The purpose of the design phase is to jointly discuss and agree upon objectives and scope of the engagement. Depending on expectations, special emphasis can be placed on various aspects, including:
During the second phase, the CISOCON team will work with you to develop a top-down understanding of the environment. The phase will focus on existing defense capabilities and major business parameters, including key business processes, organizational structure, technology architecture, data flows and additional data points. Information gathered in this step will form the baseline to model high-impact threat scenarios in the subsequent phase.
Designing business relevant, high-impact threat scenarios is one of the primary success drivers of the engagement. Our teams will develop bespoke attack vectors addressing both insider threats as well as external threat actors.
The fourth phase comprises a detailed examination of existing protection, detection, response & recovery capabilities against emulated attacks scenarios.
The final phase will synthesize all data and understandings accumulated throughout the process for a comprehensive report. The report will outline:
We've created the following service for you.