“Cybersecurity is the number one threat facing businesses today.”
— Satya Nadella, Microsoft CEO, October 2021
Cyber attacks are occurring more often today than ever. As technologies and techniques perpetually compete with defenses in a virtual arms race your business is no longer as safe as it was yesterday.
PAC is a South Australian leader in cyber security consulting. We recognise the importance and demand for security for businesses and their consumers and respond with a range of services that will optimise your defenses.
Our expert consultants are specialists in security audits for all online and offline systems. They can provide comprehensive reports on security vulnerabilities and assess the risk involved with each one. Have your security systems put to the test as our consultants perform virtual attacks and reveal the real potential for damage that hackers can cause to your business.
PAC is can also assist and advise you on getting your business PCI DSS Certified. Ensure your customers are protected at all times by protecting yourself.
More information on these services can be found here.
Over the past few years hacker groups and state funded cyber-attacks have increased in activity dramatically. Hundreds of millions of personal records have been exposed since 2015. With over 40% of breaches inflicted upon businesses it is more important than ever to have your online security systems evaluated and audited.
At PAC we’ve been running data centre operations for over 15 years. Our team of Internet services experts are highly skilled in all aspects of Cyber Security and are equipped to uncover all of the potential vulnerabilities in your online systems with simulated attacks, audits, and risk assessments.
Further, our specialists will identify and locate all of your vulnerable digital assets. This helps in implementing stronger security and allocating more comprehensive and prioritised measures.
Upon completion, PAC will recommend strategies and architecture changes that will provide the best solution.
Because of the myriad vulnerabilities that can exist in any system it is often difficult to not only protect or repair them but also to detect them. Vulnerabilities can be produced by poor system architecture, incorrect permissions, maintenance failure, and human error, just to name a few, so a security audit by a trained specialist is rapidly becoming essential.
Our specialists will analyse your online systems and compile a matrix of assets and capabilities and detail potential threats. The matrix assigns appropriate severity for vulnerabilities and ramifications which is used to formulate a strategy for controls to diminish or eliminate the most severe and consequential flaws.
For those that hold, or are looking to obtain, a PCI DSS Certification, quarterly vulnerability tests are a requirement. Retaining or accepting credit and debit card payments through your systems make your business a target for hacking attempts so don’t delay.
When pursuing a penetration test, a vulnerability test is a good first step. It will permit our specialists greater insight into your systems’ vulnerabilities that can then be tested for penetration.
PAC’s team of specialists can commit a simulated cyber-attack on your systems and networks in order to gauge the effectiveness of current security measures and then recommend remedial strategies. Penetration tests are as effective as real threats so regular testing is recommended every time you upgrade your security.
A penetration test begins with an analysis of current systems, networks, and hardware to detect improper implementation, flaws, and other operational weaknesses. Commissioning a vulnerability test prior to a penetration test ensures that the analysis is as inclusive as possible and provides additional targets to evaluate.
At the end of the test you will be provided a report detailing all of the security issues discovered, assessing the severity and impact of each issue, and a best practice proposal for removing or repairing these issues.
Web application security review – Your business’s web applications are public facing, whether requiring permissions to access or not, presenting a persistent opportunity for attacks. Our specialists can approach this security review with two strategies: as an onsite authenticated attacker or an offsite non-authenticated attacker (or a combination or both for maximum grasp). Manual and automated processes are used to test against nominated targets to search for vulnerabilities and flaws and assess the real potential for a genuine attack.
Denial of Service (DoS) assessment – While being mindful of your network’s integrity, PAC specialists can test the resilience of your systems and applications against Denial of Service attacks. Our specialists will test your system by exploiting the application-layer using known DoS conditions, form submissions, and HTTP(S) conditions.
If your business is involved in online transactions using credit and/or debit cards then you must be committed to Payment Card Industry Data Security Standards (PCI DSS). Complying with these standards ensures that your business is protected against liability in the event that personal records are compromised. By not complying, your business can be accountable leading to immense fines and experience loss of professional reputation. There are different levels for PCI DSS compliance based on implementation; PAC can help you assess which level of compliance is right for your business and, using our partnership with a certified Qualified Security Assessor (QSA), provide you with the appropriate certification.
Level 1 PCI DSS compliance requires an Annual Attestation which must be performed by a certified QSA. Our partner consultants come with years of experience and will audit your security systems for the appropriate requirements. The on-site audit also comes with documentation required to be submitted to your acquiring bank.
Level 2-4 PCI DSS requires an annual Self Assessment Questionnaire (SAQ) to maintain compliance. The SAQ assists businesses in self-evaluating their PCI DSS compliance and may be requested by an acquiring bank. As there are multiple versions of the SAQ based on compliance level, PAC can assist you in determining which SAQ is best for your business as well as how to complete it.
Your PCI DSS compliance can also be assessed during vulnerability testing or penetration testing. Our specialists can reveal any vulnerabilities that may compromise your compliance.