SERVICES

CLOUD SECURITY

Providing support during digital transformation in moving some or all operations to the cloud so that operations are secure, scalable, aligned with business drivers, and compliant with regulations.

Learn More →

APPLICATION SECURITY

For evaluating cyber security when building/changing an application (or integrating a third-party one) and identifying security risks with the design process, architecture, and operation.

Learn More →

CYBER SECURITY DEPARTMENT SERVICE

Providing companies with a cost-effective virtual cyber security department that is integral to their long-term success when they do not have access to security professionals at an affordable price.

Learn More →

SECURITY OPERATIONS

Actively managing cyber security operations within the organization and minimizing the risk of financial and reputational damages resulting from a potential security breach.

Learn More →

GRC

Providing governance, risk management, and compliance (GRC) services to prevent fines, reduced revenue, and loss of customers from not complying with industry standards and regulations.

Learn More →

NOT SURE?

Not sure how cyber security fits into your business? Don’t know the benefits cyber security provides? Mirai Security offers a range of services to secure and enable your business.

Contact Us →

INDUSTRIES

 
Screen Shot 2019-07-23 at 11.09.21 AM.png

SERVICES


002-product.png

cloud security

When Cloud Security is needed: The client is planning, or is engaged in, a digital transformation including transitioning to the cloud and wants to ensure their operations are secure, scalable, aligned with business objectives, and compliant with regulations.

How Mirai Helps: We review and align the customer’s cyber security goals with the appropriate cloud security strategy, cloud architecture, and security controls, while identifying and mitigating potential cyber security risks involved with the transition to the cloud.

Cloud Security Services Include:

  • Assessing cloud infrastructure security and cloud data security to identify vulnerabilities and deficiencies that could lead to a security breach

  • Reviewing AWS or Azure configuration to ensure correct implementation of security controls, cloud architecture, and management practices

  • Using Security Orchestration Automation and Response to improve security capabilities within the Cloud

  • Implementing cyber security controls required to maintain compliance with privacy legislation and data security standards in the cloud

  • Creating an incident response plan to detect and contain cyber security incidents, eradicate cyber threats, and recover affected business processes

  • Designing a secure cloud architecture and cloud infrastructure and testing them against cyber security best practice

  • Integrating cloud into existing security operations when moving to the cloud


cyber security department as a service

When a Cyber Security Department as a Service is Needed: The client does not have the resources or access to talent needed to comprise a competent security department, but requires one to protect and enable their business as well as align processes with compliance requirements to achieve their business goals.

How Mirai Helps: We will implement an Information Security Management System (ISMS) which will serve as a centralized source of truth for all security governance and compliance controls. This will enable continuous identification of control gaps, ongoing tracking of remediation projects, and management of a compliance road map.

Benefits of a Cyber Security Department as a Service:

  • Shortened sales cycle due to the client being able to quickly respond to cyber security questions received from prospects

  • Attracting new customers with privacy and security compliance requirements

  • Ability to focus on growing the core business of the company knowing cyber security will be taken care of

  • Significantly reduce the risk of suffering financial and reputational damages resulting from cyber attacks

  • Reduce the risk of business operations being disrupted due to cyber attacks

  • Support compliance with legal, statutory, regulatory, and contractual obligations related to cyber security

  • Reduce the time and costs involved with implementing, maintaining, and reporting on industry and government standards

  • Improve the return on investments in the cyber security function of the organization


003-list-pink_transparent.png

governance, risk management & compliance (grc)

When GRC is Needed: The client needs to achieve and maintain compliance with applicable legislation, industry regulations, and security standards to increase revenue from enterprises with compliance requirements, shorten their sales cycle, and avoid potential fines.

How Mirai Helps: We identify cyber security risks by reviewing how an organisation's IT security controls measure against privacy legislation and data security standards, then guide the remediation efforts of the organization so they can achieve and maintain compliance.

GRC Services Include:

  • Compliance readiness programs for:

    • PCI compliance: required for all organizations accepting credit card payment

    • HIPAA compliance: provides data privacy and security provisions for safeguarding medical information, allowing companies to operate in the US healthcare industry

    • GDPR compliance: required for Canadian and USA companies if they offer products and services to EU or EEA citizens or transfer their personal data outside the EU or EEA

    • SOC2 / ISO2700x compliance: security standard for information security management systems to minimize cyber security risks

    • PIPEDA compliance: enables businesses to offer goods and services to customers or partners in Canada without facing legal fines for not complying

    • SOX compliance: Prevents fines, jail time, and removal from stock exchanges by implementing the correct security controls to ensure financial data is accurate and protected against loss

  • NIST CSF assessment gives confidence to financial investors regarding the security health of a company

  • Ensuring cloud environment meets compliance requirements as a business undergoes digital transformation and transitions from traditional IT infrastructure to the cloud

  • Generating security policies


002-applications-pink-transparent.png

application security

When Application Security is Needed: The client is building/changing an application (or integrating a third-party application) and wants assurance that the application will operate securely.

How Mirai Helps: We identify cyber security risks with the application design process, architecture, and operations while identifying, prioritizing, and remediating application security vulnerabilities.

Application Security Services Include:

  • Application security assessment and/or penetration tests: identifies vulnerabilities, documents how they can be exploited, and recommends activities to correct them

  • Integrate security controls into the Software Development Life Cycle (SDLC): minimizes long term cyber security risk with an application

  • DevSecOps Consulting: provides guidance to an organization that seeks to build a DevSecOps process and capabilities into the application development process to minimize financial and reputational risk while ensuring compliance

  • Web application penetration testing

  • Mobile application penetration testing

  • Ensure communication processes between the application and other on-premises or cloud-based systems is secure

  • OWASP based application security

  • Code review

  • Threat modeling


005-execution-pink_transparent.png

cyber security operations

When Cyber Security Operations are Needed: The client needs to maintain security and operational integrity of their data processing environments. Cyber Security Operations include ongoing processes designed to support normal IT and business operations and identify and address any cyber security concerns before they negatively impact the business.

How Mirai Helps: We work together with the client to define and establish logging, monitoring, alerting, incident response, business continuity, and disaster recovery processes, alongside other proactive cyber security initiatives suited to the business.

Cyber Security Operations Services Include:

  • Implementation and configuration of SIEM (Security Information and Event Management) systems to aggregate and correlate logs of security events

  • Development of incident response plans to detect, prevent, and contain security breaches, eradicate associated cyber threats, and restore affected business processes

  • Manage the identification, tracking, and remediation of security vulnerabilities within the corporate environment

  • Cyber security consulting and strategy: general cyber security consulting and guidance on the necessary security initiatives to enable and protect the organization, as well as how to implement them

  • Security awareness training (one time or as a service) to cover everything employees need to know about keeping their company’s data and devices safe

    • Phishing simulations

    • Red team/blue team exercises

  • Cyber defense 

  • Threat hunting 

  • Network security architecture review

Mirai-BG.jpg

Industries


001-heart_transparent.png

Healthcare

 

The Healthcare Industry and their supply chain are under increasing legal and political scrutiny to protect the privacy of Personal Health Information (PHI), ensure they have adequate healthcare security, and maintain the availability of healthcare services. Cyber attacks are being targeted towards the healthcare industry for financial gain through the theft of PHI, ransomware, and extortion schemes. The complexities of the healthcare industry’s IT environments, distributed datastores, and the need to continue to support legacy technologies have created a unique set of risk management and privacy challenges within the industry.

Mirai Security acts as healthcare security consultants, specializing in managing risk and privacy requirements within the healthcare industry, to keep data secure and prevent security breaches. We advise on issues ranging from assessing and quantifying risk, compliance, privacy impacts, and cyber security operations maturity. If your business is in, or sells to, the healthcare industry, contact us.


004-hand_Transparent.png

finance & insurance

 

Banking, insurance, and investment institutions have long been a target for cyber criminals looking to steal financial and Personal Identifiable Information (PII). Many aspects of these industries are becoming more online-based and undergoing digital transformation, and such there must be a secure implementation of online systems to ensure people’s personal information is protected. With the drastic shifts occurring in technology and the increasing demand for businesses to adopt new technologies, companies in these industries are having difficulties trying to connect their legacy back-end systems with the modern user interfaces their customers expect. Many aspects of these industries are becoming more online-based, and such there must be a secure implementation of online systems to ensure people’s personal information is protected.

From moving to the cloud, to preventing cyber attacks on these high-value targets, to enabling businesses to leverage their technology to adequately meet the demands of their customers, Mirai Security experts will be the ones to execute. If your business is in, or sells to, the finance or insurance industries, contact us.


003-pick-and-shovel_transparent.png

mining & manufacturing

 

Machinery and technology in the mining and manufacturing industries are typically designed to last many years and, as a result, legacy systems are still in use today. The case for many of these businesses is the equipment they are using was designed and created before the internet was, meaning that cyber security was not yet a concern. A business operating in these industries could incur significant revenue loss if there was an interruption in their production process, which is exactly what is happening as a result of the typically outdated equipment currently in use.

Mirai implements security for manufacturing and mining operations by assessing, evaluating, and mitigating the risks of systems failing due to unexpected inputs so that businesses can continue with their normal operations. If your business is in, or sells to, the mining or manufacturing industries, contact us.


002-product_transparent.png

logistics

 

The logistics industry is highly distributed, meaning there are many systems operating in different locations. Each moving part of a logistics operation could potentially have their own, isolated system, making these hard to manage. The logistics industry has also not previously been technologically enabled and, as a result, businesses in the industry are struggling with cyber security and digital transformation. Insecure legacy systems are still in operation, increasing the security risks to businesses.

Mirai Security mitigates the security risks and manages the limitations to the business that are associated with these highly distributed systems and facilitates digital transformation for businesses in a secure manner. If your business is in, or sells to, the logistics industry, contact us.


006-laptop_Transparent.png

technology

 

Technology is a highly competitive market and having substantial cyber security in place provides companies in the industry with a competitive advantage. Cyber security is becoming an increasingly important consideration for people buying from, selling to, or working with a company, meaning all else being equal, the company who has better cyber security is the one who will get the business. Mirai Security helps enable sales for companies by implementing the necessary security to give customers and partners confidence that their information and data will be secured and protected.

Looking at the internal operations of technology companies, different cyber security issues arise. Constantly advancing technologies are being implemented and used by employees but can be inhibiting to the business. Shadow IT - employees taking IT into their own hands - often means that companies do not have full visibility into where their data is being stored, therefore increasing the security risk to the organization. Mirai establishes effective governance and risk mitigation strategies that allow employees to be empowered and efficiently do their jobs using modern technology while ensuring corporate interests are still protected. If your business is in, or sells to, the technology industry, contact us.


005-market_Transparent.png

retail & hospitality

 

Sensitive information is collected in many industries, but especially in retail and hospitality; credit cards are used in retail locations, personal information is given when ordering online, and hotels hold passport and family data. These industries store shopping habits, online order history, which items were ordered to a hotel room - all personal information that must be secured. These industries are also heavily based on customer service, but this means that cyber security may become less important in the eyes of employees whose main goal is to please their customers.

Websites need to have application security assessments conducted to determine whether they are vulnerable to cyber attacks and then have security controls put in place. Hotels need to strike a balance between having adequate security controls and having security impede on customer service, manage their highly distributed systems, and protect people’s sensitive personal data. As for both industries, any time credit card payment is accepted the business must be PCI compliant, further working to provide the business and their customers with security. Mirai executes on the aforementioned tasks while setting up security programs, providing risk management, and establishing governance to provide hospitality and retail cyber security to keep these businesses operating securely. If your business is in, or sells to, the retail or hospitality industries, contact us.