Don’t just respond to security vulnerabilities and attacks - prevent them. Mirai will help identify where your organization is at risk and work with the business and stakeholders to find solutions and remediate. Leveraging Mirai’s community of information security advisors will help reduce risk and enable your business.
Security Governance, Risk Management
> Development and assessment of security governance and related practices;
> Assistance with compliance to regulations & standards, such as GDPR, PCI DSS, SOX, NERC CIP & NIST CSF;
> Development of security policies & related standards, guidelines, procedures, patterns;
> Creation of frameworks to protect your organization & address regulatory requirements.
Enterprise Security Architecture and Strategy
> Enterprise security architecture development and implementation;
> Alignment of business strategy & information security;
> Security strategy development aligned with the enterprise security architecture & ISO/IEC 27001:2013;
> Guidance on strategic security management.
Security Posture Assessment
> Bespoke assessments addressing your unique architectural issues, risk exposures and control gaps within the enterprise IT environment;
> Identification of risks and actionable recommendations on risk reduction and management;
> Baselining and rapid assessment of an organization’s ability to prevent, detect and manage security threats.
> Improvement of your ability to identify, process, and comprehend the critical elements of information about what is happening to the organization;
> Increase in understanding of the environment critical to decision making, and reduction of likelihood & impact of breaches.
> Development and streamlining of processes to responded to and manage incidents consistently over time;
> Reduction in time to detect by leveraging automation;
> Increase in signal to noise ration by using intelligence-driven threat management technologies such as SIEM.
Security Risk Assessment
> Identification of threats to assets, helping reduce risk and negative impact to business:
> Assessment involving processes such as threat modeling, vulnerability scanning, & penetration testing;
> Delivery of prioritize business risks, as well as areas for adding or strengthening controls.
> Analysis of application architectures and designs (traditional, SOA, API/microservices);
> Creation of security architecture patterns and designs to aid with consistent implementation across different systems requiring the same type of controls;
> Secure SDLC roll-out including analysis of existing system development processes and integration of security tools.
> Evaluation of cloud system architectures & designs (AWS, GCP, Azure);
> Development of security architecture patterns and designs to aid with consistent implementation across different systems requiring the same type of controls;
> Assistance with development of a cloud security framework including review of existing security standards, and adding cloud as a new environment.
> Development & roll out of security training across the organization;
> Coaching of staff in different functional areas within the organization;
> Reduction of the human factor in security by increasing awareness;
> Employee training to ensure consistent implementation of security controls.