Managed Cybersecurity Services
BDO’s managed cybersecurity services include a number of highly technical and sophisticated service offerings. These offerings include:
- Email and network attack threat assessments. For various nefarious purposes, most cyber-attacks are directed against organisational networks; these days often by means of malicious emails (e.g. phishing attacks, ransomware etc.). Network security is therefore of the utmost importance and consists of numerous security measures, covering people, process, policy and technical controls. BDO can assist in testing and auditing all of these controls, including the technical controls which could include device security, perimeter security (e.g. firewall configurations) and host hardening (e.g. application, operating system and database security testing). BDO can also perform tests to assess an organisation’s email security, email security awareness among employees and email attack vectors.
- Security Operations Center (SOC). More and more an organisation’s cybersecurity portfolio will include detective and corrective controls - as preventive controls will fail from time to time. It is critical for today’s organisations to detect security breaches within a short period of time and correct them. BDO, in partnership with other BDO offices in the world, offers SOC services to clients who need 24/7 security monitoring over their cyber presence. We can assist in detecting attacks in a pro-active manner.
- Penetration testing (hacking simulations). BDO can assist with:
- External penetration tests. BDO provides Internet-perimeter penetration testing (white hat hacking) assessments. The objective of these penetration tests is to emulate a hacker scenario originating from the Internet (i.e. from outside an organisation’s internal network), within a finite time and at a limited cost. A full, manual penetration test is performed against a client’s Internet-facing IP addresses and/or websites. This may include all company domains, external firewall IP addresses and NAT ranges.
- Internal penetration tests. BDO provides internal infrastructure security assessment services. The objective of these penetration tests is to emulate a hacker scenario originating from the internal network (assuming that the external perimeter has already been breached). The methodology being used offers a client with a comprehensive overview of the security posture of the internal network infrastructure, within a finite time and at a limited cost.
- Web application penetration tests. Web and other Internet-facing applications are for hackers the ideal avenue into an organisation’s internal network – due to the fact that web applications are notorious for security weaknesses (as these applications were not designed with security in mind) as well as the complexity of such interfaces. BDO can assist with web application penetration testing by using state-of-the-art methodologies.
- Vulnerability assessments. Software and even hardware devices do have known and unknown vulnerabilities (i.e. software bugs which allow security exploits). The presence of multiple and interlinked software applications and hardware exponentially increases the risk that a security manager could omit the patching of some systems, leaving the organisation open to security exploits. BDO can assist in vulnerability assessments by running reliable software to detect gaps in patching. Moreover, it is important that a security posture is evaluated 24/7 with modern technology over a period of time. BDO can assist in this by using machine learning programs to detect software and hardware configuration weaknesses.
- Cloud migration and cloud security. Cloud security is just a subset of normal IT and cybersecurity. Mostly, the same security principles apply to a cloud presence. BDO can assist in the evaluation and assessment of cloud security and can assist cloud companies to provide assurance about their security practices to their customers (by issuing an ISAE 3000 report) and at the same time we can assist users of cloud services to improve the security of their interaction with the cloud infrastructure.
- Cybersecurity education, training, and simulations. BDO provides cybersecurity training – in the traditional classroom style or online. We offer a very popular “Meet-the-Hacker” training to our clients’ staff members and can also provide a cyber posture analysis for all staff members. Our training covers:
- Know the hacker
- Social engineering
- Physical security
- Personal security
- Mobile security
- Password protection
- Security incident and event management. As BDO we are of the professional opinion that organisations need to deal with their obsession with and over-reliance on preventive controls in a complex system like cyberspace. Preventive controls cannot prevent all threats - and will be less likely to do so in the future. Organisations will have to learn to manage amidst the systemic chaos. They need to architect, not on the basis of success (with over-reliance on preventive controls), but on the basis of failure (i.e. assuming that security breaches will happen and subsequently rely more on detective and corrective controls). In other words, an organisation should be in a position to detect breaches in a very short period of time – and correct them. The question to a CIO in the future should NOT be: “Why didn’t your controls prevent the incident?” BUT rather, “How quickly did you notice it (in 1 day or 100 days)? AND what did you do about it?” BDO can assist not only with SOC operations (i.e. to detect breaches), but also with the investigation of security breaches, as well as advice on how to proceed with corrective action after a security incident.