Service examples
Below are examples of the services we provide. Despite this listing, we tailor each service and combine them to best suit your needs.
Please contact us with any questions or to book an appointment.
Designing a Vulnerability Management Program
A vulnerability management program is a cornerstone of a strong cybersecurity program. Therefore, one of our services is to help you design a program custom-made for your business, mold tool requirements that help you with that program, and get those tools set up and maximize their usage. Similar to our philosophy, a good vulnerability Management Program consists mostly of policies and procedures, with tools playing a support role only. Once your policies and procedures are finalized, we will work with you to compile thetool selection requirements. Once the requirements are clear, we will help you work with vendors to select the right tool for your environment.
Establishing proper policies and procedures
Some think that to be secure, they just need to buy the right tool because a salesperson told them it would make them safe, and then buy another tool because that salesperson said it was better. Then they stand there with many tools and no idea how to use any of them.
The truth is that it is not possible to guarantee 100% safety, regardless of what some slick sales guy might have told you, and certainly not by buying any tools and equipment. It’s never good to start with a solution and then find a problem it can solve.
Our advice is to start by developing sound policies and procedures, then defining requirements for the tools that support them.
This approach starts by identifying a problem or need, then finding a tool to address it. With this approach, you won’t have all sorts of tools you don’t use. Therefore, this is the approach we always use. This service offering is similar to the one above but slightly more comprehensive.
Internal audits Services
If you are working toward a certification or simply maintaining one, you need an independent party to review your setup and confirm you are ready for the final review. Without that, you have very little chance of passing your certification audit. This is one of the core services we provide
End User Awareness Training
One thing you absolutely need to pay attention to is training your staff to be security-conscious. This is one of the cornerstones of any robust security program, which is why many security frameworks and compliance requirements mandate it. There are two approaches to this:
- You can purchase a subscription to a video training service that covers all the required boxes.
- Or you can bring in an expert for in-person training.
There are pros and cons to each. The video training service makes it easier to ensure everyone completes and demonstrates compliance. It is often bite-sized and easier to fit into busy schedules. The problem is that there is a much greater chance that folks won’t get the material or, worse, will sleep through it.
On the other hand, in-person training, like the one we offer, is more engaging and comprehensive, ensuring everyone learns the material. The problem is that scheduling can be challenging.
While we typically recommend in-person training for that personal touch, we realize it isn’t practical for everyone. Therefore, we can also connect you with some great video training solutions.
NIS2 Implementation or planning services
We can work with you to ensure you meet NIS2 government regulations. With the expanded scope of NIS2, many companies that weren’t previously required to comply are now subject to it. Does your company fall under the expanded scope? Or do you simply desire the competitive advantage that comes from being NIS2 compliant even if you are not legally mandated to? You may not have the in-house expertise to understand, plan, and implement programs to achieve NIS2 compliance. Let us help you. We can provide as much or as little help here as you desire. Note that, at the time of writing, NIS2 has not yet been mandated in Iceland. It is widely expected to become law in Iceland in 2027 and to mirror EU regulations. If you prepared under that assumption, you will be well-positioned when the mandate takes effect in Iceland.
