What We Do
External Security Focus
Supplier Assessments and Supply Chain Reviews
It is well documented that the supply chain poses a significant risk to the integrity and the confidentiality of business. Many data breaches and compromises can be traced back to the supply chain and the handling of your organisations data once it is trusted to suppliers outside of your direct sphere of control. Using our experience at Aegis Rose we can provide bespoke supplier assessment services to your organisation ranging from threat risk assessment, exposure assessment, information relationship management guidance or onsite supplier assessment/audit services.
Physical Security assessments and Surveys
Physical security is often the least considered area of security within SMEs, but poses a very real threat to many. Physical security is not just about imposing fences and armed guards, there is no one size fits all solution. At Aegis Rose we have a rounded history of providing a holistic view of physical security and what that means for each specific threat and risk case. We are able to provide assessment and recommendation to a number of standards based on the threat and risk posed to any asset ranging from a building or campus down to a cabinet or key box.
Internal Security Focus
Internal process security review and improvements
Where humans are involved in process there is a high probability that the practices and procedures undertaken introduce the risk of compromise to operational and business data. It is likely that as users spend more time in their role they will develop ways of working that are not consistent with security best practices or operating a business with a robust security posture. At Aegis Rose we utilise our experience combined with tested methodical approaches to assess practices and procedures using either an end to end holistic approach or a snapshot approach to identify areas for improvement.
Virtual Chief Information Security Officer
The best security begins with clear direction from the top of an organisation, however in many organisations that are expanding or maturing that direction is either immature or has not been a requirement known to the organisation before. At Aegis Rose we can provide experience in setting and implementing an information security program that works with the organisational goals and objectives. We have proved a valuable interface between the C-Suite and other members of the organisation as to the state of the organisations information security posture and direction. To support the organisation we are able to provide this in any form of engagement appropriate to the size and demands of the organisation.
Organisation wide security review
Often many organisations have expanded and developed organically but processes, policies or procedures have not been reviewed or changed to adapt with the new organisation size, goals or requirements. At Aegis Rose we can use our expertise and independence as a fresh set of eyes to an existing organisational security team that is at capacity with day to day operations. With a defined scope we are able to move across business units assessing security through process and touchpoints evaluating risk exposure. This culminates in a report and recommendations that can be delivered at any level of organisational need to provide assurance that security is in a healthy state or not.
Information Security Risk Assessment and Management
As a business develops its customer and product lines, the amount of information and data handled increases significantly beyond the initial scope of management. Data aggregation poses a significant risk should there be an unauthorised information disclosure, this could come from any threat source ranging from a ransomware attack to an inadvertent internal exposure. At Aegis Rose we have experience in identifying any data pinch points or unidentified aggregation risks to the business, evaluating that risk contextualised to the business to give a clear indication of the level of risk the business is exposed to. This can be presented with or without recommendations and remediations.
External Security Standards
ISO27001 Implementations and Internal Audits
Should business demands require that a formal framework for Information Security is adopted, at Aegis Rose we have experience in guiding business through the ISO27001 journey, be that in a limited scope or organisationally wide we can help either align to or certify against ISO27001. Our approach is fully dependant on the needs and expectations of your business and is tailored to suit. We create and implement customised policies that are applicable to your business and aid you in their adoption. We can also assist in any readiness or internal audits that need to be undertaken as part of the ISO journey.
UK Secure By Design
With the move to Secure By Design by UK Government departments a new set of project compliance requirements have been introduced requiring security to be considered at the very heart of the project. At Aegis Rose we have experience in applying the preferred NIST control set from the commencement of a project right through to acceptance by the authority. Our approach is in line with the sentiment behind the requirements to provide the most robust and secure controls to a project, we can be involved from project inception or for long term projects, we are able to assess the existing state of the project and make recommendations or provide direct intervention where required.
Take the next step to secure your business
Contact Ageis Rose to begin your journey