CCL Solutions has launched a new suite of cyber services that combine optimal protection with pricing certainty, including the introduction of Red Teaming.
CCL Solutions Group has launched a new suite of cyber security services, bringing the best in protection with the added advantage of complete cost certainty: each of the services comes with a fixed price quotation after the scoping phase.
The suite is designed to give organisations more tools in their defensive armoury, complementing standard penetrating testing and helping strengthen both cyber posture and security awareness.
CCL’s Director of Cyber Paula Page comments: “There’s probably never been a greater level of awareness around cyber security than we’re seeing currently and we want to give organisations as many tools as possible to help them defend themselves and keep data secure. Our ability to offer fixed costs gives clients confidence in both the technical and financial outcomes.
"The variety of tools also lends itself to more holistic planning. We’re working more and more with clients on 12-month cyber programs, built around regular pen testing with complementary services done at appropriate intervals, such as quarterly Phishing Assessments and bi-annual Red Teaming. In terms of providing sustained protection and peace of mind, it’s a very logical, affordable option and in today’s climate a really sensible choice.”
The new suite comprises the following services:
Though the terms are often used interchangeably, Red Teaming is not the same as pen testing. A Red Team assessment is objective-based, encompasses people and processes as well as systems, and is typically delivered covertly: this is to better simulate a real-world attack against your company, using the same tools and techniques used by bad actors and hackers, and can test out your own security team in terms of its response. Our Red Team will help identify possible attack paths and make recommendations for remediating weaknesses.
Humans are seen as the ‘weakest link’ and phishing attacks aim to exploit that weakness: they are used to gain access to sensitive information or to deliver malware, such as ransomware, rendering systems unusable until a ransom is paid. The Phishing Assessment is designed to test both technical defences and staff awareness levels, with a view to strengthening an organisation’s security posture in the face of increasing phishing, spear phishing and whaling attacks.
The human element within an organisation’s overall security strategy doesn’t tend to receive the same level of testing that perimeter and internal defences are subject to. As a result, attackers are shifting their focus to target the weakest link, your staff. Our physical social engineering assessments are designed to highlight and neutralise the risks associated with the techniques used by adversaries to compromise physical security, such as baiting, pretexting, tailgating, shoulder surfing and dumpster diving.
Flexible working is growing in popularity and is expected to become, if not the norm, then certainly a widely accepted alternative to the office-based 9 to 5. This move to hybrid, however, creates an expansion in the attack surface of many businesses. Our service – which encompasses infrastructure, VPN, cloud, end user device review and phishing assessments - can help to identify areas where cybersecurity needs to be improved, and allow businesses to maintain full confidence in their hybrid working arrangements.
For more information on any of the above or to discuss your cyber security requirements, please contact Paula Page directly.