Why Kivu for Cyber Security
Assessments are crucial in determining the effectiveness of an organization’s current security, and in judging whether correct remediation has taken place after an incident. Kivu has deep expertise in both reactive and proactive data security services. Kivu’s experience in data breach investigations provides a strong foundation for providing proactive services – Kivu knows what can (and likely will) happen if security fails.
Kivu combines the highest technical expertise with legally-sound, practical business solutions.
Kivu firmly believes that to be effective, in both immediate and long-term results, assessments should encourage and incorporate active dialogue between the client’s stakeholders, IT department and Kivu’s team.
Any security recommendations by an outside party should fully incorporate comments and responses from the client’s key stake holders. This produces not only a technical review, but helps senior management understand the different demands within their organization.
Kivu’s goal is to provide experienced, unbiased advice which helps organizations achieve better control over information security and the governance of their sensitive information.
Post incident, an organization may be under enormous pressure from stakeholders, partners and regulators to implement remediation and “ensure the incident doesn’t happen again”. In this situation, Kivu provides the objective, experienced advice that is crucial to successfully adopting long-term, cost-effective remediation that fits with the organization’s long term IT security plans.
When Kivu is involved in the original incident, there are large cost savings in having this subsequent remediation carried out by Kivu (as we know the client’s system). Kivu is also able to work with other vendors’ reports, review their findings and recommendations, and confirm correct implementation by the client.
Kivu is also experienced in incorporating multiple third party security assessments (e.g. application vulnerability, physical security, and network perimeter testing) to identify any weak links in an otherwise strong chain.