Experience Full Stack Cyber Defense Support

We are your extended cyber security team providing business-aligned advisory, professional and managed services to support your cyber security program. Our business focused security professionals work round the clock to keep your cyber adversaries at bay.

SUMMARY OF SERVICES

Below are some of the job functionsperformed by Digiss under the full stack cyber defense support agreement

Application Security

  • Development and implementation of DevSecOps practices and solutions
  • Owning security efforts across engineering and DevOps teams
  • Automating and integrating security into CI/CD workflow.

Endpoint Protection

  • Ensuring deployment and correct functioning of client’s EDR solution on every managed device
  • Hunting for hidden cyber threats through real-time and historic retrospective search and analysis
  • Vendor liaison, platform support, and ongoing policy configuration and protection enhancement

Network Defense

  • Architecting and leading implementation of effective network defense capabilities
  • Conducting monthly external penetration tests to minimize attack surface
  • Documenting and managing external network access

Asset Management

  • Maintaining an inventory of users and devices across the organization
  • Managing administration (including revocation and temporary granting) of local admin privileges

Incident Detection and Response

  • Leveraging highly qualified and experienced SOC analysts to provide 24/7/365 operation
  • Conducting tailored cyber threat intelligence on behalf of our clients
  • Taking on the operational burden of vulnerability discovery, analysis, and reporting to help client focus on remediation efforts

Identity and Access Mgt

  • Designing, developing and delivering IAM and IGA technical solutions
  • Defining access review and new certifications processes while supporting certification campaigns
  • the implementation of authentication and authorization solutions for IAM & PAM

Infosec Governance, Risk and Compliance

  • Supporting annual security assessments, compliance, certifications, and audit readiness efforts
  • Leading vendor security risk management efforts and ongoing monitoring of high-risk vendors
  • Managing client’s information security risks, controls gaps, risks register and cyber security exceptions.

Cloud Security

  • Maintaining situational awareness of cyber threats related to company data and cloud environments
  • Operating and continually advancing data leakage detection and prevention solutions
  • Identifying control gaps while developing and designing mitigation strategies

End-User Security Awareness

  • Developing and championing a risk-driven security awareness program
  • Aligning security awareness program with business requirements
  • Designing and conducting outcome-focused phishing simulations with a view to driving down click rates
  • Promoting positive cyber security behavior periodically through carefully crafted newsletters and advisories

Data Protection

  • Implementing and managing data protection measures, including encryption, access controls, and data masking, to ensure that sensitive data is secure
  • Identifying and addressing vulnerabilities in data systems and databases through regular scans and assessments.
  • Implementing and operating security tools and mechanisms to protect data at rest, in use and in transit.
  • Maintaining documentation related to data security policies, procedures, and incident reports

Security Design Architecture

  • Designing and developing security controls, patterns, and strategies to identify and address gaps in deployed infrastructures and other enterprise solutions
  • Leading the design, development, and implementation of the organization’s technical security architecture
  • Supporting availability, performance and capability enhancements of existing security technologies.

Security Engineering

  • Selecting, deploying, and managing security tools and software on endpoint devices, such as encryption software, endpoint detection and response (EDR) solutions, and mobile device management (MDM) systems
  • Supporting availability, performance and capability enhancements of existing security technologies
  • Managing and configuring access control mechanisms to limit who can access, modify, or delete data.
  • Configuring and managing logging and monitoring to detect and respond to security events.

CAPABILITY MAP

The capability map below shows major activities that are associated with each of the ten (10) cyber security domains covered under our cyber defense support agreement.

Our Technology Partners

SMALL ENTERPRISE CYBER DEFENSE SUPPORT PLANS

The capability map below shows major activities that are associated with each of the ten (10) cyber security domains covered under our cyber defense support agreement.

Our Technology Partners

Digiss Tailored SolutionEssentialsEnhancedComplete
GOVERN - The organization’s cybersecurity risk management strategy, expectations, and policy are established, communicated, and monitored
Cybersecurity Strategy
Security PolicySingle Overarching Infosec PolicyUp to 5 issue-Specific PoliciesAll Relevant Infosec Policies
Oversight FunctionsUp to 1 hour per monthUp to 4 hours per monthUp to 8 hours per month
Vendor Risk ManagementNot coveredUp to 5 vendors per annumUnlimited vendors
Identify - The organization’s cybersecurity risk management strategy, expectations, and policy are established, communicated, and monitored
Asset ManagementBasic supportEnhance supportTotal support
Vulnerability Assessment and Penetration Test (VAPT)Annually (External Only))QuarterlyMonthly
Ongoing Risk Assessment-Annual reportQuarterly report
Program Improvement Initiatives-Basic supportEnhanced support
Protect - Safeguards to manage the organization’s cybersecurity risks are used with Digiss optimizing client’s investments in technologies
Identity and Access Management1/4 FTE1/2 FTEFTE
Security Awareness and Training1/4 FTE1/2 FTEFTE
Data Protection1/4 FTE1/2 FTEFTE
Platform Security (app, cloud, host)1/4 FTE1/2 FTEFTE
Tech. Infrastructure Resilience1/4 FTE1/2 FTEFTE
Detect – Possible cybersecurity attacks and compromises are found and analyzed - this can be purchased as an add-on under Enhanced plan
Continuous Monitoring-Add onCovered
Adverse Event Analysis-Add onCovered
Respond - Actions regarding a detected cybersecurity incident are taken - this can be purchased as an add-on under Enhanced plan
Incident Management-Add onCovered
Incident Analysis-Add onCovered
Reporting and Communications-Add onCovered
Incident Mitigation-Add onCovered
Comply – With our expert compliance readiness service, we help customers meet their stringent cybersecurity compliance obligations
ISO 270011/4 FTE1/2 FTEFTE
Request ServiceLearn moreLearn more
Digiss Tailored SolutionEssentialsEnhancedComplete
GOVERN - The organization’s cybersecurity risk management strategy, expectations, and policy are established, communicated, and monitored
Cybersecurity Strategy
Security PolicySingle Overarching Infosec PolicyUp to 5 issue-Specific PoliciesAll Relevant Infosec Policies
Oversight FunctionsUp to 1 hour per monthUp to 4 hours per monthUp to 8 hours per month
Vendor Risk ManagementNot coveredUp to 5 vendors per annumUnlimited vendors
Identify - The organization’s cybersecurity risk management strategy, expectations, and policy are established, communicated, and monitored
Asset ManagementBasic supportEnhance supportTotal support
Vulnerability Assessment and Penetration Test (VAPT)Annually (External Only))QuarterlyMonthly
Ongoing Risk Assessment-Annual reportQuarterly report
Program Improvement Initiatives-Basic supportEnhanced support
Protect - Safeguards to manage the organization’s cybersecurity risks are used with Digiss optimizing client’s investments in technologies
Identity and Access Management1/4 FTE1/2 FTEFTE
Security Awareness and Training1/4 FTE1/2 FTEFTE
Data Protection1/4 FTE1/2 FTEFTE
Platform Security (app, cloud, host)1/4 FTE1/2 FTEFTE
Tech. Infrastructure Resilience1/4 FTE1/2 FTEFTE
Detect – Possible cybersecurity attacks and compromises are found and analyzed - this can be purchased as an add-on under Enhanced plan
Continuous Monitoring-Add onCovered
Adverse Event Analysis-Add onCovered
Respond - Actions regarding a detected cybersecurity incident are taken - this can be purchased as an add-on under Enhanced plan
Incident Management-Add onCovered
Incident Analysis-Add onCovered
Reporting and Communications-Add onCovered
Incident Mitigation-Add onCovered
Comply – With our expert compliance readiness service, we help customers meet their stringent cybersecurity compliance obligations
ISO 270011/4 FTE1/2 FTEFTE
Request ServiceLearn moreLearn more

Speak with our technical team