In order to give you a better service Airbus uses cookies. By continuing to browse the site you are agreeing to our use of cookies. I agree

To opt out of Google Analytics data collection, click here

Thanks. We have set a cookie so that Google Analytics data collections will be disabled on your next visit.

Consulting Services

The need for enlightened governance and decision making

 

Hyper-interconnected, heterogeneous and complex information systems can be incredibly difficult to protect against increasingly sophisticated cyber-attacks. 

These cyber-threats apply pressure on organisations and often become one of the main challenges for managers. Controlling cyber risks is now widely recognised as fundamental for the survival of everyday operations and activities, with many organisations seeking out ways to become more “cyber resilient”.

In order to avoid catastrophic or even insurmountable impacts from cyber-attacks, we offer our services to:

  • Maintain your production
  • Protect your technologies and R&D
  • Save your reputation
  • Ensure regulatory compliance

The multidisciplinary nature of our services

From risk analysis activities to maturity or compliance audits, our services can cover almost all of the support needs of your information security teams.

Drawing on our know-how in operational security, our consultants rely on various Airbus CyberSecurity experts (e.g. architects, SOC analysts, pentesters, cyber threat intelligence analysts, etc.) to deliver pragmatic studies based on genuine experience in the field.

We also offer complete support by providing an entire team called “CISO Takeoff”, which can be deployed in a short period of time and help you quickly gain maturity.

We believe that incorporating the culture of cyber security into all layers of your organisation necessitates significant human and organisational resources. Accelerating the dissemination of awareness in your business will reduce your cyber risks by making each employee an actor of cyber security.

In order to coordinate these efforts and steer information security governance, your CISO remains a key player. Together, we can help your CISO face this challenge and accelerate your entity’s adoption of cyber resilience via:

A fine and precise analysis of your cyber-risks

The definition of your information security strategy and your corresponding program

Governance assistance (CISO Take-Off)

A holistic approach integrating people, process and technology

Our services

 

GOVERNANCE ASSISTANCE
 
  • Information Security Strategy and Master Plan
  • Security policy and control plan
  • CISO Coaching or “CISO Take-Off” Coaching
  • Risk mapping (IT/OT)
  • Support for your region’s certifications (e.g. LPM, RGS, Mindef, DR II901, ISO 27001, etc.)
  • Reporting support (dashboards, KPIs)
COMPLIANCE SUPPORT
  • Audits (ISO 27001, SWIFT, NIST, NATO, RGPD, PCI-DSS)
  • Audit of Information Systems Security Audit Service Providers (e.g. PASSI): architecture, organisation, configuration, pentest, source code

ENHANCING CYBERRESILIENCE

  • Prioritisation of projects through risk analyses (e.g. EBIOS RM) and maturity assessments
  • Benchmark of solutions
  • Business continuity (BCP)
  • Crisis management
SPECIFIC INFORMATION SECURITY STUDIES
  • Cloud: Strategy, evaluation, architecture
  • AMI: Strategy, Evaluation, Architecture
  • ICS: Strategy, evaluation, architecture
  • And many others

CONSOLIDATING CYBER DEFENCE

  • SOC Implementation and Governance Strategy (Roadmap)
  • Incident management (SRMP procedures)
  • Strengthening of cyber resilience (BCP/PRA)
THREAT AWARENESS
  • Promote a culture of cyber security to all players in the organisation (IT, business, VIPs) via awareness actions: e-learning, newsletters, training, conferences, etc.
  • Cyber Crisis Management Training Exercises

The "CISO Take-off" offer

 

We propose to build an operational information security governance in 6 months, through the implementation of a “CISO Take-Off” composed of several consultants (3 to 5) under the leadership of a temporary CISO.

The implementation of a complete and multidisciplinary CISO team will be able to provide you with all the necessary documents and processes to set up an information security governance and a cyber security roadmap.

With the foundation built, you will be able to integrate security into all your projects (information security certification, risk analyses), raise awareness among your employees, disseminate your security policies and ensure their application through the implementation of audit and control programs. This accelerated rise in maturity will enable you to consider greater cyber defence capabilities (SOC, CTI, CSIRT).

The “CISO Take-Off” will also have the mission to build your future information security team and at the end of the cycle, will remain your privileged contact to advise you during your next steps.

 

Contact us for more information.