Texaport’s approach to Cyber Security is process driven and tailored to the needs of the individual client
Cyber Security Process
There is no silver bullet to address every company’s Cyber Security requirements short of unplugging everything and conducting business in person and on paper rather than online or on computers.
As such, companies must tackle Cyber Security through a multi-pronged or disciplined approach, involving broad swathe of knowledge, skills and awareness throughout the team.
Texaport works with clients through our Cyber Security Process to cover as many relevant areas as possible, providing a broad overview and comprehensive picture of the Cyber Security risk profile and effectiveness of the organisation before addressing these in turn.
Clients will find that our processes are similar throughout our areas of involvement whether it’s our approach to Cyber Security, Compliance, Support or Project work. While the process remains similar, the individual steps and elements are tailored to the task at hand.
When considering Cyber Security vulnerability, businesses first need to identify their hardware, software, users, processes, procedures and access to data.
Texaport work with clients to complete detailed “Data Scoping” documents which help to identify, locate and “map out” data throughout the organisation. This data can take many forms and be scattered throughout the organisation so will involve a cross-department approach to complete.
Once data has been scoped throughout the organisation Texaport can work with clients to ensure compliance with regulations and standards as well as improve their security posture.
Much like a financial audit where an auditor would investigate the accounts, inventory and processes of an organisation to ensure compliance and correctness, a Texaport audit will look into the Technical capacity of the organisation.
Texaport follows a loose process which allows for flexibility of the investigation for clients working from the “outside” going “in” to the organisation.
Texaport ensure clients receive the information they require as effectively as possible. During a project or support enquiry, information will be provided as it becomes available in small chunks. However, for larger projects and implementations, Texaport condense the information into reports for clients to consolidate and clarify the information in a convenient digest.
Implementations in relation to Cyber Security will normally follow the report phase, where the client will decide on the course of action and security posture to be achieved. Outside of this process, Texaport can implement Cyber Security changes for clients as a stand alone project or as an element of our “Holistic Security” package.
The implementation phase is the core of compliance as any non-conformances discovered during the audit phase will have recommended actions to rectify.
Texaport will always follow up and complete Cyber Security projects by comparing the implemented actions with the report recommendations and audit findings.
The review process is similar to the previous audit process, but is achieved much quicker as it is for verification and “error checking” to ensure that required actions have been carried out and that the client’s security posture has been improved.
Where clients are re-certifying against a previously achieved standard which was supported by Texaport, commonly the review phase forms the “scoping” element of the subsequent project.