Toward a shared governance and intelligence of cyber risk.
SPICE proposes to identify cyber risk profiles related to your activity and to set up strategic decision support. It offers a snapshot of your company's vulnerabilities at one point.
Through an innovative process including a table-top gaming session, SPICE allows you to understand what is happening in the head of a hacker: what he wants in your business and how he can get started.
In summary SPICE allows you to: :
- Determine the Axes of Attack
- The likely axes of attack
- Financial impacts
With SPICE, our consultants help you to:
With our expertise, you build a corporate security architecture involving business, IT and top management
Audits and Intrusion Tests
With new development occuring daily, we keep a finger on the pulse of which tools and techniques are currently being used by hackers in their attacks.
For the purpose of prevention, we propose a non-destructive attack allowing you to test your security in a real-world scenario without any risks associated with a malicious attack (loss of productivity, theft of information, damage to reputation and / or branding ...).
After the intrusion test, we produce a report on the vulnerabilities discovered as well as the severity of the impact.
Corrective measures are then proposed to the client in order to improve the security posture of the business.
LINEON is able to cover any type of technological environment such as:
- WEB (n-tiers) and WEB 2.0 environments
- Networks infrastructures
*Telecom environments (data collection, IAD / STB, ...)
Frame of reference
We use recognised technical and functional frameworks for mapping compliance:
- OWASP for WEB environments
- ISO/IEC 19001 for the formalization of the audit approach
- 2700X Standards Series - SSI Terms of Reference
- Payment Card Industry - Data Security Standard (PCI-DSS)
- Regulatory Framework for Classified Defence Environments (CESG)
Our added value
An innovative formalisation of corrective measures and audit reports aimed at:
vCISO (Virtual CISO)
The vCISO service provides an "on demand" CISO whose mission is to help SMEs manage and control their cyber security without having to invest in a FTE CISO.
Based on a bespoke information security program, this service relies on the leadership of security experts and a support team of analysts and consultants to address cyber security issues. end to end.
The implementation process of this service focuses on understanding the business objectives of the company. This approach makes it possible to align the needs, in terms of Cyber-security, vis-à-vis the identified issues in order to propose an efficient approach:
- Establish the overall security strategy
- Determine priorities (quick-win) to quickly reduce risks while optimising costs
- Establish continuous improvement processes to control the evolution of risks over time