GMV’S SERVICE RANGE TAKES IN THE WHOLE CYBERSECURITY LIFECYCLE
We analyze and diagnose specific environments from the compliance and risk point of view; we draw up plans in line with standards like the protection of critical infrastructure, GDPR and national security schemes or we incorporate specific technological solutions; we manage the operation of cybersecurity technology infrastructure and endow all this with the necessary visibility for informed decision-making and good governance.
IDENTIFY: Build up the necessary knowledge and organizational expertise to be able to manage company-wide cybersecurity. This phase lays down the bases for all the rest.
• Legislation and standards, Security Master Plan and ISMS
• Definition of checks and controls, indicators and dashboards
• Compliance audits: GDPR, Spain’s National Security Scheme (ENS), Protection of Critical Infrastructure, etc
• Risk analysis and management
PROTECT: Bring in the necessary countermeasures and safeguards to secure company services. The guiding idea is to build up the necessary capability for limiting or containing the impact of any cybersecurity event.
• Consultancy in the incorporation of new technologies
• Implementing cybersecurity technological solutions
• Producing inhouse solutions and services
DETECT: Flag up any cybersecurity event in time.
• Specialized diagnoses (hacking, source code, etc)
• Vulnerability management
• Red team
• Continuous monitoring infrastructure
• GMV SOCs
RESPOND: Measures to respond to any cybersecurity event in an attempt to contain the impact.
• PROACTIVE SERVICES:
- Configuration management
• REACTIVE SERVICES:
- Incident management
- Forensic analysis
RECOVER: Geared towards recovery and resilience, minimizing the time factor.
Definition and execution of:
• Business Impact Analysis
• Business Continuity Plan
- atalaya: Cyber-intelligence: digital surveillance
- gestvul: Vulnerability Management
- checker ATM Security: ATM security hardening