Cyber Security

Consultancy Services for implementation of ISO constitute in improving the existing information security assurance and management practices, which will meet your current IT infrastructure automation level and condition, effective legislation governing, and applicable best practices, which will be optimal for key information assets in view of the risks they are exposed to.

• Information Security Frameworks (CBB, NIST, ISO 27001 Information Security Management System)
• Business Continuity Framework (ISO 22301 Business Continuity Management System)
• Sustainability\Environmental Framework (ISO 14001 Environmental Management System) 
• Health & Safety Framework (ISO 45001 Occupational Health & Safety Management System) 
• Quality Framework (ISO 9001 Quality Management System)

NGN provides you with full fledge of consultancy services to align your organizational processes and practices with the world best practices and to keep your organization complied with the regulations & frameworks they want to implement, including the following:

• CBB Rulebook: Center Bank of Bahrain Rulebook - Information & Cyber Security
• NIST CSF: National Institution for Standards and Technology - Cyber Security Framework
• PCI-DSS: Payment Card Industry Data Security Standard
• PDPL: Personal Data Protection Law 

As any other security control, SOC requires constant effectiveness and efficiency assessment for objective understanding of security operations current state and planning future development and improvement efforts. Based on own experience in security operations and considering modern security best practices, NGN propose Security Operations Center assessment service that allows to measure SOC’s capability maturity.

SIEM Architecture Review & Optimization – a review of the existing configuration of the SIEM system, collect requirements from Customer’s representatives, and provide Customer with recommendations for optimizing and supplementing the system settings. Service includes SIEM configuration assessment, determination of required analytics, correlation rules as well as event sources, system fine-tuning and support.

IT Security auditing and improvement recommendation development. Main service provision goal is to evaluate “as is” state of IS in technical systems and construction of “to be” state of IS of technical systems.

To achieve these goals, the following tasks shall be solved during the service provision:

• Survey critical assets and systems
• Systematization of the obtained data into survey protocols and schemes
• Describe existing services, critical assets, their relations, and architecture
• Analyze of the correctness of the architecture and configurations of the available information security means

The goal of the service is to provide independent assessment of the current cybersecurity posture. IT/OT Cybersecurity Assessment Service will allow organizations to:

• Understand the cybersecurity risks and threats and focus on improving the corresponding security processes;
• Evaluate the current ICS cybersecurity posture and effectiveness of implemented security controls;
• Develop measures to improve the ICS cybersecurity mechanisms.

Contact NGN security experts for detailed information about consultancy and professional services.