Sphere

 

Sphere is tailored specifically to your organization. It focuses on the outcome of data protection and successful business operations. A proactive approach to Information Security ensures that we can hope for the best likely scenario, a breach that never occurs, and being able to respond quickly to emerging threats.

Sphere can also prepare you for any contractual security requirements.  Let us work with you to make sense of these agreements and provide relevant responses.  We can also provide valuable recommendations for Cyber Insurance underwriting.  Many of these policies ask a variety of questions as it relates to security policies and controls.  We can assess your current tooling and provide accurate and actionable improvements.  We can also help actually implement them.

We can provide an a-la carte approach to any of these services.

Sphere includes a Readiness Assessment (Phase 1), Penetration Testing (Phase 1.5), Reporting (Phase 2), Prepare (Phase 3), and Response (Phase 4).

Upon completion of the prior respective phases, a Phase 3 proposal will be presented. A team member will be available any time to accept and address inbound investigation issues. We will also perform regular assessments of your network, including but not limited to both active and passive scanning of networking, organization, identity, and social aspects of your organization. We recommend a minimum of sixteen (16) hours monthly of support for incidents, questions, and proactive services. Proactive services include but are not limited to secure code review, threat hunting, emerging threat sharing, continuous scanning, and fire drills.  These hours also serve as your incident response retainer.

Phase 1: Readiness Assessment

  • Data Cataloguing: this allows us to determine the level of severity with the most critical data.
  • Breach Point Analysis: Network, Application, Visibility, Database, Identity. We look to see
  • where a breach could occur today.
  • Table-Top Testing: Game out scenarios and threat types and work backward towards
  • mitigation.

Phase 1.5: Penetration Testing (Optional)

  • Expands the Readiness Assessment to contain in-depth analysis.
  • Rules of engagement (ROE) to be established before attacking simulations.
  • We will provide report preparation with severity ratings and remediation path reports.
  • We will provide evidence of how vulnerabilities were discovered and exploited.

Phase 2: Reporting

  • Shared results of the Readiness Assessment and Penetration Test.
  • Provide a proposal on action items from both an advisory, engineering support, and/or education.

Phase 3: Preparation

  • Implementation of Incident Response (IR) Plan and Playbooks.
  • Establish communication protocols.
  • Implementation of recommended action items from Phase 2, which will be on either a direct engineering or advisory basis.
  • Optional: Security Awareness Education proposal included. Security Awareness Education will consist of live virtual sessions (or in-person, travel costs reimbursed), with a broad overview of good security hygiene from both a professional and personal standpoint. This training intends to guide all organization members on the importance of Information Security. Sessions will run approximately 90-mins with time set aside for questions and answers. Sessions can be recorded and re-used for onboarding new hires and re-use. Course material will be updated quarterly. Sessions may include special guests from the Cybersecurity industry.
  • Optional: A second deep dive course for developers to understand best practices for a Secure Software Development Lifecycle. This includes application development, testing and deployments. This course will inform application developers of the latest application and network threats and how to defend against them. Sessions will run for 2 hours with time set aside for questions and answers. Sessions can be recorded and re-used for onboarding new hires and re-use. Course material will be updated quarterly. Sessions may include special guests from the Cybersecurity industry.

Phase 4: Respond

  • Availability through Incident Response Pager
  • Investigation Email Address
  • Recommended minimum sixteen (16) hours, with an incident service level agreement (SLA-agreement will be provided during contractual agreement phase).
  • Proactive services (including but not limited to): Continuous Scanning, Threat Hunting, Intelligence Sharing, Secure Code Review, Fire Drills.