about-image

Who We Are

BARIM Enterprises was founded by Navy veterans who have dedicated their careers to protecting companies from current and emerging cyber security threats.  Specifically, we meet our clients where they are by conducting thorough cyber security health checks.

Our mission

We leave no stone unturned during our assessment to ensure that our customers are informed, educated and prepared to respond effectively.  In today’s world, hackers are increasingly going after small and medium-sized companies, who do business with larger companies.  By doing so, they attempt to infiltrate the supply chain of larger enterprises.  Our mission is to protect these smaller companies, who might not have the resources or bandwidth to completely protect all assets 24×7.

Our Values

  • Be Honest in Everything
  • Demonstrate Integrity
  • Work Hard for your Customers
  • Dedicate the business to Serving
  • Protect those who need help
  • “Value” is for our Clients to determine
  • Deliver On Time

ABOUT US

left-shape
right-shape

How it Works

Project Discovery Call

Get Started TODAY!!

  • First, we will meet to discuss your goals and current security safety concerns.   This meeting can be onsite or via video conferencing
  • Following the meeting…In writing, we will confirm/verify the details we captured during the Discovery call.
  • We will draft an itemized Requirements document for you to review and provide feedback.  Once final edits are made and confirmed by you, we will match and map your the requirements to our services
  • We will deliver a detailed Statement of Work (SOW) that will include the plan of execution, pricing and completion date targets

Finally, we will sign a services agreement and our team will draft the project plan, identifying key tasks, milestones, delivery dates, resource requirements and assigned action owners.

1

Project Kickoff

We will meet with your project team and key leaders to go through the project plan.  During this session, we will inform you of any Asks that we have of your team to accommodate our services. (i.e. access control, diagrams, guest account, etc)

Following the project plan discussion we will begin to Identify your Cyber Risks by performing a very thorough security Health Check.

This health check will provide you with a concise and detailed report describing your current cyber risk status and critical exposures, and will draw on best practice, such as ISO 27001, the CIS Critical Security Controls, and ISO 22301.

  • Identify cyber risks relating to people, processes, and technologies
  • Identify technical vulnerabilities affecting your IT infrastructure
  • Assess risks posed by employees through anonymous staff questionnaires
  • Provide remediation advice for identified vulnerabilities and key risks

2

Complete Services and Move to Sustainability

Assess Cybersecurity Risks

We start by naming all assets and prioritizing their importance. Second, we identify all possible threats and vulnerabilities in your environment. At this point, address all known vulnerabilities with appropriate controls. Next, attempt to determine the likelihood of a threat event occurring and conduct an “impact analysis” to estimate its potential consequences and cost impact. Your resulting risk determination will serve as a guide to inform risk management decisions and risk response measures moving forward.

Identify Possible Cybersecurity Risk Mitigation Measures

Identifying and assessing risk is just the beginning. What is your organization going to do about the risk you find?

With our partnership, your team can employ either technological or best practice methods, ideally a combination of both. Technological risk mitigation measures include encryption, firewalls, threat hunting software, and engaging automation for increased system efficiency. Best practices for risk mitigation include:

  • Process and workflow changes
  • Cybersecurity training programs
  • Updating software
  • Privileged access management (PAM) solutions
  • Multi-factor access authentication

Use Ongoing Monitoring

After we have identified, assessed, and mitigated the risks in your environment, we will ensure that you are equipped to monitor and understand the effectiveness of our work.  More importantly, we will help prepare you to monitor, capture and respond to new and emerging cyber threats.

3

What Barim Focuses On

BARIM is a global team of cyber security experts and IT Security specialists

Our qualified and experienced consultants will work with you to determine the strength of your cyber security posture. Our team of ethical hackers will thoroughly examine all in-scope areas and supply you with a detailed report,… identifying any security gaps and opportunities, then recommend specific steps to eliminate or mitigate your risks.

wbd-icon

We Ensure that your Operations are Compliant

We begin with an Governance and Compliance Review

  • Cyber Operations Governance
  • Asset Register
  • Legal, Regulatory, and Contractual Requirements
  • Policy Documentation, Maintenance, Storage and Review
  • Roles and Responsibilities (separation of duties)
  • Review Staff Training and Awareness Practices
  • Physical security assessment (including perimeter)
wbd-icon

Assess Security Risks and Controls

  • RCSA and Risk Register
  • Network Policy Review (intranet, supply chain and remote workers)
  • Secure configuration (best practices)
  • Control Procedures
  • Access Control
  • Mobile Devices (Company-owned and approved BYOD)
  • Cloud Security
wbd-icon

Serve as Incident Response Resources(24x7)

Provide On-Call Major Incident Response Personnel

  • Command and Control Leads
  • Incident Scribes
  • Status Updates and Communications Leads
  • Root Cause Analysis/After-Action Reporting
  • Technical Subject Matter Experts (SMEs)
wbd-icon

Detecting and Reporting

  • Anti-Malware
  • Security Event Monitoring
  • Patching/Hardening
wbd-icon

Operational Vulnerability Assessment

Perform a complete, 7 day review of your operations, to include assessments of:

  • Physical Entries
  • Remote Logins
  • Email
  • Desktop safety
  • Internal Room Access
  • File Downloads
  • Record Retention
  • Third-Party/Supply Chain exchanges
  • Event Log review
wbd-icon

Provide Staffing, Training and Technical Writing

At the request of the client, we provide:

  • Supplemental IT and Security Staff
  • Annual Safety, Regulatory and Compliance Training
  • TableTop Exercises for Senior Leaders
  • Create and/or Update Incident Response Plans or Business Continuity Plans

Our Solutions and Services include:

solution-image01

Health Check and Report

We perform Best-in-Class Cyber and IT Security Health Checks.  We leverage penetration testing, enterprise and proprietary tools that scan and identify vulnerabilities, risks and opportunities to better fortify your operations.  We produce and deliver to you visual reports that provide detailed outcomes, recommendations and prioritize next steps.

$100/hr

solution-image01

Operational Vulnerability Assessment

Our Operational Vulnerability Assessment includes patching and hardening scans, process documentation reviews, change management operational review and document storage

Pricing based on scope

solution-image01

On-Call Incident Response (24x7)

Dedicated Incident Response personnel will be on-call to lead major incidents that involve IT security and/or cyber attacks.

Pricing based on scope

solution-image01

Compliance and Certification

Cyber compliance refers to the process of ensuring that an organization adheres to industry regulations, standards, and laws related to information security and data privacy. Many different types of organizations may need to comply with various cyber security regulations and standards; we will match those requirements to your industry and your business needs.

Pricing based on scope

solution-image01

Supplemental IT Security Staffing

If/When your company needs short-term or long-term supplemental staff, BARIM can accommodate your needs.  Not only do we lock arms with our clients while providing IT Security and Cyber services…we often remain engaged, at the client’s request, for months or years afterwards.

Rate Varies from $40 to $125 per hour

WHAT WE DO

wbd-shadow
know-image

Did You Know

Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices

Microsoft Warns of Surge in Cyber Attacks Targeting Internet-Exposed OT Devices

May 31, 2024 OT Security / Threat Intelligence
Microsoft has emphasized the need for securing internet-exposed operational technology (OT) devices following a spate of cyber attacks targeting such environments since late 2023. “These repeated attacks against OT devices emphasize the crucial need to improve the security posture of OT devices and prevent critical systems from becoming easy targets,” the Microsoft Threat Intelligence team said . The company noted that a cyber attack on an OT system could allow malicious actors to tamper with critical parameters used in industrial processes, either programmatically via the programmable logic controller (PLC) or using the graphical controls of the human-machine interface (HMI), resulting in malfunctions and system outages. It further said that OT systems often lack adequate security mechanisms, making them ripe for exploitation by adversaries and carry out attacks that are “relatively easy to execute,” a fact compounded by the additional risks introduced by direc
cyber security

Protecting Your Saas Stack from Cyber Threats – What Works and What Doesn’t

websiteAdaptive ShieldSaaS Security / Identity Security
Read the SaaS survey to learn how enterprises are better positioned to prevent SaaS breaches and threats.
Beyond Threat Detection – A Race to Digital Security

Beyond Threat Detection – A Race to Digital Security

May 31, 2024 Threat Detection / Endpoint Security
Digital content is a double-edged sword, providing vast benefits while simultaneously posing significant threats to organizations across the globe. The sharing of digital content has increased significantly in recent years, mainly via email, digital documents, and chat. In turn, this has created an expansive attack surface and has made ‘digital content’ the preferred carrier for cybercriminals and nation-state threat actors. Digital content is the easy way in for attackers, whether it be to launch sophisticated attacks, malware distribution and phishing or ransomware attacks.  Governments and highly regulated industries are particularly vulnerable due to the notoriety attackers can receive and the “prize” or impact that can come in compromising their networks. For Governments and defense agencies, this could mean losing access to sensitive and classified information. For critical infrastructure and highly regulated industries that could mean disruption to services or physical damage.
about-left-shape

Barim Testimonials

profile

Jacob

“Absolutely GREAT service!  The team added detail that my IT staff had not yet considered”

profile

Richard

“Project was scoped properly , finished on time and came in under budget…what else could I have asked for.  Good Job Guys.”

profile

Michel

“We received a very thorough security health check.  Some things we were aware of, but most of the report was a surprise.  Now the work begins.”

Customer List is (Private), at client's request