4D5A Security partners with clients to design exactly what works for you to meet your specific needs. This includes off-site workshops with executives to achieve alignment on risk perceptions and priorities and that of more tactical training and onboarding of new operations and capabilities. See our examples below to plant seeds for what you might be considering in your environment.
Leadership is generally supportive but doesn’t seem to “get” cybersecurity like that of the cybersecurity team. The cybersecurity team does a great job – but they are all too aware of massive gaps and concerns and are struggling to get this through to management when “everything is just fine” or “works”. A 1/2 day workshop where we did a perceptions rating on maturity of various controls and risks revealed this gap between the two groups brokering a discussion, and why that exists. The outcome of alignment and understanding was achieved, with 4D5A Security championing as lead of the discussion that this is common to most organizations, applauding the organization for arriving at this level of maturity as they align and now move to the next level of ownership in operations.
Custom Malware Lab
A large organization relies upon a 3rd party vendor to perform MSSP and malware handling and analysis but isn’t fully trusting of their outcomes and data in all cases. 4D5A Security partnered with them on this process to identify how to safely handle and manage malware through the lifecycle of threat detection and response to then build out a virtual lab and analysis for the local security team to leverage in their own analysis of the code. The team built out a “golden image” core build with various tools installed, per recommendations by 4D5A Security, followed by a 1/2 day workshop to demonstrate and practice with malware samples, use of the system and reinforcement of safe handling practices and policies and procedures to be implemented properly once testing was completed. The outcome was a successful new capability by the company at a highly affordable price, enabling them to drive assurances and integrity into the process for oversight of the process and their 3rd party provider.