Strategic Services
Elevate Your Cybersecurity Defenses

Today’s security professionals are often overwhelmed by the number of technologies and procedures associated with reducing organizational risk. Security professional are expected to implement a mix of technical and programmatic security controls, training, and personnel that can efficiently defend the organization against the dynamic threat landscape. Bringing all of these critical components together-from the foundational architecture, preventative controls, and experienced personnel-to manage the critical IT environment can be quite challenging.

Cylance Consulting Strategic Services help organizations review their current IT environment and create a future state where the people, process, and technology are strategically aligned to assist in preventing future cyberattacks, effectively manage risks, and lessen the burden on internal IT and security resources. By drawing on extensive expertise in developing prevention-based security solutions, Cylance Consulting aligns cybersecurity initiatives with the organization’s business interests and operational needs.

Benefits

• Align the organization with industry-recognized security best practices
• Identify security weaknesses and improve security posture based on business operations and long-term strategic goals
• Transform security from reactive to preventive to achieve lowest risk, lowest cost, and limited liability
• Plan, prioritize, and implement solutions to enable a more secure business

Our Approach

Cylance Consulting’s Strategic Services team takes a comprehensive approach to cybersecurity by first understanding business operations and strategic goals. Cylance pairs its industry expertise with the 9 Box of Controls framework, which provides a novel approach to cybersecurity decision-making and overall strategic decisions designed at enabling business users and preventing cyberattacks.

Cylance Consulting is a professional services group of BlackBerry Corporation.

The 9 Box of Controls framework takes three foundational types of security controls, recently observed as the functional areas of the NIST Cybersecurity Framework: prevention, detection, and response. The framework demonstrates how an organization increases its risk by moving away from prevention, towards detection and response, and increases the costs as the organization moves from automated to semi-automated to manual controls.

Our Service Offerings

Cylance Consulting helps organizations address these challenges by gaining an in-depth understanding of the organizational strategy, needs and desired business outcomes. Through the 9 Box of Controls framework, we provide organizations with the foundation to address critical areas of concern to prevent threats, enable the business by meeting the needs of its users, and reduce control friction that can ultimately have a negative impact on business productivity.

Incident Response Program Development
Helps your organization build and enhance existing IR policy, plan, and playbooks that are relevant to the threats faced by your organization. The service fortifies your security and response capabilities as it details plans and procedures when to activate IR team, how to transfer or request information from others on the team, and the responsibilities of each team member during an incident.

Incident Response Readiness Assessment
Analyzes your current response program and identifies gaps or weaknesses to assist in avoiding pitfalls during a real-world incident. An Incident Response and Readiness Assessment provides an opportunity to ensure that the documented processes followed, and current controls are effective for responding to a future security incident.

Incident Response Table Top Training
Provides the education your staff needs to effectively carry out your incident response plan, validate playbooks and current IR processes, and gain experience in responding to real-world testing incidents.

Security Risk Assessment
Helps organizations build an effective information security program, which helps to minimize exposure to risk, and ensure a clear strategy for handling incidents and continual improvement. The service provides a flexible, repeatable, and cost-effective risk-based approach to managing information security risk based on globally accepted security standards and frameworks.

Security Technology Assessment
Enables organizations to make strategic decisions to repair weaknesses, reduce the total time to incident containment, and move towards a state of prevention. The assessment helps assess existing controls, identify gaps in security coverage, and improve the organization’s security technology strategy.

Virtual CISO
Provides access to a highly skilled leader who has the expertise to provide guidance from the initial assessment to the ongoing management of your cybersecurity program. Available in three tiers of service models: Full-Scale vCISO, Half-Scale vCISO, and On-Demand vCISO.

 

Download the Cylance Strategic Services Datasheet (.PDF)