The basis for building a defense umbrella for an organization is to perform an examination of weak points, identify loopholes, define needs, and make recommendations to fill gaps between the existing protection and the desired protection.

Information security is required to maintain information confidentiality, information availability and integrity.

010 works according to the methodology of the Israeli Cyber ​​Headquarters with adjustments required for each organization according to its size, nature, geographic distribution, regulatory requirements, relevant threats, and exposures.

The content of the assessment varies depending on the client and his infrastructure and usually includes:

• Interviews with key people in the organization
• Database mapping
• Mapping infrastructure and information systems
• Mapping processes in the organization
• Network and systems scanning to identify network weaknesses.
• Checking the way information systems are used, remote access passwords and more.

At the end of the survey, an executive report describing the current situation and the gap to the desired situation will be produced.

The report will detail the findings and the level of risk for each finding, as well as recommendations for correcting the deficiencies.

The report will be a guideline for the organization to perform necessary actions and repairs to minimize the damages in the event of an attack.

If you lock your house and set an alarm but do not teach your children not to open the door to strangers, the investment in the door and the alarm will be useless because the child will open the door to a thief.

The same with technological defenses against cyber-attacks.

 no matter what defense technologies you put in place - you must make sure that your employees do not accidentally allow the cyber criminals into the organization.

To significantly reduce the risk of a cyber incident, the first and basic thing is to carry out regular training for employees in the organization and teach them to recognize the potential for a cyber incident and teach them how to avoid it.

Information security awareness is an educational process that teaches employees about network security, best practices and even compliance with standards and regulations.

 A comprehensive security awareness program trains employees in a variety of information technology, security, and other business topics.

These include, among others, ways to identify impersonation and other types of attacks such as social engineering, detecting behaviors of potential malware, reporting possible security threats, monitoring the company's IT policy and best practices, as well as complying with all privacy regulations.

The proposed employee awareness service is based on short training videos on various topics of cyber, privacy protection and the laws to prevent sexual harassment.

No software or operating system in the world is perfect, and from time to time security holes are discovered in the operating systems or software you use. 

When such a loophole is discovered, the manufacturer issues a security patch for the loophole. In the notice about the patch, he also explains what the loophole is and how this patch solves the problem.

The problem is that as soon as a security update is released, the cybercriminals (hackers) know how to attack and specifically harm people who have not installed this security update.

Therefore, as part of our services, we recommend installing a solution that ensures that your computer is immediately updated with every security update, whether the update is for the operating system or whether it is for third-party software that you use.