i tcsecure.com

Understand Your Investment Cyber RiskCyber security due-diligence should be an essential part of any pre-deal assessment. Whether it is a Private Equity firm making an investment or an Insurance company offering a policy, the cyber security risk needs to be understood before those commitments are made. This service provides our clients with the information they need to make those informed decisions.

Non-Invasive IntelligenceITC’s Cyber Security Due-Diligence review, assesses current cyber security IT architecture, levels of protection status and maturity from an outside-in view of the subject company. The review identifies high-risk areas, red-flags and cyber vulnerabilities that require further investigation. The review is delivered without suspicion from the subject’s internal cyber security teams and is not in any way invasive. The review does not feature any penetrative testing, nor will it damage any of the subject’s systems.

Security RatingsThe ITC Security Advisors will deliver a detailed Security Ratings report outlining possible vulnerabilities discovered, with a follow-up debriefing call that will provide recommendations relating to how relevant or urgent it is to conduct an on-site due-diligence exercise.

The Security Rating is a measurement of a company’s relative cyber security performance. Companies are rated on a scale of 250-900. The higher the Security Rating, the more effective the company is in implementing good security practices.

Security Ratings are calculated using a proprietary algorithm that examines three classes of externally observable data:

Compromised systems events, diligence and user behaviour.

Compromised systems events represent evidence of a company’s network communicating with known malware-associated IP addresses. Examples of compromised system events include communication with known botnet controllers and websites that host malware and malicious email servers. Although an event may not equate to data loss, it indicates that the organisation may have been compromised, which could result in an attack at a later date.

Diligence examines the configuration of a company’s public facing services, such as emails and encryption. Examples include use of the latest encryption protocols, email authentication techniques and measures to detect email spoofing.

User behaviour represents potentially insecure practices such as the use of peer-to- peer file sharing websites. Examples include using a torrent to download movies, music or applications, from an unofficial source on the internet.

D U E - D I L I G E N C E

C Y B E R S E C U R I T Y

CYBER SECURITYDUE-DILIGENCE

The Ratings are acquired through completely non-invasive methods and rely on publicly accessible and externally observable information. Using these Ratings, one can quantify and benchmark an organisation’s security performance and identify specific threats.

The Key BenefitsUnderstand the cyber risk for your potential investment

Uses non-invasive techniques on any targeted acquisition

Visual report is clear and easy to understand

Security Ratings provides comparable data

Why ITCEstablished in 1995, ITC continues to evolve in the face of the ever changing security threat landscape. With capabilities in on-premise, cloud-based and hybrid security, ITC is a cyber consulting and managed security service provider like no other.

Including former members of British intelligence, experienced cyber security professionals and access to some of the Worlds leading security experts, we provide discreet risk advice to many leading brands across Europe.

We also partner with leading international law firms in the areas of cyber security and reputation monitoring for private clients.

We have designed a comprehensive suite of advisory services, defensive solutions and countermeasures which enable our partners to mitigate the risk of targeted cyber attacks against their clients. Our services prevent financial loss, reputational damage and loss of data.

All information we provide is credible and confidential, enabling better, fact-based decisions.

Contact Us

If you would like to know more about our market leading security consulting services, our Netsure360° portfolio or want to hear more about our Security Insights programme; go to www.itcsecure.com, call 0207 517 3900 or email us at marketing@itcsecure.com

© 2018 ITC Secure Networking

At a Glance

Manage Cyber Risk with a combination of Technology, People and Process

Understand your vulnerability with a Cyber Review

Ensure your wider team is part of your defence through User Awareness Training

Keep up to date and remain secure with a Managed Cyber Security Service

© 2017 ITC Secure Networking

CASE STUDY:TECHNOLOGY SOFTWARE SECTOR

MetaPack chooses ITC to design and deploy enterprise grade datacentreMetaPack are the leading provider of eCommerce delivery management technology to enterprise retailers and brands across the world.

In early 2016 MetaPack approached ITC to discussa solution to sustain their rapid business growth.

ITC responded with a detailed proposal for the design, deployment, migration and managementof a new fully resilient enterprise grade datacentre (DC).

MissionMetaPack - experiencing rapid business growth that hasheightened the awareness of the importance of thenetwork underpinning the business.

ITC Secure Networking - Invited by MetaPack to review the current DC and design a robust, reliable, resilient, secure and agile DC infrastructure that would support their current and future rapid growth plans.

Key Deliverable - MetaPack required an underlyinginfrastructure that could efficiently support the growth oftheir key customers such as John Lewis, ASOS and M&Swho utilise MetaPack’s Delivery Management Software.

SolutionAs part of ITC’s standard on boarding process and in line with the company’s ISO20000/1 accreditation, ITC completed the initial discovery and audit phase atMetaPack offices and datacentre’s. The networks were fully documented to enable ITC to approve the plan to onboard the infrastructure into service within a 12-week timeframe.

To achieve the transformation ITC built the hardware within its laboratory and completed a full suite of testing. The working solution was then moved to MetaPack’sdatacentres, installed and re-tested before final handoverto production.

The ResultITC have designed, migrated & deployed a new datacentre infrastructure that will enable MetaPack to scale theirbusiness in line with their growth plans.

The solution provides far greater resilience and reliabilitywhich will result in both higher levels of customersatisfaction and mitigate any loss of revenue. Additionally, ITC’s NetSure360° 24x7 management of the new infrastructure will free up internal resources to focus their efforts on revenue generating activity.

ITC have brought a tremendous value to MetaPack.Not only have they provided an effective solution tosustain our rapid business growth, but have delivered acritical transformation process in a very strict timeframe as well. Thank you to all ITC colleagues involvedin this ongoing project.”.

David Whatley, Global Head of Technical Operations.

Overview

Industry Technology software sector

Environment500 employeesHeadquartered in London, UK with offices in Germany, France, Netherlands, Poland, US &Hong Kong.2 datacentres

ChallengesCritical business process dictates thatMetaPack have a change freeze period fromearly November until end of January. Timescales were therefore a critical challenge for this project, making it necessary tocomplete the entire transformation within a 12-week time frame.

SolutionDesign, deploy, migrate and proactivelymanage a new datacentre network and firewall infrastructure and deliver 24x7proactive NetSure360° LAN and FirewallManaged Services for the next 3 years.

ITC NetSure360° integrates Security, Network and Performance Management assuring the performance, security and reliability of mission critical applications across the entire enterprise.

CYBER RISKADVISORS