cyber Security Assessment Services
High Low
Low
High
Business Risk
Cybe
r Mat
urity
Do Nothing Ad-Hoc Reactive Proactive Predictive
Cyber Security Maturity Model
2
Cyber Security Assessment
Identify your vulnerabilities and gaps for prioritised remediation
User Education and Awareness
Educate your people and
protect your business
Chief InformationSecurity Officer
as a Service
Flexibly and cost effectively organiseand prioritise your
cyber strategy and investments
Cyber Security Operations Centre
Implement your ‘beating heart’ of Cyber Security to monitor threats and reduce risk
VulnerabilityManagement
Ensure the day to day mundane tasks, don’t
become your cyber weak spot
Critical HourFramework
Plan to respond to, and recover from,
cyber attacks
Are You Cyber Prepared?
Q
Unsure where your security risks are?
Unsure how best to address security
within your organisation?
Q
Do you lack visibility of the vulnerabilities across your IT infrastructure?
Is your IT estate patched sufficiently to
prevent exploits from impacting your business?
Q
Have you suffered a business
impacting breach that could have been detected
sooner?
Struggling to justify the investment of an in house SIEM
tool and team?
Q
Do you require expert security
advice and guidance?
Can’t justify an FTE CISO but need
expert help?
Q
Are you 100% certain your able
to contain a threat within desired
timescales?
Would a prescriptive plan of action for a cyber
incident be of value?
Q
Do you want to avoid phishing
email compromises causing untold
business impact?
Are you making employee cyber
awareness a priority as a very
low cost, high risk mitigation
solution?
Cyber Security Services
Organisation
Enhanced UserExperience
Enrich WorkforceProductivity
EffectCost-efficiency
Gains
EngenderEmployee
Health andWell-being
Enable Agilityand Innovation
Cyber SecurityAssessment
User Education and Awareness
VulnerabilityManagement
Critical HourFramework
Cyber
Pre p are d n ess
Chief InformationSecurity Officer
as a ServiceCyber Security Operations CentreAv
aila
ble
Happy
Secure
Productive
3
Cyber Security Investment
Cyber SecurityAssessment
BusinessRisk Mitigation
CyberInvestment
WhatComprehensive assessment against cyber security standards, evaluating existing security controls versus best practise benchmarks and identifying weaknesses, gaps and remediation recommendations to reduce risk.
WhyCyber security has never been more important. Understanding your "as-is" position is critical to ensuring organisational cyber preparedness to maximise business protection.
HowPeople, process, policy and technical review within your organisation. Assess and benchmark against best practise and report accordingly our recommendations for prioritised risk management.
Critical HourFramework
BusinessRisk Mitigation
CyberInvestment
Creating a robust framework of well-defined and rehearsed operational, financial and reputational impact of a successful cyber attack.
The best defence is to prepare for the worst. Prepare for an inevitable, successful cyber attack and know what, when and how to do what it takes to protect and recover your organisation.
We will assess your existing defences and control measures and build a framework of processes for utilisation in the critical hour following a cyber breach.
VulnerabilityManagement
BusinessRisk Mitigation
CyberInvestment
Market leading scanning of your IT infrastructure to proactively identify, expertly analyse and rapidly execute remedial action and recommendation to mitigate vulnerabilities found.
IT is a very busy department, with most business operations requiring IT engagement. BAU tasks can be overlooked in favour of more exciting work, leaving you open to exploit through known vulnerabilities.
We will deploy tenable's market leading scanning technology, have our experts comprehensively analyse the data and make detailed remedial action recommendations.
User Education and Awareness
BusinessRisk Mitigation
CyberInvestment
Monthly security enrichment programmes to educate, equip and remind employees of phishing email dangers. Identifying user weaknesses will drive informed education programmes, reducing risk.
Users are central to the majority of successful cyber attacks as employees either knowingly or inadvertently compromise your security. Improving their knowledge of targeted attacks reduces your risk considerably.
By simulating threats, delivering educational awareness material and management reporting, we identify beneficiaries of focused and targeted learning to reduce business risk and disruption.
Cyber Security OperationsCentre
Industry leading toolsets and vastly experienced analysts proactively assemble cross-industry threats and effective response intelligence, to rapidly triage incidents to prevent and respond to cyber attacks in real-time.
Your cyber attack surface measures technological points of entry into your organisation suitable for cyber attack initiation. All potential points need continuously monitoring and assessment in real time for true, holistic cyber defence.
Through a state of the art SIEM platform and leading edge cyber tools, our vastly experienced, UK based, cyber experts follow a comprehensive protocol, 24x7x365 to defend your organisation against prevailing and future threats. Cyber
InvestmentBusiness
Risk Mitigation
Chief InformationSecurity Officeras a Service
Experienced cyber security leadership, driving cyber strategy and risk mitigation management. Complementing your senior team, our CISO will provide unbiased expert advice and guidance.
Effective cyber defence requires contemporary security knowledge, clear understanding of threat landscapes and best practise remediation measures. CISOaaS removes the recruitment, retention and expense challenges of an FTE.
Operating from board level, our CISO will intimately understand your organisational needs and identify, through appropriate assessment, areas of weakness to prioritise your short and long term strategy.
BusinessRisk Mitigation
CyberInvestment
4
Our Cyber Security Partners
By Working With Littlefish You Will Be Able To:
0344 848 4440 [email protected] www.littlefish.co.uk
Identify and understand your
cyber risks
Deploy marketleading tools and expertise
Enhance operational BAU (yet business
critical) tasks
Protect your assets and data
24/7/365
Deliver real-time threat intelligence
Respond rapidly to cyber attacks
24/7365
to tailor a serviceto organise andprioritise your
cyber Investment.
for enterprise level protection, but at a fraction
of the cost.
to avoid the obvious yet
frequent cyber errors.
to reduce incidents and
minimise businessdisruption.
to always be current and
never behind.
providing your business with containment, remediation and
recovery excellence.
5