Pinpoint your cybersecurity
weak points.

• Improve your security posture.
• Determine whether your critical assets and data are actually at risk.
• Avoid financial, operational and reputational losses caused by cyber attacks.
• Identify cyber security weaknesses before an attacker exploits them
• Get quantitative results that help measure the risk associated with your critical assets.
• Gain insight into attacker motivations and most likely targets.

CSIS supplies a laptop to the customer, who then connects the laptop to the organisation’s network. The laptop establishes a secure connection back to CSIS, either via the organisation’s network.

The laptop is used to observe, collect and analyse information flowing through the organisation’s network. The work is primarily manual, although some processes are automated.

The test will typically run for 2-4 weeks, although this figure varies according to the nature of the organisation and IT setup.

As results accumulate during this period, CSIS increases the amount of active testing and applies a range of simulated attacks. The actual man hours spent on this are typically much less than the total duration of the test.

The customer may set up 3 pre-defined targets for simulated attack (e.g. compromising the Active Directory, the organisation’s  ERP system, or even the CTO’s email).