Enterprise Division

Technologies and services

Innovative technologies and advanced services for your complete cyber risk management

Cybersel, thanks to its many years of experience in Cyber Risk Management, offers the most innovative and cutting-edge technologies and services to manage cyber risk independently with the constant supervision and support of our team of experts, in order to reduce your financial exposure due to potential cyber attacks.

Over the years, companies have become more and more the target of malicious attacks, thus creating the need not only to equip themselves with protection tools, but also to have resources capable of going beyond the mere reading of data and anticipating possible vulnerabilities.

We operate in 5 major macro areas of Cyber Risk Management:

Cyber Risk Analysis

Financial Quantification

Third Party Risk Management

Breach and Attack Simulation

Digital Investigation

Our approach is to understand which technologies and skills in our portfolio meet the needs of our customers. Thanks to our experience through our two divisions: enterprise and commercial, we are able to customise the proposal according to the characteristics of each type of company, satisfying the needs of both large, structured companies and medium-sized businesses.

These packages can be deployed in two ways:

SELLING LICENSES

Customers can purchase licences for the required technology and chose to independently manage usage and outcomes with periodic support designed to encourage adoption of tools.

CSM Customer Success Management

Customers, whilst still the purchaser of technology licences will have enhanced support from the Cybersel Customer Success Management Team. This team of experts serve as an extension to internal resources to maximise the return on investment.

Partner technologies

Use Cases

BitSight

Security Performance Management

A large French utility decided to undertake a corporate objective measurement of its cyber risk and of all subsidiaries. It divided its organization into Business Units and Operational Units with a main focus on diligence, analysis and research of all infections on its end-points. The result was to reduce its Cyber risk from a risk rating of 580 points to over 700.

Third Part Risk Management for EBA

The rules dictated by the European Banking Authority require Banks and all financial organizations (Fintechs) to carry out their own risk analysis including the Cyber risk for critical suppliers or for full outsources. These rules provide for a series of checks and assessments designed to determine the bank's overall risk. The BitSight solution is used to assess, analyze, control and manage the risk reduction of cyber relevant suppliers and to undertake serious risk mitigation.

Process Unity

As part of the supplier risk assessment processes, the need arose to structure, automate, manage and control the entire flow of operations in order to assess all aspects of risk and compliance.
The main challenges were to follow an operational flow as closely as possible to the business processes without upsetting them and to obtain results in terms of efficiency and measurement.

Given the large number of suppliers to be analyzed, it was necessary to structure and customize all the questionnaires relating to Assessment and Due Diligence, to manage the documentation centrally and above all to obtain an immediate and certain result from the risk measurements. The old systems based on Excel sheets and emails were no longer usable given the large number of suppliers and their different nature.
The process must be a continuous cycle and therefore all the work must be automated through the system, the data collected must be analyzed globally and then carry out the assessment of the overall risk.

The challenges were overcome with the use of Process Unity, a platform that made it possible to manage the entire life cycle of suppliers with Assessments of various kinds, but above all to optimize times and reduce workloads on the various teams: Procurement , Risk and IT Security.

Picus

As part of its change processes, the need to validate the effective robustness and validity of the policies of some core services of its infrastructure has emerged:

Web Filtering
Waf
Email
End Points
Browsing of server domains
Potential immediate vulnerabilities (eg new payloads etc...)

To do this, we constantly need to simulate attacks on these systems without service interruption, but above all trying to remain within the scope of compliance and managed or known risks. Picus allows you to analyze and review your risks according to new configuration patterns of the perimeter and protection systems, together with the robustness of the end-points and all the systems connected to it. Furthermore, in the context of the GDPR, it is able to verify whether users can export data from the company through the most popular channels (e-mail, https, ftp or other) in order to prevent voluntary / involuntary data breaches.