Cyber Network Defence

Cyber Network Defence

Cyber Network Defence (CND) is DarkMatter's elite team of cyber experts, engaged across all competencies and functions, tasked with identifying and responding to the most advanced threats, threat actors and cyber attacks. CND combines world class cyber experts with proven methodologies, sophisticated technology and intelligence to create an unrivalled ability to identify and manage new and emerging threats.

Our multi-disciplinary team provides a suite of security assessments, forensic and incident response services designed to help our clients to understand the threats and vulnerabilities they face and determine how best to manage them. Additionally, our limited stealth operations allow DarkMatter to provide detailed information on threat actors, they motives and capabilities.

Security Assessments

DarkMatter’s elite team of Cyber Network Defence specialists help you identify and manage threats and vulnerabilities inside your environment to mitigate risk and protect data, ensuring regulatory compliance and an improved security posture.

Our highly skilled team perform penetration tests, audits and reviews of your applications, infrastructure, data, and systems to identify vulnerabilities and risks. These are ranked to assist in balancing your asset value in ways that make business sense. We measure the severity of your vulnerabilities, make cost effective recommendations that will mitigate threats, and offer our expertise in implementing these recommendations and countermeasures.

Such assessments are also useful in validating the efficacy of defensive mechanisms, as well as end users' adherence to security policies.

The solution suite includes:

  • Technology Compliance: Quick effective 'snapshot' of your enterprise security compliance profile maintaining compliance with legislative regulations and industry standards demand.

  • Vulnerability Assessment: Pro-active steps to secure your environment by identifying and remediating known security exposures before potential attackers do.

  • Penetration Testing: DarkMatter delivers network, application, wireless, and social engineering engagements to demonstrate the security level of your organisations' key systems and infrastructure through simulation of real-world attack vectors.

  • Application Security: Dynamic (Black), Static (White) and Source Code reviews identifies critical vulnerabilities in applications such as SQL injection, cross-site scripting (XSS), buffer overflows, unhandled error conditions and potential back-doors.

Detailed technical and executive level reports include recommendations for mitigation or remediation of vulnerable assets to improve the efficiency of IT operations and risk rated reports can help measure security effectiveness and providing critical feedback in to the businesses security strategy.

Incident Response

Security incidents, breaches and any related interruptions in the performance of services or applications, can result in direct financial losses, threaten organizations' reputations, erode customer loyalties, attract negative press, and trigger significant fines and penalties. They can and will happen.

These acts can lead to the exposure of data and the leaking of sensitive material, disinformation, reputational damage and loss of trust. And of course, they can hit a business's bottom line. According to PwC, in 2014 the total financial losses attributed to security compromises increased 34% compared to 2013, while organisations reporting financial hits of $20 million or more increased 92%.

A recent study conducted by the Ponemon Institute (2014 Cost of Data Breach Study: Global Analysis) reported the average cost of a data breach for the affected company is now $3.5 million. Costs associated with the Target data breach that occurred in 2013 reached $148 million by the second quarter of 2014.

Commercial organizations remain ill-equipped and unprepared for cybersecurity incidents, as illustrated by a recent Ponemon Institute study titled "The Post Breach Boom." According to the study, only 41 percent of organizations said that they had the tools, personnel and funding to prevent breaches and only 39 percent could minimize damages if breached.

DarkMatter's Cyber Incident Response services allow organisations to not only address incidents when they do occur, but to dictate the outcome on their own terms, not the attackers through a framework or planning, practice, readiness and recovery. DarkMatter helps organisations prepare for incidents in the following ways.

  • Cyber Incident Readiness: Comprehensive review of your organisations incident response capabilities ensuring the people, processes and technologies are prepared and effective.

  • Emergency / Critical Response: Our team of elite on-the-ground responders, malware specialists, and forensic analysts can execute immediate actions to help contain and mitigate the effects of an assault on your computer system.

  • Incident Management: End-to-end management of incidents from identification through to remediation with all stakeholders at all hours.

  • Digital Forensics: Our comprehensive array of Digital Investigative services provides the most detailed and thorough capability for investigating and remediating cyber incidents.

Active Defence

At the heart of our CND offering is a network of shared intelligence and counter intelligence operations known as Limited Stealth Operations. It represents the pinnacle of security research, technology, people and situational awareness.

Drawing on intelligence from Computer Emergency Response Teams (CERTS), leading research and academic institutions and Internet Storm Centres around the world, we assess emerging trends and developments in cybercrime to help us understand threat vectors, attack scenarios and attack geolocations. We analyse attack types and the cybercriminals behind them, using this intelligence to shape short-term remedial responses while building long-term network resilience for our clients.

This information is disseminated within DarkMatter through our internal 'community of interest'. Operating across every vertical DarkMatter division, the community of interest assimilates, scrutinises and distributes real time global cyber intelligence to our core teams in for example Governance, Commerce or Special Projects. In this way, we make sure our specialist teams receive the updates and alerts they need to increase our clients' immunity from cyber attacks.

The solution suite includes:

  • Social Engineering Assessment: Assess your company's ability to protect against unauthorised physical or virtual access through the use of human hacking.

  • Malware and Reverse Engineering: Unravel the most advance persistent and human morphia threats by deconstructing payloads on desktops, servers and mobile line by line.

  • Advanced Threat Intelligence: Partnered with DarkMatters' Security Operations and our partners; we provide high value, enriched, contextualised real-time visibility of threats, and threat actors both internally and externally specifically for unique targets, assets or identifies.

  • Limited Stealth Operations: Passive Human, Signal, and Open Source intelligence gathering, analysis and report for pro-active identification, management and remediation of threats and data loss.

  • Expert Services: Cyber Network Defence capabilities permeate the most hardened environments findings any gaps. DarkMatters' unique ability to custom design solutions to the most complex and advanced problems mean you will be on the leading edge in the fight against threats and threat actor.

Digital Investigative Services

DarkMatter's Digital Investigative Services provides high quality, cost effective digital forensic discovery, analysis, data collection, recovery, preservation, and security incident response capabilities, as well as a variety of other digital media and network based investigative and consulting services.

A component of DarkMatter's Incident Response solution, Digital Investigative Services provides specialised and confidential assistance to clients in the event of unexpected or unauthorised high tech activity in any location. The service can also be provided on a managed 24 x 7 basis. The investigation service is designed to provide the customer full cyber investigation capabilities, using experts in gathering digital and other forms of evidence.

Our Digital Investigative Service team is a specialised group of trained professionals, equipped with the latest field and lab technologies and bringing diverse skills that cover both the technical and legal sides of digital investigations. The result is a track record of success. Some of the team's most notable of capabilities include:

  • Digital / Mobile Forensics: Seizure, acquisition, recovery and investigation of material found in digital devices, often in relation to computer crime and other security events.

  • E-Discovery: Addressing the end-to-end e discovery needs of corporations and government agencies Identify data sources and extract ESI from varied sources; optimising volumes and executing targeted searches, posting data sets to searchable databases, and preparing electronic output as required.

  • Data Recovery: Salvage inaccessible data from corrupted or damaged secondary storage, removable media or files, net flows, and mobile devices when the data they store cannot be accessed in a normal way.

  • Password Recovery: Recover damaged and protected and encrypted media to support in incidents, investigations

Additionally, DarkMatter provides Forensic Readiness Audits and Assessments, develops Forensic Readiness Plans, and delivers training in many aspects of digital forensics, so crucial for an effective security strategy. Our Digital Investigative Services team has the professional training and skills needed to assure success, and their results stand strong under the scrutiny of the legal process.

Staff Augmentation Service

The success of a project is reliant on the ability to secure the resources with the genius needed to implement a successful strategy. Using a strategic approach to technology staffing, our mission is to align cyber security initiatives with our clients' business objectives.

DarkMatter employees hold active security clearances, with leading industry certifications such as CISSP, CISA, OSCE, ENCE, and GPEN, and available to secure your assets and networks. These cleared, experienced and certified staff members possess a wide range of personal and professional backgrounds across public and private sectors from all corners of the globe.

We deliver top cyber security talent where and when you need it, and we stay involved throughout the assignment. We work with a wide range of industries, and are building relationships with new clients and consultants every single day. Whether your needs are for Temporary Staffing, Temporary to Hire, Direct Hire, or just Consulting Services, DarkMatter provides genius into your projects.