Cyber Crisis Management experts, delivering cybersecurity training courses, tabletop exercises and trusted advisory. The cyber crisis or data breach that may damage your brand reputation and even cost you a massive financial loss in terms of regulatory fines is probably just around the corner. In the world of complex technology that we inhabit today, being fully cyber resilient is the final goal f
or any organisation. Cyber Management Alliance’s professional audits and assessments provide our clients with all the information and tools required to achieve maximum maturity in their cybersecurity posture. Cyber Management Alliance conducts a range of specialist cybersecurity assessments and audits not available elsewhere. These evaluations focus on organisational Cyber Resilience, Incident Response, internal staff capabilities, organisational Breach Readiness and more. Our team of experienced practitioners has several years of experience in cyber resilience, designing and implementing SOCs, cyber crisis management, incident response and business continuity.The NCSC-Certified Cyber Incident Planning & Response Course (CIPR) created by Cyber Management Alliance is a comprehensive course enabling individuals and organisations to prepare a well-defined and managed approach to dealing with a data breach or a cyber-attack.The course is non-technical and aimed at an audience who want to understand how to better prepare for responding to a cyber-attack. The course has no prerequisites and students will understand the operational strategies and processes an organisation needs to consider before, during and after a cyber crisis or data breach. The Building and Optimising Incident Response Playbooks one-day training & teaches you how to create actionable incident response playbooks to respond to a variety of simple and complex cyber-attacks and data breaches.CEOs, business executives and boards of directors who manage risk and compliance at the companies they govern need continuous awareness-building sessions that are non-technical, bespoke and well-structured to meet executive needs. Cyber Management Alliance’s Executive Briefing and Awareness Sessions (EBAS) are especially designed for executive management, CEOs and board of directors, engaging them in a business context to help explain the threats and risks from cyber-attacks, and providing them with simple, tactical and strategic steps to help improve their organisational resilience to reputation-damaging cyber crises.SOC Assessment for Service Providers This assessment is designed specifically for those service providers who offer SOC (or MDR, Managed Detection & Response) as a service. Some also refer to SOC providers as MSSPs or Managed Security Service Providers. This assessment was created to allow SOC providers to demonstrate their standard of service and SOC capabilities to their existing and potential clients. At the end of the assessment the SOC provider receives a digital badge. The badge can either be Silver, Gold or Platinum and is based on our independent audit of the SOC provider. SIEM or Security Incident and Event Management systems are intended to provide organisations a ‘one-window’ view of and enhanced visibility into all digital activity within an organisation. The basic building blocks of a healthy and effective SIEM is an effective log management strategy and underlying cyber capability of an organisation. In the simplest terms, the better and wider the log coverage in an organisation, the better the performance and output of its SIEM.In addition to the above, use-cases (we call them threat scenarios or cyber-attack scenarios) form an integral part of the current SIEM systems and organisations rely heavily on use-cases to trigger alerts that indicate malicious activity.In this audit, we assess how your SIEM or Security Incident and Event Management system is configured, assess the operational aspects of the SOC team and review the related monitoring technology stack. Importantly, we also review a sample of your existing use-cases to highlight any critical gaps in the use-case logic and configurations.
