summitSSECURITY

- .

#summitSECURITY TOOLKIT gives you 3600 security for peace of mind. Our summitRADAR security risk assessment will dig deep into your databases, networks and governance process to put you in charge of your network so that you have worry free life.

Let's Free Up Valuable Time for Your Business Success

Like many of our customers, information technology and security is probably not your core business. Trying to solve all of your IT challenges internally can become a major distraction. These challenges can be costly and other aspects of your business could suffer. Leveraging tested #summitSECURITY tools – helps your business remain secure and efficient without taking up valuable work time. As one of the top IT consulting firms, Summit Consulting Ltd empowers your business to start winning at IT.

Why invest in security before you know which assets of your business are at risk? And the kind of threats they are exposed to?

Implementing cyber security solutions without first having undertake a thorough 360-degree ICT security assessment is like installing security cameras without having done physical asset risk assessment!

This includes examining all your external or public facing IP addresses for any vulnerability and if they exist, extent they could be exploited to cause loss to the bank.

Output

External Pen Test Report, to be done and delivered even before we physically visit the company to get any information. All you do is to give us an official authorization letter to undertake an external pen test and a list of your public IPs or applications.

suumitcl_hacker

Phase 2: White Box Penetration Testing (Internal Pen Test)

Discover the extent of threats by insiders including IT staff, consultants, visitors, vendors, etc with access to your internal network – local area network or WiFi hotspot. We examine the extent of user privilege escalation, etc and possible damage they may cause to your business.

Deliverable

Internal Pen Test Report, delivered after a thorough security assessment. In the report, you receive, we describe the server probed, the services running, the IP address, the Port number, the vulnerability found, evidence of exploit and practical recommended fix.

We advise our clients on how to effectively manage cyber-risks, highlighting measures to secure and protect information stored and processed on computers. Our methodology, depicted below, is designed to identify, protect, detect, respond and recover from cyberattacks.

Phase 3: IT Governance review

IT Strategy, change management, ISO 270001/2 & COBIT assessment and DR and BCM plan review – we will conduct a 360 degrees IT review to assess gaps, if any and report accordingly; including meeting all requirements by the central banks on ICT assurance.

Our service offering is logically grouped to provide our clientele with the most effective outcomes when selecting one or more of our services.

  • Risk assessments
  • IT General Controls
  • Application Controls
  • ERP and core banking system reviews
  • Due diligence
  • Service Level Agreements, Management Level Agreements,
  • Disaster Recovery, Business Continuity Plan, and Business Continuity Managmeent (BCM)
  • Policy and Procedure evaluation
  • Cybersecurity assessments and penetration testings
  • Network vulnerability assessments and penetration testing
  • Operating systems, databases and mobile security reviews
  • Email security
  • Mobile application security review
  • Web-application security review
  • CAATS – we help you save money on analytics. Many auditors work with us to help them analyse huge data sets
  • IT and data forensic imaging
  • Digital forensics investigations and legal support
  • #beyondExcel Training and modelling
  • Big data analytics and visualisations
  • Business process re-engineering & modelling
  • IT Governance, including post IT implementation review and security assessment
  • Business intelligence and analytics
  • IT Strategy and business architecture & aligning to corporate strategy so you save costs
  • ICT Security awareness training

Phase 4: Data Analytics and Revenue

Assurance to help you uncover what is hidden in your data. You deserve to know what your data is saying before you listen to the opinions of your peers! Make decisions based on facts and not hearsay.

Our experience:

We have performed IT reviews at a number of our clients.

Chances are, your IT environment has developed gradually. Over time, problems usually emerge, including performance gaps, redundancies, inefficiencies, and unintended information silos.

Eventually, it can be difficult to determine what is and isn’t working. Without the proper perspective, it can be difficult to know where to invest your IT resources.

1. IT Governance

IT Steering Committee Composition / Function

1. IT Governance

2. Infrastructure Security Controls Review

Review of security settings like password parameter settings, audit logs and other security configurations for;

  • Operating Systems
  • Databases
  • Your Network Security, monitoring and management
2. Infrastructure Security Controls Review

3. IT General Controls

  • Change Management Process
  • Access Management Process
  • Data Backup and Recovery Management
3. IT General Controls

4. IT BCP & DRP

IT Business Continuity and Disaster Recovery Plans
4. IT BCP & DRP

5. Application Controls

This activity depends on the Business Applications deployed at client side. The main goal of performing this task is to assess whether adequate controls are in place and operating effectively
5. Application Controls
Want to undertake external or black box pen test to assess the risk of external threats and attacks? Please complete the scoping questionnaire below or click here to download a PDF document, fill and return to us

With cyber attacks becoming the norm, it is more important than ever before to undertake regular vulnerability scans and penetration testing to identify vulnerabilities and ensure on a regular basis that the cyber controls are working.

Scroll to Top