Free Services
These services support creating the space that enables sharing of personal sensitive [TLP:RED] knowledge.
1. General Advisory & Notification Updates via Email.
2. General Weekly Friday “Caffe Corretto” – All Members (Chatham House Rules).
3. Ad-hoc Expert Webinars.
4. General Joint-Defence Exercise VAUBAN (virtual before the summer & face-to-face at the MCE Annual Conference).
5. General Weekly Update Email.
6. Research Interview / Survey Participation
Commercial Services
1. Creating Intelligence
1.1 (Joint) Risk Register / Management: We assume responsibility for professionally managing and governing all aspects of the cyber risk register / process of your organisation aligned with the requirements of the NIS2 Directive. This includes joint-reviews with peers.
1.2 (Joint) Benchmarking Cyber Solutions (Defence in Depth): We gather the Defence in Depth solutions of your organisation, assess them against best-practice and make specific recommendations to enhance the protection offered. Joint reviews with other organisations we perform this service for are conducted quarterly.
1.3 (Joint) Vulnerability Analysis (i.e., Penetration Testing and Dark Web Monitoring): With expert partners, we provide a wide range of vulnerability analysis services. We conduct especially (a) technical penetration testing, (b) remote social engineering hacking, (c) dark web monitoring, and (d) e-mail phishing campaigns.
1.4 (Joint) Cyber Awareness Building I – Shared Holistic View: With expert partners, we run intensive three-day workshops that enable your organisation to develop a profound understanding of the cybersecurity issues it faces. The goal of the workshops is to facilitate your organisation’s identification and description of its most critical assets and their cybersecurity vulnerabilities. We will enable you to develop a holistic picture of the cybersecurity situation and associated vulnerabilities, in your organisation, and help you to formulate actions to mitigate any potential downside effects.
1.5 (Joint) Cyber Awareness Building II – Tabletop Exercise: This is a three-hour cyber awareness building event at your location for stakeholders across your organisation. The exercise is suited for a wide variety of roles and results in a greater common awareness of what the cyber threat means and how best to protect ourselves against it.
2. Resourcing Operations
2.1 (Joint) Benchmarking Compliance (CIS18 & GDPR): With expert partners, we gather the needed information and provide assessments of security compliance and digitalization with a focus on EU GDPR and CIS18 Controls (the “Esperanto” of cyber controls). The results are collected in a dedicated secure and EU-based platform, which has been developed for efficient collection and processing of data into Benchmarks.
2.2 (Joint) Defence Exercises (VAUBAN) – Technical Tabletop: With expert partners, we prepare and facilitate 2-3-day technical tabletop exercises that simulate cyber attacks on the services of local administrations in the style of the NATO LockedShields approach. Significant upfront effort is made to understand the relevant infrastructure and design realistic scenarios that are as close to reality as possible.
2.3 Shared Resources: We facilitate the on-demand sharing of experienced expert resources between organisations on an ad-hoc or project basis as a pragmatic and effective alternative to engaging professional services organisations with little understanding of specific contexts and restraints.
2.4 Distributed SOC: We enable the interconnection and sharing of security solutions between organisations as a key element of a distributed decentralised horizontal peer-to-peer security operations centre/web that brings “joint-defence” to life.
2.5 (Joint) Cyber Tender Preparation: We design, publish, and manage a tender for a cyber security solution on your behalf, while offering participation to other public administrations. Local national tendering requirements are observed, and a short-list of best value-for-money proposals are presented under consideration of real experiences with the solutions by local administration peers.
2.6 General Advisory Services: We provide custom advisory services directly or in collaboration with expert partners.