CSIRT and SOC consultancy services

Icon

Our consultancy team is made up of experts with experience and backgrounds ranging from law enforcement and NATO to telecommunications engineering. We have worked with national governments, sector cyber security teams and individual organisations, and with countries at different levels of cyber security maturity.

Depending on the assignment, first actionable results usually come within the 4 months. Company experts continuously engage in cybersecurity projects in private sector, academia, and military. NRD Cyber Security is a member of various international organisations, like GFCEITU-DECSOFIRST.Org, and Trusted Introducer.

We can help you with the following CSIRT or SOC consultancy services:

decoration

Establishment

decoration

Modernisation

decoration

Gaining know-how via training

Our process for CSIRT or SOC establishment

1. Performing initial assessment
2. Preparation of a detailed CSIRT or SOC design and implementation plan
3. Preparation (review) of CSIRT or SOC mandate
4. Preparation of technical solutions architecture along with identification and proposal of alternatives for most suitable components
5. Preparation of essential policies and procedures
6. Implementation of technology solutions
7. Training sessions for staff
8. Soft launch
9. Update and upgrade of security operations
10. Official launch
11. Continuous support after the launch

The role and importance of a CSIRT or SOC

Cyber-attacks to digital infrastructure and assets are globally among the top risks as indicated in The Global Risks Report 2023. Despite various efforts to mitigate, the likelihood of cyber-attacks is continuously increasing not only for private organisations, but also for governments, sectors and even nations:

  • Are the digital assets of an organisation, government sector or a nation secure?
  • Is an organisation, government sector or a nation able to timely detect and respond to cyber incidents?
  • How to ensure and preserve confidentiality, integrity, and availability of digital information?

These and related questions arise after facing critical incidents, like leakage of confidential data or a shutdown critical infrastructure facility due to Advanced Persistent Threat (APT) or denial of service attacks.

The quality of security operations increases through the following: 

Maturity: Moving from ad-hoc to well-defined and mature models of operation of CSIRT or SOC which ensures fewer errors and inefficiencies.  

Clear service model: Defined roles, responsibilities, and competences as well as incident categorisation, communication, and management practices enable maximal incident prevention and minimal impact.

Mandate: All resources (people, technology, processes) are clearly connected to the mandate and created value via service and process KPIs.

Flexible set-up: CSIRT or SOC composition and clear KPIs allow cost-effective insourcing and outsourcing of additional capabilities when needed.

Security operational risks are reduced due to: 

Speed: Faster incident identification, analysis, resolution, and mitigation due to clear and effective service processes. 

Clear reporting:  The CSIRT or SOC model ensures that all constituents understand clearly how to report the incidents.

Trust: The reputation of a professional CSIRT or SOC and working with various local and international communities ensures much better formal and informal communications regarding incident handling.

Our CSIRT or SOC consultancy projects around the world

Assessment of readiness for financial CSIRT build-up  at the Reserve Bank of Malawi (on-going)
Assessment of readiness for financial CSIRT build-up at the Reserve Bank of Malawi (on-going)
Bhutan: National CIRT development
Bhutan: National CIRT development
Cyprus: National CSIRT establishment
Cyprus: National CSIRT establishment
Design the sectorial C-SOC for the Uganda Bankers’ Association
Design the sectorial C-SOC for the Uganda Bankers’ Association
Growing cybersecurity maturity for The University of Cape Town (UCT)
Growing cybersecurity maturity for The University of Cape Town (UCT)
Kenya: National CSIRT modernisation
Kenya: National CSIRT modernisation
National CERT establishment in Malawi
National CERT establishment in Malawi
The Bahamas: National CIRT establishment (on-going)
The Bahamas: National CIRT establishment (on-going)
National Computer Incident Response Team (BGD e-Gov CIRT) establishment
National Computer Incident Response Team (BGD e-Gov CIRT) establishment
Peru: Secure soft SOC maturity assessment
Peru: Secure soft SOC maturity assessment
Sectorial CSIRT for energy sector in Kosovo
Sectorial CSIRT for energy sector in Kosovo
Icon
Paulius Daukšas
Cybersecurity consultant

For more information, please contact
Email: pd@nrdcs.lt
Tel.: +370 680 18 058

Let's get in touch