SERVICES
Advanced Cyber Security solutions from CyberSIGMA and its partners
We have a broad service portfolio for the security of your company

IT GOVERNANCE AND COMPLIANCE
ISO/IEC 27001 is an international standard which describes and gives specific requirements for an Information Security Management System
Implementing an ISMS helps a company in the reduction of technology-based risks and revenue losses, while improving the image of your business.
ISO 27001:2013 GAP ANALYSIS
Gap analysis and compliance assessment with respect to the ISO/IEC 27001:2013 standard.
- ISO 27001: requirement identification
- Gap analysis report
- Team manager interview
- Remediation plan including compliance timeline
SECURITY IT ASSESSMENT
Security IT Assessment with a focus on the main operative business processes
- Team manager interview
- Main business asset identification; valorization in terms of priority and critical impacts.
- Network vulnerability assessment


GDPR SERVICES
The General Data Protection Regulation, GDPR, (Reg. UE 2016/679) is enforceable from 25th May 2018
If your business collects and process information about EU Data Subjects (such as customers) you need to evaluate how to address these requirements according to this regulation
GDPR ASSESSMENT & REMEDIATION PLAN
- Detection and analysis of the processing activities
- Gap Analysis: assessment of the current level of compliance
- Remediation plan timeline to complete post-assessment activities
- Records of processing activities
GDPR ADVANCED IMPLEMENTATION
- Impact assessments in order to evaluate and mitigate the risks
- Personal data protection: implementation of the remediation plan and security implementation process
- Data Protection Impact Assessment (DPIA)
DPO AS A SERVICE
The DPO (Data Protection Officer) is a figure that deals with the continuous verification of the GDPR requirements. Our professionals are available for the outsourced DPO service
GDPR TRAINING COURSE (4 hours)
- The protection of personal data
- Introduction to the new EU Regulation 679/16: definitions, news and obligations
- The key aspects of a process of adaptations: census of treatments, consensus management, company website, data transfer, appointment of the controller, DPIA, treatment register
- The importance of security measures and continuous review of processes that process personal data
EDUCATION AND TRAINING
The most of data breaches are due to negligent and off-hand behaviour by employers/employees. This human factor can be reduced by means of suitable trainings improving also awareness and confidence
All courses have these options:
- Possibility to take the course online
- On-demand customized courses
At the end of the course training materials will be provided
CYBERSECURITY AND DATA PROTECTION: AWARENESS
BASIC TRAINING TO GAIN AWARENESS AND INFORM ALL ORGANIZATION EMPLOYEES
- The course includes
- Cybersecurity
- Threats & Countermeasures
- GDPR fundamentals as well as best practice for the IT resource use
- 8 hours
CYBERSECURITY AND DATA PROTECTION: MANAGEMENT
TRAINING TARGETED TO ALL ORGANIZATION MANAGEMENT
- The course includes
- Cybersecurity
- Threats & Countermeasures
- GDPR fundamentals as well as IT governance guidelines
- 4 hours


VULNERABILITY ASSESSMENT & PENETRATION TEST
A system test such as a vulnerability assessment is one of the required activities that has to be performed in order to test the system reliability for the GDPR compliance
The identification of the asset at risk is a fundamental task: it has to be performed regularly in order to discover system vulnerabilities before someone (malicious) else does
VULNERABILITY ASSESSMENT (VA)
- Information gathering
- Perimeter and critical assets detection
- Scanning and enumeration
- Report including a list of vulnerabilities that need to be fixed
PENETRATION TEST (PT)
- Vulnerability assessment
- Exploitation of the discovered vulnerabilities
- Penetration test report
SECURITY INTELLIGENCE
Intelligence services are designed for collect multiple data from different sources cross-correlating the gathered raw data and converting this information into actionable insight (e.g. for decision making)
Security Intelligence represents an approach which involves advanced tools and techniques for supporting an organization in their security strategy
Cyber Threat Intelligence
- Early warning
- Data breach prevention
- Pre-planned attack defence
- Hacktivism protection
- Cyber-defense
Open Source INTelligence (OSINT)
- Voice and video analytics
- Sensor and interception technologies
- Big data analysis


SOC – SECURITY OPERATION CENTER
A Security Operation Center represents a centralised unit where the information can be monitored and analysed
ACTIVITIES
Log management
Logs are collected and stored centrally inside your perimeter or directly at our SOC Data Center (depending on the bandwidth availability)
SIEM (Security Information & Event Management) platforms
This service focused in the SIEM tool development as a tool, which analyses the acquired logs against a set of correlation rules creating events to be analysed by security analyst
Security device managing (SDM)
Alert and event monitoring
This service helps in the prompt identification and correlation of security anomalies theough real time detection of errors and alerts from multiple and heterogeneous sources
Threat prevention
Prevention and prediction of cyber security events by real time analysis and manipulation (normalisation, aggregation and correlation) of network traffic

OTHER BUSINESS SECURITY SERVICES
SECURITY DEVICE POLICY REVIEW
Ensuring that firewall rules and configuration meet security best practices is a fundamental activity for the information protection. This activity may require a continuous and significant effort in the policy management
INCIDENT PREVENTION
This service relies on the management and optimization of the patching processes in order to reduce losses on the corporate assets. It includes a risk assessment which correlates the information to its vulnerabilities incident and to the likelihoods showing priority for critical assets reporting the potential business impact
SECURITY POSTURE REVIEW
Assessment of the current status of your organization at multiple level (network, systems and applicative). The service includes a preliminary phase of gap analysis with respect to reference standards and to the main industry best practices, followed by a risk assessment and by technical activities of monitoring and vulnerabilities discovering
BUSINESS IMPACT ANALYSIS
Identifying the prior resources and services to ensure continuous delivery and quick recovery following a disruption is an important task. Each service that is critical to ongoing business operations is assessed and planned in detail identifying possible threats and dangers as well as impact and like- hood parameters in order to perform a risk analysis of suitable entity with respect to the considered enterprise size).
Contact us for more information about our services or to receiving a quote!
Office
Via Adriano Olivetti, 24/26
00131 Roma RM
Hours
M-F: 9am – 5pm
S-S: Closed
Call us
(+39) 06 8772 5590