Our Services

Cyber Risk Management

As a result of these real-world engagements, we are experienced in the area of cyber risk quantification and the real-world implementation of the FAIR model at an enterprise level.

  • Strategic Risk Analysis Support

    • ​We help you see the big picture like never before – in less time than you ever dreamed possible. We offer a variety of Enablement Services focused on areas of strategic concern for the organization.

    • These engagements typically range from a few weeks to a few short months.

    • Risk reporting – Enterprise risk assessment

    • Board reporting – Analysis of top risks (5 to 10)

    • Budgeting – Analysis of top projects

  • Tactical Risk Analysis

    • Finding value from your RiskLens Platform deployment happens in a matter of days to a few short weeks. We offer a number of Enablement Services designed to show you how to run tactical risk analyses that can help you drive better day to day decision making.

    • Examples include:

    • Risk assessment – audit findings

    • Risk assessment – policy exceptions

    • Risk assessment – migration of systems to cloud

    • Risk assessment – Web app attacks, patching

    • Risk assessment – Effect of act of terror, sabotage

    • Cost-benefit analysis – Improved application patching

    • Cost-benefit analysis – DLP improvements

    • Cost-benefit analysis – Data encryption

    • Comparative analysis – Ransomware / malware events

    • Comparative analysis – Improved/additional controls

    • Comparative analysis – Anti-phishing controls efficacy

Security Consulting

Connecting innovation, transformation, and leadership

If you’re ready to innovate and transform your business,

We can help you imagine, deliver, and run your future, wherever you compete, using the latest technologies, from strategy development through implementation. Because impact isn’t created alone. Together we can make history.

  • Assist with roles as Virtual Chief Information Security Officer as a services (VCISO)

  • Cyber Incident Planning and Response advice.

  • Cyber Threat modelling 

  • Compliance management (GDPR, CCPA, ISO 27001, NIST-CSF, PCI)

  • Security Architecture / Security Solution Design and Blockchain security. (Azure, DLT, Hyper-ledger fabric)

  • Penetration testing (Infra, Web, API, Mobile)

  • Holistic OS Harnding

  • Code review (Java, python, javascript, GOLang, .NET) 

  • Solutions design are always part of change and innovation in any business. We support FOSS and want to help you find fit for purpose solutions (even if it is closed source as a commercial solution COTS). 

  • Identity Access Management

  • Single Sign-on: Configure SSO on any web portal that support CAS, SAML or OPENID Connect for federated identity. 

  • Strong Authentication: FIDO U2F tokens, one-time passcode (OTP), mobile authentication options.

Auditing and Assurance

Audit & Assurance is about much more than just the numbers. It’s about attesting to accomplishments and challenges, and helping to assure strong foundations for future aspirations. We illuminates the what, how, and why of change so you’re always ready to act ahead. Assistance with ISO 27001 and CryptoCurrency Security Standard (CCSS)  implementation and audits

The CCSS covers controls that increase the security of the cryptocurrency portion of an information system, however it does not cover common standards and practices for increasing the cybersecurity of an information system.

This includes (but is not limited to): 

  • Cryptocurrency Exchanges (i.e. Information Systems that allow its users to exchange cryptocurrencies for other forms of money) 

  • Cryptocurrency Marketplaces (i.e. Information Systems that allow its users to exchange cryptocurrencies for other goods and services) 

  • Cryptocurrency Games (i.e. Information Systems that allow users to gamble their cryptocurrencies for a chance at winning more) 

  • Cryptocurrency Processors (i.e. Information Systems that automate the acceptance of cryptocurrencies for payment) 

  • Cryptocurrency Storage (i.e. Information Systems that facilitate the receipt and transmission of cryptocurrencies amongst other actors) 

  • Any Information System that handles cryptocurrencies as part of its business logic.

Key Aspects in CCSS: 

Key / Seed Generation

Wallet Creation

Key Storage

Key Usage

Key Compromise Policy

Keyholder Grant / Revoke Policies & Procedures

Third-Party Security Audits & Procedures

Data Sanitization Policy

Proof of Reserve

Audit Logs

For more related information please visit

C4  (CryptoCurrency Certificate Consortium)

Open Repository for the  CryptoCurrency Security Standard 

from CryptoConsortium

Advise on how to track, trace and monitor cryptocurrency transactions and/or crypto crimes.

Identify and investigate illicit activities involving cryptocurrency.

CryptoCurrency Assurance

You need to know what’s going on behind cryptocurrency.

From cryptocurrency AML, CTF, KYC, OFAC efforts, compliance risk and forensics.

We are in partnership with the best in the industry! 

Contact

Amstelplein 349

Uithoorn

1421SG

The Netherlands

 

Chamber of Commerce / KVK :

Amsterdam 68589174

VAT: NL0024.70.253.B02

Mobile: +31-634667207

Intl: +1415 6899105

Baltimore, MD

info@violetskysecurity.com

  • Black LinkedIn Icon
  • Black Twitter Icon