Security improvement project

The brief

The software and managed service company were given some clear expectations by their key customers about the type of security controls they expected their suppliers to operate. A penetration testing exercise revealed they a number of critical controls were missing and others were not working as they should be. A security improvement project was initiated but with a lack of in-house security expertise they had to look outside the company for help.

The solution

Mothax were able to assist in a number of ways. We started by documenting a thorough threat assessment using the latest intelligence data specific to the sector, size of company and data they processed. A prioritized list of recommendations was produced to counter the most likely threats. The report gave guidance at the strategic level around recruitment and procurement, but we also gave engineering assistance in building up threat detection capabilities. Staff training on basic security assessment techniques completed the initial project.

The result

The client is now able to answer their customers assurance demands with more confidence and feel they have a much better chance of avoiding or detecting an attack against their systems. Mothax is engaged in additional longer term work to raise their defensive capabilities as time and budget allow.