Consultancy
Cyber Security

Incident Response Management

Incident response is an organized approach to addressing and managing the aftermath of a security breach or cyberattack, also known as an IT incident, computer incident or security incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.


Mobile Security

Mobile security is the protection of smartphones, tablets, laptops and other portable computing devices, and the networks they connect to, from threats and vulnerabilities associated with wireless computing. Mobile security is also known as wireless security.


Network Security & Forensics

Computer crime is one of the fastest-growing types of crime in the world. Every aspect of our economy, industry, commerce, public safety and national defense relies on computer networks, which are complex and have built-in vulnerabilities. Network security and digital forensics – or cyber security – is the practice of protecting computers and networks against exploitation or attack. From the computers in our homes and embedded in our mobile devices, to the inventory systems that bring us our food, banking, automotive and communications, securing these networks has grown to become a cyber-battle, and the most pressing priority in our personal lives, our businesses, and our nation.


Network Security and Forensics (NSF) is an Information Technology degree program offered by Fountainhead College that trains students to prepare and protect networks, intranets, and websites. The NSF program's core focus is on securing computer networks and diagnosing problems, security risks, and cyber analysis processes. Network security and digital forensics professionals harden computer networks against unauthorized access and intrusion.


Information Security & Forensics

The Cyber Forensics and Information Security program combines the disciplines of technology, business organizational behaviour, and law. There are techniques used to detect, respond to and prevent network intrusions. Also there are broader concepts such as the responsible use of resources, the appropriate management of risks, and the alignment of information technology with the organization. To protect the information and information systems from unauthorized access,use disclosure,disruption,modification,or destruction in order to provide integrity,confidentiality and availability.


Threat Hunting & Scripting

Threat hunting cyber hunting or cyber threat hunting, each term essentially means the same thing: security professionals look for threats that are already in their organization's IT environment. This differs from penetration or pen testing, which looks for vulnerabilities that an attacker could use to get inside a network. With every vendor offering some type of threat hunting service, security professionals may wonder if hunting can actually benefit a company or if it's just a fad. But threat hunting isn't based on flashy technology that will become irrelevant in a few months. It's a return to one of the basic tenets of information security



Security Strategy & Governance

Cyber Security Framework,Strategy and program transformation

Organizations are embarking on transformational journeys, launching apps, adopting cloud, innovating with disruptive service, adopting faster application development and IT operational processes. These journeys expose organizations to a myriad set of new risks and it is essential that security is built into the transformation. At GCID we provide security program assessment, identifying the key transformation requirements and development of Cybersecurity strategy and transformation roadmap. We cover all aspects of Cybersecurity.


Security Policy and standards framework definition


Cyber Security skill development and enhancement programs

• Intrusion detection
• Malware analysis and reversing
• Programming know-how
• Thinking like a black hat
• Building a well-rounded skillset
• Risk analysis and mitigation
• Cloud security
• Security analysis


Stakeholder sensitization and awareness

Small business cyber security strategy

What are the risk factors to your business? Are you using outdated software with a known vulnerability? Do your employees use weak passwords? How susceptible are your employees to responding to phishing scams? Assessing your cybersecurity posture requires a number of tools, and sometimes real-time interactions, to determine a company's potential vulnerabilities and recommend areas to improve.


Risk remediation

Once you are made aware of potential threats and vulnerabilities through an assessment, addressing your risk is a critical step – and it goes beyond simply installing antivirus software and setting up a firewall. Your program should include appropriate technology solutions, company policies and an incident response plan, and it should map out continuous improvement.


Training

Does everyone on your team know the appropriate protocol for mitigating the likelihood of a cybersecurity attack? A thorough training plan should provide lessons on BYOD (bring your own device) policies, password setup, verification processes, how to monitor for potential phishing scams and a variety of other topics. A one-time employee training is not enough. A good training program will provide ongoing education and ensure that employees are integrating the knowledge into their work practices.


Resources to help with cybersecurity

So, who is best suited to take care of building a comprehensive cybersecurity plan that covers all three elements? Several options exist.


A managed service provider (MSP)

Many small businesses are already contracting with an MSP for other elements of IT support, such as network setup, hardware purchasing and configuration, help desk, and printers. MSPs can be a natural fit for cybersecurity, as you already have a business relationship with them and they are familiar with your network and systems. MSPs vary in the services they provide when it comes to cybersecurity, but most will offer a robust program that covers all three bases (assessment, remediation and training), with access to a variety of products and services to bolster protection.


A systems integrator or security system provider

Your company may have a facility security system that's been installed by a systems integrator – and some of these systems integrators are beginning to pay attention to other forms of security too, with newer offerings in cybersecurity. Although the physical security world is just beginning to converge with cybersecurity, systems integrators that are involved typically have strong offerings, and it may make sense to sign on, particularly if you are already using them for other security measures.


Small business cyber security strategy

What are the risk factors to your business? Are you using outdated software with a known vulnerability? Do your employees use weak passwords? How susceptible are your employees to responding to phishing scams? Assessing your cybersecurity posture requires a number of tools, and sometimes real-time interactions, to determine a company's potential vulnerabilities and recommend areas to improve.


A cybersecurity consultant

Cybersecurity consultants or consulting firms typically provide a variety of services around assessments, audits and testing. Generally, they are well versed in compliance with specific industry rules and standards, such as HIPAA, PCI, GDPR, and Sarbanes-Oxley. If you work in an industry with specific standards for compliance, it will be useful to work with a cybersecurity consultant to ensure that your approach meets with the strict standards of your industry. Some consultants will work with groups like MSPs and systems integrators to offer comprehensive protection, while others may directly provide a full suite of cybersecurity products, services and support.


DIY

You may have the ability to install antivirus software, perhaps even add a firewall, then ask your employees to be cautious while using strong passwords. But if you try to tackle your company's cybersecurity alone, it's a lot easier to overlook potential risks and not have the time or budget to maintain ongoing efforts. By not taking every step to mitigate those risks now, you may be ultimately be leaving your business open for potential breaches down the line. There are several types of resources that can provide you with the cybersecurity support you need. However, you must take the time to understand their processes and make sure that they provide a clear path for you to understand your risks, mitigate them and help you build a secure business environment. By finding the right match, you'll go a long way toward protecting your company.



Security Architecture

Cyber threat assessment

• Identify assets-identify the valuable assets that your systems must protect
• Create an architecture overview. Use simple diagrams and tables to document the architecture of your application, including subsystems,trust boundaries, and data flow
• Decompose the application: Decompose the architecture of your application,including the underlying network and host infrastructure design, to create a security profile for the application.The aim of the security profile is to uncover vulnerabilities in the design,implementation, or deployment configuration of your application.
• Identify the threats: keeping the goals of an attacker in mind, and with knowledge of the architecture and potential vulnerabilities of your application,identify the threats that could affect the application.
• Document the threats: Document each threat using a common threat template that defines a core set of attributes to capture for each threat.
• Rate the threats:Rate the threats to prioritize and address the most significant threats first. These threats present the biggest risk. The rating process weighs the probability of the threat against damage that could result should an attack occur.It might turn out that certain threats do not warrant any action when you compare the risk posed by the threat with the resulting mitigation costs.


Enterprise cybersecurity architecture design and definition

To understand the difference between enterprise security architecture and enterprise security infrastructure, the word "architecture" is important. Enterprise security architecture represents a cohesive design that helps the different pieces of a security infrastructure work well together.

If a business has the right tools and resources but uses them incorrectly, it most likely does not get the intended results. For example, one part of its IT infrastructure may be less secure than the other because of the inconsistent use of the security tools.

With that in mind, enterprise security architecture relies on various concepts for its implementation. These include security domains, trust levels and tiered networks, planning tools that look at the different areas or parts of the business processes, and security systems. Security engineers work from these principles to provide an enterprise security architecture that works, which makes sure that the resources of a business are working and performing well in the field to support a comprehensive security.


Supply chain security architecture and implementation

Supply-chain security refers to efforts to enhance the security of the supply chain, the transport and logistics system for the world's cargo. It combines traditional practices of supply-chain management with the security requirements driven by threats such as terrorism, piracy, and theft.


Cloud and mobility security architecture

The Cloud Security Architect will serve as the central point of contact for Enterprise Security for other Technology teams within the organization for all matters related to cloud security reporting into Security Program Director. ... Design and develop security architectures for cloud and cloud/hybrid based systems.


SCADA security

SCADA security is the practice of protecting supervisory control and data acquisition (SCADA) networks, a common framework of control systems used in industrial operations. ... SCADA is one of the most common types of industrial control systems (ICS).


Internet of Things Security (IoT)

IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).... Each "thing" is provided a unique identifier and the ability to automatically transfer data over a network.



Active Defence Services

Network and host compromise assessment.

A Mandiant Compromise Assessment combines our extensive experience responding to intrusions carried out by advanced threat actors, industry-leading threat intelligence and FireEye technology to: identify your ongoing or past intrusions, assess risk by identifying weaknesses in your security architecture, vulnerabilities, improper usage or policy violations and system security misconfigurations, and increase your ability to respond effectively to future incidents.


Honeypots, custom baits and sinkholes.

In computer terminology, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. Generally, a honeypot consists of data (for example, in a network site) that appears to be a legitimate part of the site, but is actually isolated and monitored, and that seems to contain information or a resource of value to attackers, who are then blocked. This is similar to police sting operations, colloquially known as "baiting" a suspect.[1]


Malware analysis.

Malware analysis is the process of learning how malware functions and any potential repercussions of a given malware. Malware code can differ radically, and it's essential to know that malware can have many functionalities.



Cyber Response Team

Remote triage

Cyber Triage is cybersecurity software that enables IT and information security incident responders to quickly collect, analyze, and act.


Analysis and response

Students will demonstrate an understanding of background and concepts for cyber incident management, as well as an overview of the cyber incident management process.

Topics include the types of cyber incidents, common forms of malware and attacks, an outline of the cyber incident management process, and common standards for cyber incident management.

Students will demonstrate an understanding of the preparation phase of cyber security incident management.

Topics include cyber incident management policies; services and procedures; the organizational structure, roles, and personnel; and cyber incident management training and awareness programs.

Students will demonstrate an understanding of reactive cyber incident management activities. Some of these activities include monitoring, log management, detection, cyber incident triage, event scope and characteristics, incident investigation, impact and escalation, and cyber incident management software and services.

Students will demonstrate an understanding of protecting and restoring systems that have been compromised by cyber security incidents including incident containment, identification, eradication, and recovery. The mitigation of specific common types of cyber incidents is also covered.

Students will demonstrate an understanding of cyber incident proactive and post services, legal issues, and human resource issues.

Some topics include attack categories, outcome discussions, vulnerability analysis, evidence and digital forensics, chain of custody, as well as training and skills for Computer Security Incident Response Team members.


Cyber and financial forensics

As criminal and commercial threats to organisational integrity proliferate, preventative action and effective, measured responses become critical.

Fraud, corporate crime, commercial disputes, litigation, and growing data security and regulatory requirements can imperil your organisation's integrity and reputation, undermine confidence, and attract regulatory intervention as well as negative media attention.

Accounting manipulations, Corrupt practices, Cash embezzlements, Frauds in a computerised environment, Financial leakages


Post-incident support

The uncomfortable truth is that you may not know it when you see it, because the latest attacker tools and techniques are increasingly stealthy, and can often hide in plain sight. The trick is to view your network and operations from the perspective of an attacker, looking for key indicators and areas of exposure before they're exploited. And it all comes down to how artfully you can do incident triage.



Threat Intelligence

Curated feeds

The discipline of cyber threat intelligence focuses on providing actionable information on adversaries. This information is becoming increasingly important to enterprise cyber defense. This importance has resulted in investment and creation of many new/innovative sources of information on threat actors. This brings challenges of its own. How do you know which source to turn to for what reason? And at an even higher level, how do you know which sources to even consider?


Focused signatures

Hacking tactics have shifted toward more active exploitation of application vulnerabilities for the purpose of compromising hosts. To meet this challenge, GCID Technology added a new defense: exploit-focused signatures. Exploit-focused signatures are static (unchanging) pattern matching signatures that identify well-known exploit code as they cross the wire.
At GCID we will be using Cerbero Tool to work on these types of signatures APK, APNG, AXML, BMP, BZ2, CHM, CLASS, DEX, DIB, DLL, DOC, DOCX, ELF, EOT, EXE, GIF, GZIP, JAR, JPEG, JSE, LNK, LZMA, MACH-O, MSI, O, OCX, ODT, OTF, PDB, PDF, PFB, PNG, PPS, PPT, PPTX, PRX, PUFF, RAW, RTF, SO, SQLITE3, SWF, SYS, T1, T2, TIFF, TTC, TTF, VBE, WOFF, XDP, XLS, XLSX, XML, ZIP


Seamless integration

The logistics of integrating two or more businesses and closing potential risk gaps can be staggering. It's essential that high-level security issues such as cyber protection and data privacy are included in the due diligence process.



Home Land Security

Risk Assurance Services

Risk assurance is often associated with accounting practices and is a growing industry. ... Auditors that work in the risk assurance department are more focused on auditing information technology general controls (ITGCs) and completing a system and organization control (SOC 1) reports.


Critical Infrastructure Management

Globally, we live in a digital landscape full of cyber threats and vulnerabilities. ... These "sectors" are areas in which both public and private organizations provide vital "assets, services, systems, and networks"


Risk Management & Mitigation

Risk management is the identification, evaluation, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities


Smart City Solutions

Cities continuously evolve. First comes the stage of construction and development, followed by the introduction of facilities that enrich people's lives. Then growth decelerates and new challenges arise, requiring cities to redefine themselves and undergo a continuous cycle of renewal and redevelopment.
At GCID, we help cities flexibly respond to challenges that arise during each stage of development. Our Smart City solutions are designed to enable high-quality urban living over many generations while contributing to a comfortable, eco-friendly environment.
With GCID's latest technologies in meter data management, energy storage, electric vehicle charging as well as energy management systems, GCID continues to push the limits of smart grids. What will GCID smart energy concepts and solutions mean to you?
Rather than pursue rigid solutions optimized to meet projected needs only, we offer flexible infrastructure solutions designed to keep developers and residents ahead of the curve by evolving in response to the ever-changing needs of cities.


City Surveillance

Surveillance Solutions for Cities of the Future. City surveillance is important for ensuring the safety and security of citizens, and deterring crime. By choosing an integrated, digital surveillance system, city officials can see what is happening across their entire city, from a central control room. The four domains of Emotional Intelligence — self-awareness, self-management, social awareness, and relationship management — each can help a leader face any crisis with lower levels of stress, less emotional reactivity and fewer unintended consequences.


Disaster Management/Crises Management

The direct or indirect impact of the disasters has always been deadly, destructive and damaging. They cause loss of life to the humans as well as livestock. Disaster management. Disaster management is the management of resources and responsibilities in order to lessen the impact of disasters.


Airport Security/Seaport Security & Solutions

Airport security refers to the techniques and methods used in an attempt to protect passengers, staff, aircraft, and airport property from accidental/malicious harm, crime, and other threats. Aviation security is a combination of human and material resources to safeguard civil aviation against unlawful interference Port security refers to the defense, law and treaty enforcement, and counterterrorism activities that fall within the port and maritime domain. It includes the protection of the seaports themselves, the protection and inspection of the cargo moving through the ports, and maritime security.


Intelligent Analysis ( Covert/Overt)

Intelligence analysis is the application of individual and collective cognitive methods to weigh data and test hypotheses within a secret socio-cultural context. overt" is simply BLATANT and "out in the open" - where "covert" is HIDDEN and done discreetly or secretly.



Cyber Crime Consultancy

Digital Forensics

Digital forensics (sometimes known as digital forensic science) is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime.


Cyber Crime

Cybercrime, or computer-oriented crime, is a crime that involves a computer and a network.[1] The computer may have been used in the commission of a crime, or it may be the target.[2] Cybercrimes can be defined as: "Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm, or loss, to the victim directly or indirectly, using modern telecommunication networks such as Internet (networks including chat rooms, emails, notice boards and groups) and mobile phones (Bluetooth/SMS/MMS)".[3] Cybercrime may threaten a person or a nation's security and financial health.[4] Issues surrounding these types of crimes have become high-profile, particularly those surrounding hacking, copyright infringement, unwarranted mass-surveillance.


Cyber Gate Keeper solutions for Women & Child Protection

GateKeeper enhances employee compliance and cyber security through automated authentication. Through wireless authentication, GateKeeper protects networks from internal breaches and confidential data exposure with patented, proximity-based authentication solutions that include two-factor authentication, centralized password management, and comprehensive auditing; reducing support time and costs while enhancing security and compliance.


Cyber Thereat Analysis

With the right combination of multi-dimensional analysis capabilities and advanced analytics, you can turn your defensive cyber strategy into a proactive one - and counter and mitigate more threats.