Information & Cyber Security needs to be addressed urgently by every business of every size and type. Business Owners, Board members and Chief Executive Officers are ultimately responsible for the security of the Information and Data they have access to and will be held to account legally, commercially and by their customers and Shareholders if breaches of security occur.
Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks.
Marathon’s Firewall Security Testing Service is designed to ensure that Firewalls have been installed and configured in a best practise way and appropriate port security is in place.
Most, companies, hold personal information in the form of employee or customer personal records and therefore those companies must ensure that they are compliant with the Data Protection Act. For those organisations wishing to trade with the European Union, they should be getting ready to also comply with the GDPR.
The goals of a penetration test vary, but the typical focus is to find vulnerabilities that could be exploited by cyber attacks and informing the client of those vulnerabilities, along with recommended mitigation strategies. Penetration tests are one component of a full security review* and audit.
Marathon’s Data Access management Service has been designed from the ground up to comply with Cyber Essentials (UK government information security initiative) and the GDPR.
The service takes organisations from their current information security position through to Cyber Essentials certification and maintains their compliance on an ongoing basis.
FastTrack to GDPR readiness includes a workshop event which is designed for all of the people inside an organisation that need to understand what GDPR means for them in the context of the company and department. For the FastTrack service, following the workshop, Marathon provide a GDPR practitioner, on site, to expedite gathering the information and assisting with documentation which is required to achieve compliancy with the GDPR by the 25th May 2018.
As with the FastTrack service, the Readiness Assessment starts with a workshop event for key staff to understand the challenges that they need to overcome, in the context of their organisation, to avoid the risks of GDPR noncompliance. Following the workshop, templates are provided so that the organisation can produce a personal information audit and GDPR gap information which is used by Marathon to produce a comprehensive GDPR Readiness Assessment report.
PhishMe’s intelligence-driven solutions empower employees to be an active line of defence and source of attack intelligence by enabling them to identify, report, and mitigate spear phishing, malware, and drive-by threats.
Marathon’s Information Security Practice offers discrete services which combine to deliver full Information & Cyber Security Assurance and includes:
- Business Risk Assessment
- Business Impact Analysis
- Information & Cyber Security Review and Gap Analysis (bench-marked with Cyber Essentials and ISO 27001)
- Business Continuity Review (bench-marked with ISO 22301)
- Technical Consultancy to implement IT security policies objectives and controls
- Data Protection Act & GDPR Reviews
- Data Governance
- End Point Security
- Vulnerability Assessments & Patch Management
- Penetration Testing
- Log Assessment and Management
- PCI Compliance
- Solvency II Data Compliance
- Cisco ASA
- Review and auditing ISO 27001/ISO 22301/Cyber Essentials/Cyber Essentials Plus