Standards Based Conformance Audit Legislation & Compliance Audits Controls Audit Technology Audits Including Cloud Services Operational Security Audits Mission Critical Infrastructure Audits

Standards Based Conformance Audit

Suraksha provides audits for a range of family of standards including:
  • ETSI Cyber Security Technical Committee (TC CYBER)
  • ISO 27001 and 27002, 27003, 27005 and industry specific audits
  • NERC (CSS),
  • CIP – Banking, Transportation, Power, Communications, Emergency services, Fire dept, Law Enforcement, Defence
  • NIST, 800 Series, 800-30, 800-53
  • ISO 15408
  • RFC 2196
  • ISA/IEC-62443 (formerly ISA-99)
  • IEC 62443 Conformity Assessment Program
  • IASME
  • ITU X800 series
  • Data Leakage
  • Data classification and protection
  • PCI DSS

Legislation & Compliance Audits

  • Data breach reporting
  • CIP, CPCI
  • NERC (CSS)
  • SMART GRID protection

Controls Audit

Suraksha carries out ISM, PSPF, NERC-CIP based controls audits. Data audits to prevent data leakage and reduce data breaches including data breach reporting frameworks and reporting services are a core service provided by Suraksha.

Technology Audits Including Cloud Services

With cloud computing, applications and data are available to an organization’s user base, wherever and whenever users choose to connect. This means the business does not have to maintain the hardware and software required to deliver those services — or provide all the support to keep those infrastructure components updated, secure and available. Other potential benefits to organizations that embrace the cloud computing model are:

  • Decoupling and separating the business service from the infrastructure needed to run it (i.e., virtualization)
  • Flexibility to choose multiple vendors that provide reliable and scalable business services, development environments and infrastructure that can be leveraged "out of the box" and billed on a metered basis — with the potential for no long-term contracts
  • Elastic nature of the infrastructure to rapidly allocate and de-allocate massively scalable resources to business services on a demand basis
  • Cost-allocation flexibility for businesses using the cloud that want to move capital expenditures into operating expenses
  • Reduced costs due to operational efficiencies
  • More rapid deployment of new business services
  • Operational risk reduction, if availability of services and operations are adequately protected within a contract

Operational Security Audits

Risk audits to identify: Weakness in SCADA, Insecure OT networks, Weak protections, device level, device to device, device in a network and network to network risks and mitigation strategies and control recommendations will be provided.

Mission Critical Infrastructure Audits

Suraksha’s penetration testing is through and a very deep technical exercise, including intelligence gathering, external foot printing, internal foot printing, vulnerability analysis, exploitation, post exploitation and extensive reporting is a critical service. Suraksha provides this for both mission critical “Operational Technology” (SCADA, ICS, OT) and “Business Critical” (Edge device to end point). Testing gives you a 360 degree view of all your hacker exposures.