DS Compliance provides Professional Consultancy Services for Cyber Security, Compliance and Investigative purposes.
These cover four areas:
Analyses the current position of an organisation, identifying strengths and weaknesses in their posture. This is conducted by a senior consultant with extensive experience at board level for many large organisations
Good strategy needs to be complemented by good operational deployment and policies. Once a strategy has been defined, the policy is enforced by the deployment of consultants and contractors
DS Compliance is technologically agnostic and enjoys the support of the leading technology providers in the cyber market. The most cost-effective services are identified and recommended
To conduct investigations in the event of a breach of concern. This will be under the auspices of qualified, senior personnel
DS Compliance are Thought Leaders on CCPA and delivers all levels of consultancy, technology, training and forensic services, provides a single point of contact for all needs.
DS Compliance offers a discreet in-depth review of the client’s current situation and offers a strategy to suit requirements.
The objective is for an organisation to have a Layered Defence Model using Data Protection by Design.
This is conducted by the senior team and typically built to meet these standards:
- Cyber Essentials
- Anti Money Laundering
- Soc 2
DS-Compliance Professional Services
Cyber Essentials / Cyber Essentials Plus
DS Compliance provides a service for customers to achieve Cyber Essentials or Cyber Essentials Plus compliance.
DS Compliance supports organisations assess information security risks, put in place robust security controls and processes and embed information security management across the organisation. The standard is suitable for all organisations, especially those that collect Personally Identifiable Information.
DS Compliance provides a service to empower organisations to achieve this standard.
DS Compliance supports professional organisations to comply with the Proceeds of Crime Act 2002 and with other activities, such as annual Anti Money Laundering preparation and training. In many professions such training is mandatory and successful completion will form part of an organisation’s professional indemnity insurance.
Ransomware Audit Service
DS Compliance prepares clients to defend against ransomware attacks by providing strategy, investigative support, training and exercises.
The DS Compliance Ransomware service focuses on these areas:
|Personnel Training||Business continuity|
|Simulation role-playing Ransomware tabletop sessions||Technology Management (Layered Security Model)|
|External Pen Testing||Management and review of Log data|
|Backup capability / Strategy||Internal Audit|
|Access privileges / MFA||Documentation management|
|Patching Vulnerability Management||Development of KPIs|
|Antivirus||Ensure Risk appetite is managed|
|Web filtering||Supplier risk Management|
|Mail Filtering||Due diligence questionnaires|
|Secure DNS||Manage Outside Parties, Penetration Testing, Vulnerability Testing|
|Home working security review||Breach and Incident management|
Additionally, there is Incident Response Management, available as a one-off or as a retained support service.
DS Compliance offers a range of investigation services, provided by trained staff. These services start from audits which examine Threat, Risk and possible Harms. DS Compliance provides planning and management of defined strategies.
After an event, DS Compliance offers services for preserving and securing evidence, undertake interviews and capture evidence from CCTV and other data sources. This evidence is then handled and prepared using criminal or civil law standards.
DS Compliance services help organisations prepare and train against advanced threat actors using real-life simulation exercises. In the event of a breach, incidents are investigated and recovery from attacks is conducted in a quick and efficient way.
DS Compliance enhances security practices, trains security teams and stop breaches for organisations through the following services:
- Digital Forensics and Incident Response
- Vulnerability Management
- Penetration Testing
- Security Audit and Compliance
- Threat Intelligence
DS Compliance Penetration Testing Services uses a defined methodology to safely and reliably map system assets, identify weak spots in both technology and processes and provide easy to understand recommendations for reducing or eliminating risks.
- Identify where attacks on an organisation surface and the risk of exposure to both opportunistic and more targeted hackers
- Understand how susceptible an organisation systems are to attack or subversion from disgruntled or malicious employees, contractors and third parties
- Determine how effective current security controls are at preventing costly and embarrassing data breaches
- Harden the defences of an organisation by following the comprehensive recommendations. Penetration Testing Services provide and reduce vulnerability to hacking attacks
- Give customers and suppliers confidence in an organisations security posture and demonstrate that the business is proactively identifying and managing risks
- Security testers are professionally certified through CREST or Tiger Scheme and are fully background checked and hold current government security clearances