Living a digitalised life entails risks, one of which is cyber-attacks that can cause great damage to companies and organisations and thus to their business and reputation. Prevention, investment, prior work and good advice will be the keys to coexisting with all the good and bad of the digital world.
Proactive cyber security advising
- Assistance in prevention initiatives. Drafting of internal policies and contractual documentation. Forensic analysis.
- Protocols for the use of information systems: protocol for the use of personal mobile devices, protocol for teleworking, protocol for digital disconnection.
- Management of security incidents: coordination of an internal investigation of the incident, drafting and filing of the corresponding report, advising on the collection of evidence, preparation of the incident report, determination of the scope of personal data protection and communication to the supervisory authority and affected parties, as the case may be.
- Application of preventive, reactive and recuperative security measures.
- Security of operators of essential services and digital service providers. Master Security Plan.
- Verification and implementation approach for cyber security solutions.
- Establishment of a proper Security Policy, a Reaction Plan and a Contingency Plan up to date.
- Risk management of users’ use of social media, messaging, forums and other internet communication programmes.
- Training and education of managers and employees on these threats and risks.
- Obtaining electronic evidence for court proceedings.
National Security Scheme
- Design and implementation of an Information Security Management System, according to the National Security Scheme (ENS). Phased IMPLEMENTATION.
- Development of a Plan for the adaptation of the ENS. Implementation of the ENS Security Plan and Measures. Certification of compliance with the National Security Scheme. Compliance verification audit. Certification of compliance. Assessment and continuous improvement.
- Definition of a public entity security organisation.
Implementation of ISO Security STANDARDS
- ISO/IEC 27552: 2019 (Certification of the Privacy Management Model) – Extension of ISO/IEC 27001 (Assurance of confidentiality and integrity of data and information) and ISO/IEC 27002 (Best practices in information security management).
“Formarse es una buena base para afrontar cualquier negocio”
El aprendizaje y la formación continua es uno de nuestros pilares. Por ello, ofrecemos formación especializada in house y virtual para nuestros clientes en las materias en las que estamos especializados.