Professional Services

Understand your cyber and operational risk landscape.

Protect your business continuity, public reputation and stakeholder confidence with wise and effective security investments, informed by an Evertas snapshot-in-time assessment of your organization’s unique risk profile. We’ll help you safeguard against a data breach, hacking incident or ransomware attack becoming a nightmare of breach damage, brand damage and public relations cleanup. Our advice, reports, and documentation will provide your leadership with clear choices for improving your business by reducing risk and increasing efficiency and security.

Offerings

• Structured conversations with stakeholders spanning development, business, and support operations for a bottom-up review and assessment of incident response, information and physical security, and operational policies and procedures.
• Evaluation of technology, engineering, and business operations, business continuity and disaster recovery (BCDR), authentication and access control, restoring from backups, and other key business areas.
• Audit of common information technology, physical security, information security, and incident handling practices and procedures.
• Written report and executive-level presentation containing analysis of current state, specific risk mitigation recommendations, and a proposed timeline for improvement.

An adversarial review of your physical facilities by a dream team of real-world physical protection experts.

Evertas is uniquely suited to assess all aspects of your operation, then make pragmatic and actionable improvement recommendations. Our physical security experts created and managed safety programs that continuously protect billions of dollars in fiat and crypto; we have served on teams protecting every living US president and provided executive and operational leadership for dignitary protection during the United Nations General Assembly – we know this stuff cold.  

Offerings

• Creation, review, and improvement of physical security operations plans, procedures, and policies, flagging and addressing any single points of failure.
• Threat intelligence and counter–surveillance program review or creation.
• Development and initiation of Tabletop Exercises (TTX) for your physical security team.
• Written report and executive-level presentation containing analysis of current state of physical security, threat intelligence, and counter-surveillance programs, specific recommendations and a proposed timeline for improvement.
• A set number (typically 20 to 40) of monthly hours for continuing analysis, advisory consulting, and security, intelligence and counter-surveillance program development / improvement.

Know your digital communications are safe from interception.

Electronic eavesdropping innovations leveraging ever-more robust high-speed cellular and other radio-frequency protocols are increasingly and easily available, while our most sensitive, private, and business-critical discussions can be of keen strategic interest to business or nation-state adversaries. Our technical surveillance countermeasures experts have decades of global experience detecting covert surveillance devices in executive suites, conference rooms, and other facilities. We will conduct point-in-time Technical Surveillance Countermeasures (TSCM) sweeps of your offices or to protect key events such as board meetings at conference centers, resorts, and other remote locations.

Offerings

• Comprehensive assessment and analysis of threats to your secure communications.
• Written report and executive-level presentation outlining the current state of the security of your communications, plus specific recommendations and a proposed timeline for improvement and threat reduction.

Enjoy the peace of mind that our always-on RF signals analysis and threat monitoring brings.

Following a technical surveillance countermeasures sweep, Evertas provides discreet, continuous RF monitoring that intelligently analyzes signals in your environment. Resembling a small, stylish home electronic appliance, the monitor is deployed in offices, meeting rooms, and executives’ homes. The system continuously captures and then monitors the unique RF signature of its location. When potential threats are discovered, they are validated by a human expert and brought to the attention of the principal in real time – 24 hours a day, 365 days a year.

Offerings

• Monitoring device and online management services.
• Ad-hoc consultation by secure voice or video communication.
• Real-time incident response and threat mitigation 24x7x365.

Understand and improve your capacity to detect, respond to, and recover from a cyber security incident.

A bottom-up review of your current security incident readiness plan means you don’t need to wait for an incident to discover your true level of preparation. A roadmap clearly outlining the path toward optimal incident response readiness puts you confidently in control.

Offerings

• Assessment of current incident response policies, security incident runbook and order of operations, and resources earmarked for security incidents.
• Evaluation of out-of-band communications and networking strategies and resources.
• Evaluation of internal and external security communications strategy, plans and procedures, roles and responsibilities, and security incident leadership and command structure.
• Review or initial development of a post-incident remediation plan.
• Security incident simulations, including at least one Tabletop Exercise (TTX) and post-TTX action report.

Emergency orchestration of responses to a hack, breach, or loss of customer funds.

Working with our internal team of experts who have decades of experience leading responses to major cyber incidents and our best-in-class global partners, Evertas assures that your response to cyber incidents is rapid, comprehensive, and effective. From mitigation and creation of recovery architecture and internal and external communications to legal and technical services, we will quickly understand what happened and get business operations back up and running as quickly as possible while taking decisive steps to limit the damage and maximize opportunities for asset recovery.

Offerings

• Coordination and management of legal response, security communications, and technical response.
• Root-cause analysis, re-architecture and implementation services.
• Device, network, and blockchain forensics.
• Asset tracing and attribution with an eye toward maximizing the probability of asset recovery.

Improve the efficiency and security of your code and get more value from testing and code audits through a review of dev team procedures and processes.

Improve the efficiency and security of your code and get more value from testing and code audits through a review of dev team procedures and processes.

Evertas professionals conduct a thorough review of your Software Development Life Cycle (SDLC) documentation, procedures, and audit strategies. We show you custom ways your teams can reduce toil and increase efficiency of activities, such as testing, that are traditionally painful and slow.

This produces two very different, desirable effects: First, the fidelity and relevance of all test results are vastly improved. Second, by virtue of better integration of testing into your organization’s SDLC culture, your engineers become more intimate with their code and the system it supports. This leads to better understanding of the implications of test, pen-test, and audit results, allowing your team to engineer creative and efficient solutions to problems highlighted in the process

Offerings

• Structured discussions with engineering leadership and engineers.
• Reviews of procedures, sprint goals and accomplishments, testing regimens, and historical fix-reviews.
• Written report containing analysis of current state of your software operations, specific recommendations, and a proposed timeline for improvement.
• Executive-level presentation.
• Optional ongoing consultation and advisory services.

Achieve and maintain industry and regulatory compliance through crypto-specialized operational assessments.

Increased efficiency and avoidance of unnecessary expense, worry, and effort are the natural result of consistent regulatory compliance. Expert examinations of internal compliance policies provide all stakeholders with an accurate map of your current and potential place in the regulatory landscape.

Offerings

• Assessment of current compliance strategies and procedures.
• Evaluation of compliance operations and their integration with business, technical, and security teams.

Create and run programs that improve information security, privacy, and compliance.

Our experts have served as full time, interim, and fractional Chief Information Security Officer (CISO) in a variety of industries from start-ups to publicly traded household names. We develop security, privacy, and compliance programs to support our customers as they grow, while articulating a clear vision and defining success for their CISO role. This helps in the creation of a realistic job description, preparation of the board to build a role that is poised for success, and participation in the hiring of a full-time, dedicated security leader. Fractional CISO engagements also leverage one or more of the following Evertas Professional Services products:

• Information Security and Information Security Compliance program creation and management
• Risk Assessment
• Internal Compliance Program Assessment
• Internal SDLC Compliance Assessment & Code Audit Prep
• Incident Readiness Assessment
  

Offerings

• Written report and executive-level presentation containing analysis of current state, specific recommendations, and a proposed timeline for improvement.
• A set number (typically 20 to 40) of monthly hours for continuing analysis, advisory consulting, and program development / improvement.
• Governance, risk and compliance strategy development.
• Execution of strategic plans.
• Security maturity assessments and mentorship of personnel.
• Collaboration with HR and executive team to define the CISO role.
• Security engineering and architecture support.
• Support to the degree needed towards hiring a full-time CISO and ensuring their smooth transition into a role and environment designed for success.