Information
Security
As our name suggests the approach to information and cyber security is measured, pragmatic and logical. The idea is not to instil fear about how much needs to be changed to improve your security posture. Instead we use a tailored combination of awareness training, focused education and other techniques to change mindsets about information security. This approach allows you to see what steps are right for your business and in what order they should be executed. The services leave you in a better position to maintain your new system for managing information security and present the necessary assurance to clients or other interested parties. Whether it is responding to a security assessment, demonstrating compliance with regulations or preparing for an audit you can be confident that Syllogistic Consulting can support you.
Information Security Audit
Find out through a tailored look at your business, what areas should be addressed in what order to give the biggest uplift in information security and make the most impact in protecting your assets.
Document a strategic way forward
Align with existing business goals
Improve existing applications or processes
Security Architecture
A strategic approach to security is usually the cheapest in the medium to long term. This approach works for building a cloud application incorporating security-by-design, as well as an information security management system (ISMS) for the whole organisation. We can provide this service no matter the type of business.
Virtual CISO
The range of information security needs of a business can seem daunting, especially when there is enough demand from clients and external parties for the skillsets you don't have in-house, but not in a consistent enough way to justify employing a full-time employee to be your Chief Information Security Officer (CISO). The Virtual CISO service caters for this as you have the opportunity for a security representative in meetings with external parties including clients; an advisor on information security matters throughout the business and a strategic partner for security architecture while you grow the business.
ISO/IEC 27001 ISMS Standard implementation
We are experienced in implementing ISO/IEC27001 in businesses of various sizes as well as maintaining the certification. We can help you prepare for Stage 1 and 2 audits, surveillance audits or just raising the security of your organisation through implementing and testing your Information Security Management System (ISMS) based on the standard.
Implementation of other Information Security Standards
If you have achieved the ISO/IEC27001 standard and develop SaaS applications to offer clients, then the CSA STAR certification may be the next step in assurance you need. Maybe you need to comply with Cyber Essentials, PCI-DSS, SWIFT attestation or others. We can help you achieve the requirements of the necessary to demonstrate your conformity to a recognised standard or be ready for their external audit.
Building a cybersecurity capability with your existing staff
There is a shortage of experienced information security professionals. We can set out a series of steps to upskill your staff and help train them in the practical areas of security most useful to your business. Your existing staff with their intimate knowledge of the business will become the team that can offer a cybersecurity capability to the rest of the organisation.