HOW OUR COMPREHENSIVE APPROACH KEEPS YOUR COMPANY CYBER SECURE

THE MITIGO CYBER SECURITY SERVICE

Successful cyber security requires a comprehensive approach as the diverse elements required are interconnected and only effective if working together against attackers. Keeping a business safe requires an ongoing service that flexes to the constantly changing threat.

Our background is in banking security, risk assurance and legal compliance – Mitigo was formed when we realised that hardware and software alone failed to keep businesses secure.

Fast forward to today and we believe we offer the optimal cyber security protection services for the sectors we serve. The service provides ongoing cyber risk reduction and outsourced information security. Delivered across 5 key themes and a full range of techniques and processes.

1 Assess

ASSESS

We understand your exposure to cyber risk. We understand how criminals attack, which vulnerabilities they exploit and what assets they are after. With that knowledge we use a full set of skills and techniques to assess your current risk.

A vulnerability assessment will be tailored to your business using the following techniques:

  • Audit interviews to understand how the business operates and staff work.
  • Vulnerability scans to scrutinise your network, firewalls and cloud servers looking for exploitable flaws.
  • Application configuration checks will spell out the gaps to best practice, starting with your email account security.
  • Cloud security assessments to decide if you are as secure as promised by suppliers.
  • Penetration testing techniques and tools will be used to find routes into to your network and web apps.


You will finally know where your big risks are and justify your cyber security concerns. This is the first step to getting secure and this full assessment is repeated annually.

2 cyber secure

SECURE

We ensure your technology is safe and secure. We review the vulnerability assessment with you and your technology partner. We then work together to close a prioritised roadmap of actions. At the top of the list will be vulnerabilities that are actively being exploited by criminals.

Unlike traditional cyber consultancy, we work with you to get you secure:

  • The actions from the vulnerability assessment are explained, agreed, and prioritised.
  • A management portal stores all the documents in one place and tracks actions to timely closure.
  • Technical workshops will be set up with our experts to help you and your IT support close gaps.
  • Best practice guidance will help you configure your software platforms.
  • Third party interviews may be conducted to understand the security posture of your supply chain.

Your technology will be hardened to cyber attack by deploying the experience and knowledge of our experts.

3 people

PEOPLE

We deliver training to make your staff cyber competent. Though they’re often unaware of it, they’re your most exploitable security weakness. So there’s a pressing need to build knowledge and awareness and provide the training and tools to change behaviours.

  • Animated training uses visuals, sounds and some comic moments to change staff behaviour.
  • Online testing will give you information to manage staff competence.
  • Simulated attacks scheduled through the year to keep the security culture improving.
  • A staff handbook is distributed from the learning platform to document staff accountabilities.
  • Tailored communications and events will be used to keep the subject of cyber security alive.

Our clients know that they are meeting a basic regulatory requirement and that their staff are playing their part in cyber security.

4 cyber security process

GOVERNANCE

Policies and processes to get you legal and safe. Governance is both the first and the final element. Beginning with an understanding of your business and then moving on to establish the right policies, processes, guidance, and controls to make sure that your security systems keep working, are legally compliant, up-to-date, that people know what to do in what circumstances, and, the actions to take.

  • We will do a cyber policy review to ensure you are aiming for a strong, and proportionate, cyber security regime.
  • CE and CE+ accreditation readiness is regularly reviewed.
  • Help on questionnaires from clients, regulators and insurers is supported.
  • Compliance questions can be discussed through video calls.
  • The management portal documents your genuine effort to become cyber secure.

Third parties looking in will be able to see a professional run organisation that cares about cyber security.

5 Maintenance

MAINTENANCE

Ongoing testing, assurance, and support to keep you cyber secure. We tailor a regime of cyber security control checks, launch random attacks and scan to test vulnerability. An annual review of your control framework, ongoing management and training via your portal and support from our helpdesk.

  • 6 monthly assurance makes sure that your security framework is in good working order.
  • Monthly automated checks and scans will test if security controls are operating effectively.
  • A helpdesk provides you with access to our cyber experts to help on related topics.
  • Should the worst happen, we will support you in incident response and investigation.
  • You can use our experts as a virtual CISO on roadmap design, accreditation advice and board papers.

CYBER SECURITY IS SO MUCH MORE THAN HAVING A VIRUS CHECKER AND NOT USING 'PASSWORD123' AS YOUR PASSWORD.

With a background of keeping banks secure online, we are well aware of the ever-expanding multitude of attack vectors cyber criminals have at their disposal.

You may not think your company is a target, but you could not be more wrong. If your company has a computer and access to the internet, you are an opportunity waiting to happen as far as cyber criminals and their automated hacking techniques are concerned.

Our cyber security protection service covers ALL aspects required to secure you today, and keep you secure tomorrow.

SERIOUS ABOUT SECURITY

Mitigo are proud to be the recommended cyber security partner for some of the UK’s largest trade and professional associations. We feel this demonstrates our commitment to the quality of service we deliver and showcases how we make the topic of cyber security accessible and understandable to our clients.

The Law Society partnership logo
The Royal Institute of British Architects
PIMFA logo

DO YOU KNOW YOUR ‘PHISHING’
FROM A ‘FIREWALL’?

Don’t worry, you are not alone. Phraseology in and around cyber security is notoriously user-unfriendly. Our cyber security guide will help you make sense of it all.

image square#2
image square#3

MITIGATE YOUR CYBER RISK
WITH JUST ONE CLICK

CYBER SECURITY
NEWS AND ADVICE

Here are our top 10 areas that firms need to address to stop ransomware....
Email account takeover is at alarming levels and is a common cyber threat facing UK businesses. Being victim to one of these attacks can result...

CALL US DIRECT

If you have an enquiry or wish to book a presentation of our services in relation to your business, call us 9 to 5 (UK GMT) during weekdays.

Tel: 0161 711 0201

To report a cyber attack, use our emergency contact page to reach our cyber incident response team.

REQUEST A MEETING