Security readiness at Graham Miranda is the conservative, defensible foundation work: backups that work, identity that is provable, devices that are encrypted, and a written incident-response plan. It is not penetration testing or "cyber" jargon.
A conservative, security-minded overview of practical infrastructure hygiene, access awareness, backup thinking and responsible technical operations.
明確なマイルストーンを伴う透明な協働モデル。
Honest review of current backups, identity, devices, data flows and contracts. Identify the few things that, if they failed, would actually hurt.
Focused work over 4–8 weeks to bring the basics in line. Most of the value lives here.
Lightweight tabletop exercise of the incident-response plan. Document gaps; iterate.
現実的で誠実な期待値 — 過剰な約束はしません。
Backups actually work in a real restore.
MFA enforced; admin and user accounts separated.
Lost laptops are not a breach.
A written incident-response plan exists, has been read, and has been drilled.
専門ページがエコシステムを強化し、適切なサービスへご案内します。
Graham Mirandaのサービスを比較する方への簡潔な回答です。
No — we focus on the foundational hygiene that determines whether a pentest finding actually hurts. We can refer to reputable pentest partners when appropriate.
No, we are not auditors. We help prepare an organisation for audit if certification is the goal.
Operational practices align with GDPR (data inventory, processor agreements, breach notification process). Legal advice on specific scenarios is a lawyer matter.
Yes, lightweight phishing awareness exercises included in readiness work. Aimed at building habits, not catching individuals.
Yes — incident-response support is available, with realistic scope: containment, communications, written post-incident review.
No commissions. Where a tool is recommended (e.g. password manager, endpoint protection), we name it and explain why; you buy directly.
A conservative, security-minded overview of practical infrastructure hygiene, access awareness, backup thinking and responsible technical operations.
