Summary
Nemeris IT is a defensive-only, vendor-neutral cybersecurity advisor. Client or certified partner teams implement; we provide design, governance and QA. Work is measurable (KPI/OKR), GDPR/DPA-first, and mapped to NIS2 and ISO 27001.
- Risk reduction: close critical vulnerabilities ≤ 7 days.
- Response speed: incident MTTR ≤ 2 hours for critical cases.
- Audit-ready: ISO 27001/NIS2 mappings & evidence packs.
Policy: Advisory-only; no pentest/red-team and no tool resale/commissions. B2B-only; high-risk sectors excluded.
Scope & Controls
- Identity & Access (IAM/PAM) — least-privilege, conditional access, MFA; privileged sessions with approvals & recording.
- Endpoints & Servers — EDR/XDR+SIEM, triage runbooks; CIS hardening, golden images, patch cadence.
- Email & Phishing — SPF/DKIM/DMARC, secure gateway, sandboxing & awareness.
- Network & Edge — SASE/ZTNA, micro-segmentation, WAF/IDS/IPS, secure VPN; east–west visibility.
- Vulnerability & Config — continuous scanning, CVSS-based SLAs (7/30 days); GitOps for drift control.
- Backup & Resilience — immutable/air-gapped backups, key vault; tested ransomware recovery & geo-failover.
- Privacy & Compliance — GDPR/DPA-first data inventory & minimization; NIS2/ISO 27001 mappings.
Outcomes
- Risk ↓: quantifiable reduction in breach likelihood and blast radius.
- Observability ↑: actionable telemetry and alert fidelity.
- Zero Trust baseline: identity, device, network, data controls.
- DR readiness: tested RTO/RPO with immutable backups.
KPIs
- Incident MTTR: critical ≤ 2 hours; high ≤ 4 hours
- Change Failure Rate: < 5%
- Critical vuln. closure: ≤ 7 days; high ≤ 30 days
- Backup restore test: successful every 3 months
- Phishing click rate: < 3% in 6 months
Packages
- Kickstart (2–4 weeks): discovery + baseline, gap map, quick wins; 30/60/90-day plan (MFA, admin split, DMARC p=quarantine/reject, critical CVE flow).
- Scale (8–12 weeks): EDR/XDR+SIEM design, vuln-management rhythm, Zero Trust foundation; DR strategy (RTO/RPO), immutable backup drills; governance rhythm.
- Enterprise (4–6 months): TOM & principles, SASE/ZTNA program, micro-segmentation; ISO 27001/NIS2 readiness; 12–18-month dependency-aware roadmap.
Method
- Discover: stakeholders, inventory & telemetry; quick wins.
- Assess: maturity, risks & dependencies; gap report.
- Design: target architecture, policies, runbooks; KPI/SLO frame.
- Pilot: low-risk pilots with exit criteria & rollback.
- Scale: wave planning, enablement & governance; value tracking.
- Sustain: reviews, backlog care, knowledge transfer.
Deliverables
- Strategy Pack: Zero Trust principles, target architecture, vendor-neutral options.
- Control Pack: policies (IAM, EDR/XDR, email, network, backup/DR), SOPs & incident runbooks.
- Metrics Pack: KPI/OKR set, dashboard schema, reporting rhythm.
- Risk Pack: risk register with mitigation & owners.
- Audit Pack: ISO 27001/NIS2 mapping, evidence checklist & templates.
Principles
- Advisory-only. Implementation by client/partners; we provide design, governance and QA.
- Vendor-neutral. No resale, no commissions, conflict-free.
- Defensive-only. No offensive testing or exploit work.
Compliance & Client Acceptance
- GDPR/DPA-first: roles clarified; DPA/NDA in place; least-privilege & data minimization.
- NIS2/ISO 27001: control mapping, audit readiness, evidence flows.
- KYC/Sanctions: EU/UK/US screening; high-risk sectors excluded.
- Liability & Terms: OÜ-friendly contracts, local law and limits.
FAQ
- Do you do pentests or red-team work? No — defensive advisory only.
- Who implements? Client teams or certified partners; we provide design/governance/QA.
- How do you measure success? KPIs such as MTTR, CFR, vuln-closure time, backup-restore success, phishing rate.
Ready to Move?
Share your context (goals, constraints, timelines) and we’ll recommend the right package or a tailored plan.
- Book a Discovery Call ·
- info@nemeris.com · +90 530 990 6218
- Policies (defensive-only, vendor-neutral)
We process only the details you share to respond to your inquiry. See Policies for privacy and data handling.