eGov Cyber Security Package

More safety for cities and communities
eGov Cyber Security Package

The digitalization of cities and communities already took place years ago. Today, they use complex infrastructures to easily manage their electronic data. But what about security?

terreActive has developed an eGov Cyber Security Package specifically tailored to the needs of Swiss municipalities.

Goal

The overall goal of the package is to improve the safety of communities with respect to these three risk factors: people, technology and processes.
The package is divided into three stages. Each stage pursue additional sub-goals:

eGov Cyber Security Package Goals

Your benefit

  • We search for all vulnerabilities, and list those that could lead to a hacker or malware penetrating your network.
  • We determine the level of security awareness of your employees and show where there is potential for improvement.
  • We ensure through follow-up investigations that you have closed your security gaps properly.

Scope: Audits and trainings for public administration

Annual package with a duration of approx. 12 months. The package is conducted in three stages:

  1. Stage - Detection: conducting penetration test Intrusionand a phishing simulation.
  2. Stage - Consolidation: conducting penetration test Resilience,awareness training for employees and follow-ups to the first stage.
  3. Stage - Completion: Conduct a second phishing simulation, retesting and verification of all vulnerabilities discovered so far.

 

eGov Cyber Security Package Phasen

 

Result (Output)

For each audit and phishing simulation we will prepare a specific report consisting of the elements mentioned below. At the end of each phase, we will invite you to a meeting to present all results.

  • Executive Summary
  • Technical results and analysis
  • Evidence
  • Recommendations

Customer profile: For whom is this eGov Cyber Security Package suitable?

terreActive recommends this package to municipalities with approx. 5'000 to 10'000 inhabitants.
Of course, adaptations to size and special needs are possible.

Options to choose from

  • OWASP Top10(stage 1 or 2): An audit that specifically examines your critical web applications.
  • ICT Minimum Standard Assessment (stage 1): An audit at organizational level, specifically suitable for larger communities.

Effort

The working hours per stage depend on the customer's infrastructure.
Nevertheless, the following list should give you a rough idea for your planning.

  For terreActive  I  For the customer
Stage 1:   5 - 8 days 2 - 3 days
Stage 2:   3 - 4 days 1 - 2 days
Stage 3:  4 - 6 days 2 - 3 days
Total:       12 - 18 days 5 - 8 days

 

Example of a time schedule

eGov Cyber Security Package time schedule

Our community and its technical operations have to be protected against cyber attacks. terreActive supported us by analyzing our situation with a security assessment and provided a lot of valuable practical recommendations within the audit report.
Othmar Wirth
Head of Finance
Community Würenlos