Our Services
By developing a unique skill set in our resources, we are able to provide a suite of cyber security services that can comprehensively evaluate all of the potential attack paths into mission critical infrastructures. 
​​​​​​​​
Risk Assessments
​​​​​​​Security Assessments & Audits
​​​​​​​​Security Education & Awareness
​​​​​​​​​​​​​​Security Architecture Design
​​​​​​​​​​​​​​​Regulatory Frameworks Compliance
Enterprise Security
Enterprises are hastening to adopt emerging technologies to satisfy new business demands however, this usually generates new exposures to advanced cyber-attacks. The cyber risk profile of modern organizations is heavily affected not only by the ever-evolving threat landscape, but also by the complexity of new distributed business operation models, as well as by the increased regulatory compliance requirements.
 
Cyber Noesis, having deep knowledge and proven experience on how the challenging cyber security requirements can be met by modern enterprises, provides professional advisory services to effectively improve the corporate security posture and achieve compliance against demanding legal & regulatory frameworks.
 
Our Enterprise Security service areas are:
  • Enterprise Information Security Risk Assessments
  • Development of Information Security Management Systems in line with international standards like ISO27001, PCI-DSS etc.
  • Development of Privacy Management Systems in line with international standards and regulations like GDPR, ISO29100 etc.
  • Technical Security Assessment & Audits
  • Security Architecture Designs
  • Business Continuity & Disaster Recovery Planning
  • Incident Management
  • Security & Privacy Awareness and Training
Nowadays no enterprise, territory, or industry is immune to Cyber-attacks…
 
ICS / SCADA Security
Cyber attacks have replaced terrorism as the primary security threat to critical infrastructure...
 
CyberNoesis, with its extensive experience and expertise in securing SCADA and Critical Infrastructure Systems and Networks, has developed proven methodologies for conducting penetration testing and vulnerability assessments safely, on production control systems as well as testbed/sandbox systems. We specialize in helping industrial clients achieve compliance with NIST 800-53 rev3, CPNI standards and practices, sectoral activities European initiatives and regulatory frameworks that impact mission critical systems. Our core service areas are:
 
  • Security Assessments
  • Architecture Review / Design
  • Monitoring
  • Incident Management
 
Being a "vendor neutral" company, CyberNoesis is in a position to effectively and objectively determine the remediation measures most appropriate for its clients, taking into consideration their business objectives and threat exposure.
Core Telecom Networks Security
The technological and operating standards on which modern telecom/mobile networks are based, dates back to the SS7 standard which was developed in the 1970s. At that time, safety protocols involved physical security of hosts and communication channels, making it impossible to obtain access to an SS7 network through a remote unauthorized host. In the early 21st century, a set of signaling transport protocols called SIGTRAN were developed. SIGTRAN is an extension to SS7 that allows the use of IP networks for the transfer of messages. However, even with these new specifications, security vulnerabilities within SS7 protocols remained.
 
As a result, a malicious assailant is able to send, intercept and alter SS7 messages by executing various attacks against mobile networks and their subscribers.
 
CyberNoesis has developed methodologies to assist its clients in the following areas: 
 
  • Infrastructure Protection
  • Radio Access
  • OSS/BSS
  • SS7/SIGTRAN
  • VAS/MSS
  • Review of security settings around key network elements (HLR/AUC, MSC, IN, GGSN/SGSN, SS7 etc)
  • Security review of interfaces with VAS and OSS/BSS elements 
  • Review of network segregation
  • Encryption & ciphering standards
  • Organisational review of security strategy and management
  • Security incident reporting & escalation practices
     
Telecommunications today, rely on technologies that were developed decades ago, when security was not really a concern...