Goods and Services | Cyber Capital Partners Limited, established in March 2016, provide cybersecurity technology and compliance advisory services to various industry sectors, in particular, the banking and energy sectors. Cyber Capital Partners is a strategic consulting and advisory firm in cyber and data intelligence solutions. CCP advises organizations of all sizes in the cost-effective re-engineering of their processes to achieve maximum business performance and productivity while mitigating strategic, financial, operational, regulatory compliance, reputational and cyber risks. These goals are achieved through the application of proprietary tools and cutting-edge technologies using our expertise in artificial intelligence, automation, virtualization and digitalization, holistic cyber security and transformation programmes. CCP has three main business lines: 1. Consulting and advisory services in cyber security and compliance 2. VAR / Value Added Reselling of cybersecurity and related technology solutions together with the corresponding integration, training, and advisory 3. Resourcing: positioning hands-on resources and expertise to meet customersââ,-â, ¢ needs and requirements as well as training an existing IT workforce in upgrading their cybersecurity skills. CCP aims at implementing holistic cyber security solutions to reduce the likelihood of a breach and impact in case of a breach while reducing costs and bringing financial and operational benefits by reducing operational risks, internal and external risk and complying with the latest regulatory requirements in data protection and compliance. CCP consulting methodology follows a top-down approach, from strategic cyber risk assessment, gap analysis down to the implementation and integration of carefully chosen cyber-security and related solutions and the definition of a well-structured information security policy. CCP Methodology: 1. Risk Appetite: Assess cyber risk appetite and how it relates to the governance, risk and compliance framework 2. Risk Assessment: Perform a risk assessment, gap analysis and quantify cyber risk 3. Mapping and Testing: Mapping and testing of security controls, encompassing third-party relationships 4. Information Security Policy: Structure an information security policy and develop contingency and incident-response plans NIST framework: National Institute of Standard and Technology The NIST guide is designed to assist companies in running a risk assessment, which is always the first step towards understanding vulnerabilities. The basic principles of the Cybersecurity Framework are as applicable to small businesses as they are to large organizations. 1. Identify: a. Cyber risk assessment, Gap analysis, and Technical Security evaluation b. Asset management, Business Environment, Governance and Risk Management Strategy 2. Protect: a. Security review and scoring of third parties b. Security controls reviews, analysis of patches c. Access control, awareness training, data security, information protection processes, and procedures, protective technology 3. Detect: a. Application security testing, vulnerability scanning, and monitoring, penetration testing b. Anomalies and events, security continuous monitoring, detection processes 4. Respond: a. Scenario analysis and incident response plans, assess incident response readiness and effectiveness b. Response planning, communications, analysis, mitigation, improvements, PlayBook 5. Recover: a. Business continuity planning and stakeholder response management, remediation following a Cyber incident b. Recovery planning, Improvements, Communications CCP Technology and Solutions: CCP has established a wide range of partnerships with carefully selected cybersecurity vendors to be able to provide the right technology mix to its customers, meeting their business and technology needs and requirements and covering the entire spectrum of security and compliance controls. Technologies covered are (and not limited to): 1. Advanced attacker deception 2. Advanced threat protection 3. CASB (Cloud Access Security Broker) 4. Cloud-based secure enterprise network 5. Cloud infrastructure 6. DevSecOps 7. DDoS (Distributed Denial of Service) 8. Digital Threat Management 9. DLP (Data Loss Prevention) 10. Email Security 11. E-discovery 12. Forensics 13. Governance, Risk, and Compliance 14. Intellectual property 15. Insider Threat prevention 16. IT operations and analytics 17. Network and Application security 18. Next-gen endpoint protection 19. Penetration testing 20. Privilege access management 21. Security scoring 22. Secure Conferencing 23. Secure operations center 24. Secure virtual data room 25. Threat isolation 26. Threat intelligence 27. Multi-factor authentication 28. Vulnerability Management 29. Web application security |