7441 D4N6 Brochure_V6

Industry Matrix
Energy
(Electricity, Oil, Gas)
Banking &
Financial
Markets
Transport
(Air, Rail, Road, Water)
Telecoms &
Technology
National
Critical
Infrastructure
Health
(Including hospitals
and private clinics)
Digital
Infrastructure
Drinking
Water Supply
& Distribution
Public
Administration
(Government Departments
and Entities)
See applicable Information Security services overleaf
D4n6 Co. Ltd.
+356 7900 8112 / info@d4n6.com / d4n6.com

Website
Processes
Does your website contain the
following and are they compliant?
Do you have the necessary
information prepared?
Cookie Policy & Notice
DPO Notice
Data Protection Impact Assessment (DPIA)
Process Flows (Current & New)
Identify various cookies being used and
provide that information to the user
together with the option to allow the use
of these cookies.
Provide the contact details of the
DPO in charge for the users’ easy
access.
Any business process needs to include data privacy from
the design phase that helps identify and minimise the
data protection risks of a project.
Identify various processes containing
personal data, from collection to storage
and map them out.
Data Privacy Policy
Provide a data privacy policy that is
concise, transparent, intelligible and
easily accessible whilst being written in
clear and plain language.
Individual Rights
Are you prepared to handle
such requests?
GDPR
General Data Protection Regulation
Do you store Personal Data physically or electronically?
Legal Basis
Have a justification at law for each type
of data processing.
Retention Policy
Establish data retention periods for each
type of data processed and the process
whereby such data is disposed of.
To Be Informed – Art. 12
Informing the data subject about the
use of their data.
Rectification – Art. 16
Data subject shall have the right to obtain from the
controller without undue delay the rectification of
inaccurate personal data concerning him or her.
Access – Art. 15
Data subject shall have the right to obtain
from the controller confirmation as to
whether or not personal data concerning
him or her is being processed.
Erasure – Art. 17
Data subject shall have the right to obtain
from the controller the erasure of
personal data concerning him or her.
Breaches
Are you aware of the
timeframe and cost?
Mandatory Breach Reporting
All breaches must be reported within
72 hours of discovery.
Restrict Processing – Art. 18
Data subject has the right to ask for his/her
data to be restricted from processing.
Object – Art. 21
Data subject has the right to object any time
to processing of data.
Data Portability – Art. 20
Data subject shall have the right to
receive details of the personal data
concerning him or her, which he or she
has provided to a controller previously.
Penalties
Non compliance can lead to fines up
to 4% of annual global turnover or
€20 million, whichever is greater.

MIND THE DIGITAL FORENSIC GAP, PLEASE
UNRIVALLED EXPERTISE, EXPERIENCE & KNOWLEDGE ON SECURITY AND CYBERCRIME. WE’VE GOT YOUR BACK
Be prepared
Training is a fundamental key to
achieve a high level of information
and cyber security
Non-technical employees? Not a
problem, we provide adequate
training for all levels
• Information Security
Awareness Training
• Information Security
Governance & Management
• Information Systems Internal
Auditing
• Incident Management &
Disaster Recovery
• An Introduction to Cyber
Assessments
• GDPR & Information Security
• An Introduction to Cyber
Security & Social Engineering
• Boardroom War Gaming for
threat incidents
!@#$%
GDPR is the EU overhaul of the
data privacy regulations governing
the personal data of individuals
dealt with at every touchpoint by
all organizations and individuals
alike
This extensive document goes into
detail as to which processes and
policies need to be reviewed or
created in order to give assurance
to all individuals that their personal
data are safely stored and
disposed of in a proper manner
should the need arise
It is also well known that by the
said deadline of May 2020 any
organization that has not yet
implemented the regulation will
have to face very hefty fines
At D4n6, we offer various support
packages depending on the stage
of implementation currently at the
client’s end
Know what you own
Asset Management is regarded as one of the pillars in Information Security and
crucial for regulatory compliance such as GDPR
Some explanations regarding the importance of asset management include:
• Improperly managed assets can become cybersecurity vulnerabilities such as
neglecting to install new patches to a server due to the number of servers
available for the said client
• A negative impact on the workflows due to obsolete assets on the network
• Tracking and accounting of incoming assets together with removal of obsolete
ones to avoid inaccuracies in the network architecture map
• Neglecting to comply to the right to be forgotten regulation in GDPR due to
the lack of having a complete picture of the assets on the network including
back-ups
TRAINING &
AWARENESS
EU GDPR
COMPLIANCE
SECURITY
TESTING
ASSET
MANAGEMENT
INCIDENT
RESPONSE
POLICY
DEVELOPMENT
SYSTEM
AUDITS
INFOSEC RISK
MANAGEMENT
Make it your own
Achieving a consistent process that is then
applied throughout an organization not only
ensures reliability through time, but also
provides stability for day-to-day functionality
At D4n6 we specialize in developing and
reviewing IT policies according toISO/IEC
27001 standard as well as asset
management and audits on Information
Security
Definitely not a DIY
System audits are fundamental to
guarantee the performance and
security of the IT infrastructure of a
company whilst ensuring reliability
and the maximum privacy
All system audits are primarily
performed against industry standards
such as ISO 27000
Some objectives of performing syste
audits include:
• To increase the security of the
users
• To guarantee confidentiality and
integrity through professional
security and control systems
• To minimize the existence of risks
A full IT network audit would cover
the following:
• Network Component
• Configurations
• Network Topology
• Organization IT Controls
• Security Access Controls
• Policies and Standards
• Full Network Setup
• Incident Management and
• Response
• IT Business Continuity (COB)
• and Disaster Recovery
Find the needle in a haystack
The process intended to reveal flaws in the security
mechanism of an information system that protects data
and maintains functionality
The importance of such assessments is increasing
over time to the extent that regulators for Critical
Infrastructure Entities are establishing them as a
requirement
• Vulnerability Assessments
• Penetration Testing
• Threat Hunting
• Firewall Review
• Phishing Campaigns
At D4n6 we boost ourselves in providing such
services through our partners with years of experience
in this field gained globally
For when it’s too late
An organized approach to address and manage the
aftermath of a security breach or attack
The ultimate goal is to handle the situation in a way to limit
damage and reduce recovery time and costs
Cyberattacks today have not only become more common
but also more sophisticated that having a 100% fool
proof infrastructure is impossible
Throughout our experience we have learnt that although
prevention is better than cure, when that is not possible it
is important to always be prepared
At D4n6 we help clients build confidence in the event of
an attach through;
• Disaster Recovery Plan
• Risk Management Plan
• Business Continuity Plan
• Wargaming
Always a step ahead
The process of managing risks with the use of
information technology
Helps organizations identify, evaluate and (if possible)
eliminate risks depending on the risk tolerance level
within the organization
Recommended steps to gain full potential:
• Employee Survey
• Risk Assessment
• Risk Outcome
• Risk Register
At D4n6 we are aware of the advantage that such a tool
can give an organization if it is well implemented
At D4n6 we work hand in hand with our clients to build
each step robustly
CONFUSED MUCH? CONTACT US TO TAILOR-MAKE THE BEST SUITABLE OPTION FOR YOU
D4n6 Co. Ltd.
+356 7900 8112 / info@d4n6.com / d4n6.com