sample of Involved projects
SETUp of information security office
SETUp of information security office
SETUp of information security office
Setup the Information Security Offices of the two leading Banks in Cyprus from scratch and advanced them as appropriate.
security metrics and dashboard
SETUp of information security office
SETUp of information security office
Established metrics to measure cybersecurity (KPIs and KRIs) and setup a dashboard to better communicate the thresholds and actual values.
Cybersecurity Stategy
SETUp of information security office
European Certification for Cloud Service Providers (EUCS)
Developed the cybersecurity strategy oat two financial institutions upon agreement with all stakeholders, the BoD and the Regulators.
Managed the tactics and its implementation to completion.
European Certification for Cloud Service Providers (EUCS)
European Certification for Cloud Service Providers (EUCS)
European Certification for Cloud Service Providers (EUCS)
Member of the EUCS Ad-hoc working group.
Discussing and influencing the components of the scheme.
Cybersecurity Policies
European Certification for Cloud Service Providers (EUCS)
Security Controls Definition and MAturity Assessment
Developed the Information Security Policies (High level and specific ones) after reviewing with internal and external stakeholders and aligning them with regulatory frameworks.
Security Controls Definition and MAturity Assessment
European Certification for Cloud Service Providers (EUCS)
Security Controls Definition and MAturity Assessment
Setup security controls in line with ISO27002, NIS2, GDPR, EBA Guidelines. PCI DSS, PSD2, Secure Controls Framework.
Assessed defined controls following a Capability Maturity Model, developed reemediation plan and monitored its progress to completion
Data Leakage Prevention programme
Data Leakage Prevention programme
Data Leakage Prevention programme
Developed a DLP strategy and programme. Recruited an enteprise wide DLP system (covering data in motnion, data at rest, data in use) and put it in operation with a large number of rules in place.
SEcurity incident response plan
Data Leakage Prevention programme
Data Leakage Prevention programme
Designed and implemented a Security Incident Response Plan (SIRP) and a Securitty Incident Response Team (SIRT)
RISK MANAGEMENT FRAMEWORKS
Data Leakage Prevention programme
RISK MANAGEMENT FRAMEWORKS
Established the risk assessment framework in line with ISO27005 and carried our respective risk assessments.
Security Awareness Program
Security Awareness Program
Security Awareness Program
Established a security awareness program:
> in-class
> e-learning
> through phishing simulations,
SEcurity Operations Centre
Security Awareness Program
Security Awareness Program
Setup the framework for a 24x7 Security Operations Centre covering technology, people and processes pillars.
penetration tests
Security Awareness Program
information classification
Managed the penetration test program covering external, internal and social engineering scenarios.
information classification
Vulnerability and patch management
information classification
Developed the Information classification scheme, defined information owners and classified all information. Developed then controls to protect this information.
Vulnerability and patch management
Vulnerability and patch management
Vulnerability and patch management
Defined a vulnerability and patch management program with daily scanning of systems, setup of patching cycles and monitoring of metrics.
speaking to conferences
Organised CyberSecurity Hackathon
Partners | Cooperations | Associates
circl3.tech
Copyright © 2022 circl3.tech ltd - All Rights Reserved.