SERVICES

h

IT GOVERNANCE AND COMPLIANCE

Learn More

EDUCATION AND TRAINING

Learn More
U

VULNERABILITY ASSESSMENT & PENETRATION TEST

Learn More

SOC

Learn More

SECUCITY INTELLIGENCE

Learn More

OTHER BUSINESS SECURITY SERVICES

Learn More

We have a broad service portfolio for the security of your company

IT GOVERNANCE AND COMPLIANCE

ISO/IEC 27001 is an international standard which describes and gives specific requirements for an Information Security Management System

Implementing an ISMS helps a company in the reduction of technology-based risks and revenue losses, while improving the image of your business.

ISO 27001:2013 GAP ANALYSIS
Gap analysis and compliance assessment with respect to the ISO/IEC 27001:2013 standard.

  • ISO 27001: requirement identification
  • Gap analysis report
  • Team manager interview
  • Remediation plan including compliance timeline
SECURITY IT ASSESSMENT
Security IT Assessment with a focus on the main operative business processes

  • Team manager interview
  • Main business asset identification; valorization in terms of priority and critical impacts.
  • Network vulnerability assessment

EDUCATION AND TRAINING

CYBERSECURITY AND DATA PROTECTION 1
In an increasingly digitized world, our course
addresses the crucial significance of cybersecurity
and data protection. It encompasses a wide range
of topics, from the fundamentals of cybersecurity
to the intelligent and secure use of social networks.
By providing the skills necessary to effectively
protect networks and information in this
ever-evolving environment, we empower you to
navigate the digital landscape with confidence.

Course Highlights:

Foundations of Cybersecurity: Master the basics to secure your digital realm.
Smart Social Media Practices: Explore strategies for safe and responsible social networking.

CYBERSECURITY AND DATA PROTECTION 2
Building upon the foundation laid by our previous
course, this program offers advanced skills for implementing effective corporate security measures. It explores topics such as organizational security, prevention tools, business continuity, data protection, and GDPR compliance.

Course Highlights:

Advanced Prevention Tools: Explore
cutting-edge tools for threat prevention.
Business Continuity & Data Protection: Learn how to ensure seamless operations and safeguard data, including GDPR compliance.

CYBERSECURITY BASED ON AI
Explore AI’s impact on cybersecurity and gain
insights into traditional machine learning, neural networks, deep learning, and AI defense strategies. Discover the evolving landscapes of IoT, Cyber-Physical Systems (CPS), and Cyber Biosecurity.

Course Highlights:

AI-Enhanced Security: Learn how AI strengthens cybersecurity.
Future Horizons: Delve into IoT, CPS, and Cyber Biosecurity.

VULNERABILITY ASSESSMENT & PENETRATION TEST

A system test such as a vulnerability assessment is one of the required activities that has to be performed in order to test the system reliability for the GDPR compliance

The identification of the asset at risk is a fundamental task: it has to be performed regularly in order to discover system vulnerabilities before someone (malicious) else does

VULNERABILITY ASSESSMENT (VA)
  • Information gathering
  • Perimeter and critical assets detection
  • Scanning and enumeration
  • Report including a list of vulnerabilities that need to be fixed
PENETRATION TEST (PT)
  • Vulnerability assessment
  • Exploitation of the discovered vulnerabilities
  • Penetration test report

SECURITY INTELLIGENCE

Intelligence services are designed for collect multiple data from different sources cross-correlating the gathered raw data and converting this information into actionable insight (e.g. for decision making)

Security Intelligence represents an approach which involves advanced tools and techniques for supporting an organization in their security strategy

Cyber Threat Intelligence
  • Early warning
  • Data breach prevention
  • Pre-planned attack defence
  • Hacktivism protection
  • Cyber-defense
Open Source INTelligence (OSINT)
  • Voice and video analytics
  • Sensor and interception technologies
  • Big data analysis

SOC – SECURITY OPERATION CENTER

A Security Operation Center represents a centralised unit where the information can be monitored and analysed

ACTIVITIES

Log management
Logs are collected and stored centrally inside your perimeter or directly at our SOC Data Center (depending on the bandwidth availability)
SIEM (Security Information & Event Management) platforms
This service focused in the SIEM tool development as a tool, which analyses the acquired logs against a set of correlation rules creating events to be analysed by security analyst
Security device managing (SDM)
This service includes IDS / IPS management both at the network level and at the host level, providing periodic reports on any suspected activity (failed intrusion, malicious hacking attempts) through supervised actions based on routing rules and policies.
Alert and event monitoring
This service helps in the prompt identification and correlation of security anomalies theough real time detection of errors and alerts from multiple and heterogeneous sources
Threat prevention
Prevention and prediction of cyber security events by real time analysis and manipulation (normalisation, aggregation and correlation) of network traffic

OTHER BUSINESS SECURITY SERVICES

SECURITY DEVICE POLICY REVIEW
Ensuring that firewall rules and configuration meet security best practices is a fundamental activity for the information protection. This activity may require a continuous and significant effort in the policy management
INCIDENT PREVENTION
This service relies on the management and optimization of the patching processes in order to reduce losses on the corporate assets. It includes a risk assessment which correlates the information to its vulnerabilities incident and to the likelihoods showing priority for critical assets reporting the potential business impact
SECURITY POSTURE REVIEW
Assessment of the current status of your organization at multiple level (network, systems and applicative). The service includes a preliminary phase of gap analysis with respect to reference standards and to the main industry best practices, followed by a risk assessment and by technical activities of monitoring and vulnerabilities discovering
BUSINESS IMPACT ANALYSIS
Identifying the prior resources and services to ensure continuous delivery and quick recovery following a disruption is an important task. Each service that is critical to ongoing business operations is assessed and planned in detail identifying possible threats and dangers as well as impact and like- hood parameters in order to perform a risk analysis of suitable entity with respect to the considered enterprise size).

Contact Form

Sigma Consulting Srl processes the data you provide in compliance with the 2016/679 EU Regulation and what is stated in the Privacy policy. Choose how you want your data to be handled:

Office

Via Adriano Olivetti, 24/26

00131 Roma RM

Hours

M-F: 9am – 5pm
S-S: Closed

Call us

(+39) 06 8772 5591