A Fully Outsourced Information Security Service.

Our flagship service offering a complete information security service without the cost of hiring an in-house team.

A COMPLETE INFORMATION SECURITY SERVICE

At CounterHack we start with a complete audit of your people, processes and technology to test exactly what needs to be done to ensure your business is safe. This includes:

  • The creation of an Information Security forum within the business to establish role and responsibilities of key individuals.
  • An Information Asset Register to identify all the assets that are subject to threats.
  • An ISMS policy establishing how risks will be evaluated and assessed and what the objectives of the policy are whilst taking into account business, legal and regulatory requirements of the organisation.
  • In context with the ISMS policy, a gap analysis report highlighting the areas of improvement required.
  • A Security Improvement Process. Within the scope of the ISMS policy, this process will monitor and consistently manage security improvements within the business.

ONGOING AND DYNAMIC VULNERABILITY ASSESSMENT

CounterHack recognises that threats can happen at any time, which is why the vulnerability assessment doesn’t end. Ad hoc testing will be conducted as appropriate. For example, when significant new vulnerabilities are released or when new assets are introduced to the customer network.

This is supported with quarterly penetration testing and reporting. This means that you can be sure there are no new vulnerabilities within your system which could allow a breach to occur.

INTRUSION DETECTION AND REMEDIATION

We know there are threats all the time, which can sometimes be hard to identify and stop. This is why CounterHack offer a fully managed and monitored network intrusion discovery service. The service highlights ‘abnormal’ network behaviour.

Highlighting the abnormal behaviours is not enough to fix them, so CounterHack provide meaningful insights with remediation actions, to ensure the intrusion causes minimal to no damage.

AT LEAST TWO ‘RED-TEAMING’ EVENTS PER YEAR

Utilising a variety of ‘Social Engineering’ techniques, CounterHack agents will attempt to physically access your offices and data centres. They will loot sensitive information, document the evidence, clean-up and exit.

This is the same way a hacker would target you, so it is the perfect way to highlight vulnerabilities in your system.

A COUNTERHACK MANAGED PHISHING SIMULATION SERVICE

This service will assess how vulnerable an organisation’s users are to a variety of Phishing vectors (email, SMS, social media etc). CounterHack will deliver content to raise awareness of Phishing attacks. They will also continually assess and train users.

People are your biggest weakness, so make sure they are as secure as your technology.