[A lot of people tend to ask “What do you actually do as Cyber Security Consultants?”. People who aren’t in IT tend to think of it as just installing Anti-Virus and might not appreciate what goes into keeping a network secure and ultimately free from cyber criminals.
So we’ve decided to put together a blog to provide you with a bit of an insight into our projects that we are currently deliving. Providing you with a glimpse of what goes on behind the scenes here at Equilibrium. Unfortunately, we can’t share all of the information on the work we have been up to, but we all need to have stage secrets…
This week has been a fairly busy one, with the highlight of the week most definitely being the wireless security assessment which basically translates to “We tried to hack into it”. All of our pen-testers tend to like these jobs as it gives them a chance to try out new tools and techniques (and look through the eyes of a criminal for a day!). Whilst we do like it when we come up against a well defended network, it does give us an element of satisfaction when we actually get into the network!
This wireless security assessment was for a multi-national legal firm who have had a breach in the last 12 months and wanted to make sure all lines of defence were up to scratch.
So did we get in? Of course we did. Whilst the Wireless was very well protected with certificate authentication on company laptops / computers, their guest network was their downfall which we see quite often. Company’s own security teams tend not to test the true separation of the guest network from the corporate.
We also did a Cisco web security appliance install for a large council. This was to replace an existing proxy implementation which was coming up for renewal. This implementation went very smoothly and the majority of the time was taken up with creating various policies for the different departments. For example, your marketing department might need to access Facebook or some departments might need to access eBay, but you might want to disallow these company-wide.
We continued working on one of our longer term projects with a Police Constabulary where we have built and implemented another Cisco ASA which is being put on the network. Alongside this, we also installed the Cisco FirePower (formerly Sourcefire) element of the ASA which provides the IPS (Intrusion Prevention System).
We provided some post-implementation support and tuning to another Council following an out-of-hours Check Point firewall install that happened over the weekend. This went very smoothly but this was really due to the careful planning and documentation that had been done leading up to the weekend implementation. Something that often gets overlooked when integrating security solutions.
Hopefully this gives you an insight into our expertise and examples of the work we do. If you would like to know more, then