The professional services division of SecureWorks brings together a unique mixture of complementary skill sets in order to provide an unparalleled level of service across all industry sectors and infrastructure designs.
As the interaction and dependencies between regulatory, and statutory guidelines, and industry best practice become blurred and topics such as certification, compliance and audit are discussed as if they were interchangeable, you need to ensure that the advice you are provided with is reliable, accurate and consistent.
SecureWorks consultants have been utilised in projects where providing the correct approach has been instrumental to the ongoing success of the business.
The key to delivering useful, transparent and enforceable security systems lies in the adoption of a process that includes the following elements:
Information Security Governance
Information Security Governance is the means by which many organisations are measuring and managing their organisation against a defined set of security rules. Building upon the resurgent Capability Maturity Model, and using elements of COBIT, ISO17799 and the Manual of Protective Security, SecureWorks has assisted many organisations to quickly and easily manage their information security expenditure.
Read more about Security Governance
Regulatory and Statutory Compliance
Phrases such as Sarbanes-Oxley, Data Protection, Computer Misuse, Basel, ISO, are not intended to confuse as they all ultimately point in the same direction. Confusion reigns however in determining how best to observe the various demands for compliance made upon your organisation.
There is no avoidance of the regulations. The SecureWorks professional services team have successfully implemented a number of compliance programs, utilising the appropriate methodology deemed relevant for the market sector. Members of the team have worked with some of the compliance requirements since their inception.
Read more about Compliance
Risk Assessment
Often referred to as ‘Risk Review’, and being a service which is used either as stand-alone, or integral to governance or compliance projects, our method permits clear justification for the implementation of risk treatment programmes. Combining the collective techniques from ISO, COBIT, the IIA and Infosec makes the approach utilised by SecureWorks effective and reliable.
Read more about Risk Assessment
CESG CLAS Information Assurance
Many of the SecureWorks consultants are CESG CLAS accredited resulting in SecureWorks having one of the largest pools of CLAS consultants in the UK, and the largest pool in Scotland. These consultants are experienced in the setting of policy, the design of secure networks and the integration of security solutions for government networks. Organisations with a requirement to connect to a Government Secure Intranet will utilise these consultants, in particular, for the interpretation of the IS guidance.
Read more about Information Assurance
Computer Forensics
Computer forensics is the generic name that we use for the analysis and reporting on our findings from the forensic analysis of all computer or digital-related media. All investigations are undertaken utilising industry accepted tools and proven forensic methods and techniques. All reports issued are in a form suitable for submission to Courts of Law or tribunals.
Read more about Computer Forensics
