Understand your cyber-security threats and the risks they pose to your organisation. We use multiple sources of intelligence to identify and profile likely threats, and then look at how they might attack you and the damage they could do to your operations. We can do this at an industry, enterprise, business unit or systems level.
Security Architecture
Our cybersecurity architects will help you design your security defences, based on the identified threats, business requirements, such as industry standards, and your goals. We use proven enterprise security architecture frameworks such as SABSA, the NIST cybersecurity framework, and standards such as IEC 62443, PCI-DSS, and the ISO 27000 standards.
Cyber Program and Project Management
We can manage the implementation and delivery of your cybersecurity programs, developing your capabilities internally and across your supply chain. Tobruk is an industry leader in designing and implementing enterprise security programs.
Technical Security Assessment
A cybersecurity defence is only as good as it is practical application. Penetration testing and red team exercises can be used to evaluate your organisation’s security controls as they really are. Based on your threat level and need for assurance, testing may start with an architecture review and network and application vulnerability scanning, right through to full red team exercises, where Tobruk actively seeks to compromise your computer systems, exploiting weaknesses in human behaviour and technical systems.
Cybersecurity Management System Assessment
Our team will complete this assessment together with your organisation to determine whether the current management of your cybersecurity is effective and how it can be improved. We are experts in most of the international, national and industry standards in this area.
Cybersecurity Leadership and Education
Tobruk’s consultants bring decades of practical cybersecurity expertise. We are able to assist organisations with virtual cybersecurity executives to fill your CISO or Cybersecurity Board Advisor roles on a retainer or contract basis. This is particularly effective if you do not have a cybersecurity function in your organisation, or you are looking for board and executive advice and education in cybersecurity issues.
Crisis Management
If your organisation has been targeted in a cyber security attack, our team will help advise and coordinate your response and help get you back under control.