ABOUT US

Cyber Security Africa is an industry-leading Value Added Distributor with a single-minded focus – the mitigation of information security risk for our clients. We focus our attention on niche, generally complex and certainly relevant security solutions, aimed predominantly at enterprise and mid-market clients. We pride ourselves on being small enough to remain agile and large enough to apply a dedicated approach to each client experience.

 

This, backed by trusted international vendors and globally recognised channel partners, is what sets us apart from our competitors. Our consultative approach ensures we understand the long-term goal of our end-user’s, while maintaining collaborative relationships with our selected integration partners, thereby enabling us to provide effective long-term solutions.

 

A keen understanding of this ever-evolving Cyber Security industry, with all its technologies, innovations, threats and solutions positions us as “future-proof” to clients, while maintaining availability to attend to their more immediate needs.

 

Cyber Security Africa services the continent of Africa, ensuring invaluable local market knowledge and on-the-ground response. We have a presence in the following countries, South Africa, Kenya, Uganda, Nigeria, Ghana and Ivory Coast. Though Cyber Security Africa is a company, we pride ourselves on only taking on business we believe we can excel in.

TECHNOLOGIES

As an industry-leading Value Added Distributor, we provide our full attention to each of our Vendors and only partner with the very best.

SERVICES

PENETRATION TESTING

A penetration test is a simulated attack on a computer system that looks for security weaknesses, potentially gaining access to the system’s features and data.

Penetration Tests are needed  to test the security solutions in place and determine their effectiveness.

Red Teams are teams of hackers who with little information on the target asset attempt to mimic a real world attack on the asset. This provides valuable information on the asset as seen from an outside view.

 

  • Red Team Exercises
  • Capture the Flag
  • Social Engineering Testing
  • Web Application Exploitation
  • Infrastructure Testing

 

NIST SP 800 – 115 framework. Section 5.2 is the section that addresses Penetration Testing.

 

This penetration testing framework is useful for determining the following:

  • How well the system tolerates real world-style attack patterns
  • The likely level of sophistication an attacker needs to successfully compromise the system
  • Additional countermeasures that could mitigate threats against the system
  • Defenders’ ability to detect attacks and respond appropriately

 

Phases of Penetration Testing

  • Reconnaissance
  • Scanning
  • Gaining Access
  • Maintaining Access
  • Covering Tracks

 

These services benefit the view of the asset by:

  • Mimicking real attack scenarios
  • Providing Reals world data on the security of the asset
  • Comprehensive analysis on remediations and security procedures

REGULATORY CONSULTING

Within the past few years, a number of new laws, regulations and standards have been created to ensure that organizations take responsibility for their information security.

Complying with these new rules can seem like a daunting task. If an organization gives compliance and proper information security enough thought, however, they will understand that what’s most important is embracing a strong methodology towards information security.

Once a strong methodology is developed and implemented, compliance becomes simply a task of mapping that methodology and its subsequent documentation to the expectations of the regulatory body focused on auditing the information technology infrastructure.

 

Technical compliance with South African and International Regulations

Regulatory consulting for possible solutions needed with respect to specific regulatory frameworks

 

POPI

ASIR

GDPR

PCI-DSS

HIPAA

VULNERABILITY MANAGEMENT

  • Continuous Vulnerability Management
  • Vulnerability Reporting
  • Security Posture Assessment
  • Web Application Vulnerability Analysis
  • Cyber Security Assessment

POLICIES & PROCEDURES

Information Security Policy (ISP) is a set of rules enacted by an organization to ensure that all users or networks of the IT structure within the organization’s domain abide by the prescriptions regarding the security of the company

 

  • Building Policies and Procedures in consultation with the IT team and C Level
  • Creating controls for policies
  • Ensuring Policies secure the environment without impacting on business operations

SOME EXAMPLES

  • Acceptable Use Policy
  • Clean Desk Policy
  • Data Breach Response Policy
  • Disaster Recovery Plan Policy
  • Digital Signature Acceptance Policy
  • Email Policy
  • End User Encryption Key Protection Policy
  • Pandemic Response Planning Policy
  • Password Construction Guidelines
  • Security Response Plan Policy
  • Ethics Policy

FRAMEWORK IMPLEMENTATION

We offer 5 main frameworks to our clients.

 

Each framework dictates the method through which each branch of security services and technologies are delivered. This ensures that all services are delivered adhering to business industry standards and that the best steps are taken to mitigate against a cyber security threat.

ISO27001

International Standards Organization and internationally most common

NIST

US National Institute of Standards , compulsory for all US government organs

CIS

Centre for Internet Security, focuses on controls

SANS

Resource for Information Security Training - large amount of controls

OWASP

Web application framework, most common internationally

SECURITY POSTURE ASSESSMENT

The CIS Critical Security Controls are a relatively small number of prioritized, well-vetted, and supported security actions that organizations can take to assess and improve their current security state.

 

CIS Critical Security Controls are informed by actual attacks and effective defenses and reflect the combined knowledge of experts from every part of the ecosystem

 

  • CIS 20 Controls
  • Assess Current Security Maturity
  • Assess ability to survive an attack
  • Assess integrity of information should an attack occur

INTRODUCING OUR TEAM

team_image
Managing Director

Martin Britz

team_image
Operations Director

Toni Bowker

team_image
Sales Manager Southern Africa

Gayle Britz

team_image
Senior Security Consultant

Mohammed Balogun

team_image
Business Development Manager

Dee Pockpass

team_image
Senior Security Consultant

Sherwyn Moodley

team_image
Senior Security Consultant

Christian Jeurissen

team_image
Sales Manager East Africa

Susan Ndungu

team_image
Security Consultant

Martin Charagu

team_image
Administrative Coordinator

Madelein Meyer

CONTACT US