Compliance aligned Cyber Security Services and Solutions

All Cyro’s services have been designed to fulfil the control requirements of any compliance regime. Whether it be NIST…

IDENTIFY
OST Activity
Cyber Security Maturity Assessment
Control Assessment
Vulnerability Management

PROTECT
GRC Activity
vCISO
Policy & Procedure
Zero Trust Architecture
Azure & Cloud Hardening

PROTECT
COMMAND & CONTROL/XDR
PenTest-as-a-Service
Threat Intelligence
Threat Hunting

RESPOND
ADVANCE SOC/XDR
MDR
Incident Response

RECOVER
Data Lake & Forensics
Immutable Back-ups
OST Activity

…or to meet Cyber Insurance requirements

Controls

Cyro Team

Endpoint Detection and Response (EDR)
Implemented on all Endpoint (User and Server) wherever possible

Privileged Access Management (PAM) Tool
Ability to monitor and control accounts with heightened access to key assets

Security Operations Centre (SOC)
24/7 monitoring of the network

Multi Factor Authentication
Implemented and required for all remote access and connections to M365

Asset Management
An up-to-date asset inventory of the environment(s) using a centralised tool

Restricted Local Admin Rights
Local administrators should have separate accounts for admin and BAU tasks, all defined by RBAC

Back Up Procedures
Offline or immutable back up ensuring back ups cannot be tampered with or deleted

Employee Training
Training and an awareness campaign for all users on an annual basis

Email Protection
Email being the predominant route of attack, ensuring governance of this data

Patching – Policy, Procedure & Evidence
Applying critical patches in 14 days, and high within 30 days

End of Life Management - Aged Architecture and OS Presence of aged OSs and Software, mitigating controls

Level of PII Data and Potential Exposure
Level of inherent risk based on data stored

Technology Partners

Our Technology Partners

DDoS & DNS Protection

Vercara’s massively scaled, global cloud platform and unparalleled human expertise provide layers of protection to ensure successful online interactions.
SIEM & XDR

Microsofts combined SIEM (Sentinel) and XDR (Defender) solution enables our SOC to detect, investigate, respond to, and defend against threats with a fully integrated and comprehensive set of capabilities—including SIEM, SOAR, UEBA, XDR, and global threat intelligence.
Security Awareness Training

KnowBe4 is the world’s largest integrated platform for security awareness training combined with simulated phishing attacks to manage the continuing problem of social engineering.
Perimeter Security

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Malware Protection

Cylance technology powers BlackBerry cybersecurity, providing customers endpoint security that proactively detects malware and prevents cyberattacks from happening.
Asset Management

By connecting to hundreds of data sources, Axonius gives IT and security teams a comprehensive inventory, uncovers gaps, and triggers automated response actions whenever devices, users, and SaaS apps deviate from policies, controls, and expectations.
Back Up Procedures

Protect your data from insider threats or ransomware with air-gapped, immutable, access-controlled backups.
Email Protection

Prevent email and email-like attacks, automate your security operations, and reduce your total spend with one extensible platform.