Training
Bridge your organisation’s skills gap with expert-led training tailored to the role, knowledge and requirements of the individuals involved.
Thomas Murray’s cyber risk management and resilience training focuses on enhancing the knowledge and awareness of teams, regardless of the starting point.
Training types
Executive briefings
Table-top exercises
First Responder Training
Cyber awareness workshops
Thomas Murray cyber alerts
Subscribe to stay up to date with developing threats in the cyber landscape
Proactive security
Attack simulation: Red Teaming and Purple Teaming
Our attack simulations consist of planned exercises which attempt to cover relevant threat actor’s methods.
Thomas Murray simulates the most common attack vectors during the following stages
Simulate social engineering via phishing
- Identify high-value targets using internet reconnaissance.
- Craft realistic emails that appear to come from a legitimate source and containing legitimate content.
- Weaponise emails to install our custom malware on the target’s computer or steal authorisation credentials our team will use to access the network.
Simulate insider threat
- Mimic an internal user who has authorised access to the internal network.
- Assess the level of access that can be achieved using authorised equipment, such as laptops.
- Determine whether abuses of policies and procedures can be detected by your organisation.
Attack path validation
Using standard frameworks, such as the Mitre ATT&CK framework, we work with your teams to identify and test specific attack paths that might be relevant to them.
This may be because of a previous breach and a need to re-test new or tightened controls, or because of an industry or sector-wide cyber security campaign being waged by adversaries.
Cyber risk consulting
Our cyber risk advisory services help organisations to address fundamental challenges and opportunities around cyber risk, resilience and regulation.
The increasing frequency, sophistication and severity of cyber incidents is driving awareness across the business landscape. Thomas Murray’s Cyber Risk team takes a threat-intelligence-led approach to solving our clients’ most complex challenges:
Strategy
Governance
Audit
Compliance
Assessments
Controls
vCISO services
Virtual CISOs (vCISOs) act as a friendly challenger and partner to organisations’ executive management and board as they seek to mature their cyber security posture.
The vCISO acts as your single point of contact, supported by our team of experts which brings its experience across all the cyber domains. The team provides regular advice and support to any cyber security initiatives, while keeping management up-to-date on key cyber threats and issues.
Cyber risk management
Management reporting
As-needed subject matter expertise advice and support
Cyber programmes and transformation
Maturity assessment
Our skilled team members use subject matter expertise (SMEs) as the basis for a comprehensive approach to conducting cyber security reviews against industry frameworks (such as ISO 27001, NIST, CIS etc).
We combine interviews with output from Thomas Murray’s Orbit Risk platform to provide strategic and operational views of cyber security across the business. We seek to answer key questions:
Are cyber security controls implemented across the whole business?
Are the adopted practices aligned to good practices?
Are current security-related initiatives sufficient? What more does the organisation need to invest in?
How is the business organised to ensure appropriate resources, responsibilities and accountabilities are in place?
Is the organisation managing cyber risk appropriately?
Does the organisation have good capabilities to detect and respond to cyber attacks?
What is involved in undertaking a cyber security transformation journey?
We safeguard clients and their communities
Petroleum Development Oman Pension Fund
“Thomas Murray has been a very valuable partner in the selection process of our new custodian for Petroleum Development Oman Pension Fund.”
ATHEX
"Thomas Murray now plays a key role in helping us to detect and remediate issues in our security posture, and to quantify ATHEX's security performance to our directors and customers."
Northern Trust
“Thomas Murray provides Northern Trust with a range of RFP products, services and technology, delivering an efficient and cost-effective solution that frees our network managers up to focus on higher Value activities.”
Insights
Safeguarding Clients: Elevating Legal Services with Advanced Threat Intelligence
In an era of escalating digital threats, law firms have a unique opportunity to transform their service offerings by integrating cutting-edge cyber se
Thomas Murray Partners with Socura to offer Managed Detection and Response to clients that need support to stop cyber threats 24/7.
The collaboration will see Thomas Murray offer Socura MDR to help its clients proactively identify and respond to threats.
Thomas Murray and Crimson7 Announce Strategic Partnership to Modernise Threat Informed Security
Thomas Murray and Crimson7 are partnering to combine their expertise and create innovative solutions for tackling key cyber security challenges.
Thomas Murray and askblue partner to support financial institutions in meeting the Digital Operational Resilience Act (DORA) requirements
Thomas Murray and askblue are collaborating to provide services that help financial institutions comply with DORA requirements.
Thomas Murray is a proud member of the North West Cyber Security ClusterThe North West Cyber Security Cluster (NWCSC) is a collaboration of cyber security professionals and experts in the North West region. The NWCSC aims to promote innovation, support skills growth, and develop a robust cyber security ecosystem. |
|
