Information & Cyber Security needs to be addressed urgently by every business of every size and type. Business Owners, Board members and Chief Executive Officers are ultimately responsible for the security of the Information and Data they have access to and will be held to account legally, commercially and by their customers and Shareholders if breaches of security occur.
Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks.
Marathon’s Firewall Security Testing Service is designed to ensure that Firewalls have been installed and configured in a best practise way and appropriate port security is in place.
Most, companies, hold personal information in the form of employee or customer personal records and therefore those companies must ensure that they are compliant with the Data Protection Act. For those organisations wishing to trade with the European Union, they should be getting ready to also comply with the GDPR.
The goals of a penetration test vary, but the typical focus is to find vulnerabilities that could be exploited by cyber attacks and informing the client of those vulnerabilities, along with recommended mitigation strategies. Penetration tests are one component of a full security review* and audit.
Marathon’s Data Access management Service has been designed from the ground up to comply with Cyber Essentials (UK government information security initiative) and the GDPR.
The service takes organisations from their current information security position through to Cyber Essentials certification and maintains their compliance on an ongoing basis.
Marathon’s Information Security Practice offers discrete services which combine to deliver full Information & Cyber Security Assurance and includes:
- Business Risk Assessment
- Business Impact Analysis
- Information & Cyber Security Review and Gap Analysis (bench-marked with Cyber Essentials and ISO 27001)
- Business Continuity Review (bench-marked with ISO 22301)
- Technical Consultancy to implement IT security policies objectives and controls
- Data Protection Act & GDPR Reviews
- Data Governance
- End Point Security
- Vulnerability Assessments & Patch Management
- Penetration Testing
- Log Assessment and Management
- PCI Compliance
- Solvency II Data Compliance
- Cisco ASA
- Review and auditing ISO 27001/ISO 22301/Cyber Essentials/Cyber Essentials Plus