Because of the years of experience Mabuhay has with Information Security, we are very comfortable with working in any manner that would best suit your organization. Our talents are diverse and we will be able to tailor our services to your specific needs.

Perhaps your security team needs some short term assistance? You may be in recovery mode and need an extra pair of hands.

We have decades of experience working with universities, small start-ups, and large corporations. In that time we have learned how to hit the ground running by quickly determining your needs and confirming your expectations with a full, detailed status report at the end of each work day. These leaves no question as to what "that consultant" was doing all week. We will provide you with a detailed list of what was done each day.

Are you working on a project that requires an Information Security resource but don't need that person long term?

Let us help you. We have provided precisely this service many times. We can help you get past the immediate need for a full time resource, and even help to train your existing staff so that they can be the in-house experts once we leave.

If your business need for Security goes beyond Compliance then a Security Assessment is critical. Understanding your threats is crucial to the success of your organization. It is only once you understand the threats that you can comprehend the risks and determine how to defend against them. Remember: any risk of which you are not aware is a risk you continue to bear. Ignorance of the risk ensures that you carry that risk.

Threats can come in three different forms: Intentional, Incidental, and Accidental.

1. Intentional: An Intentional threat is deliberately directed at you or your resources. Threats like these can include Hollywood-worthy, insidious plots hatched by Criminal Masterminds known in the business as "Advanced Persistent Threats" (APTs). However, far more common are those threats that are intentionally directed at you, but lack the backing of a billionaire mastermind. Rather they are more likely to come from more modest roots: a disgruntled employee, a political activist, an investor interested in buying your company, or even a competitor trying to get an edge on the market.

2. Incidental: Incidental Threats are threats to your organization that occur as a result of some other intentional act. With these attacks, the attacker may not have anything against you or your organization, but you can still suffer. Examples of this could include:

   • A mal-ware writer decides to test their new DDOS tool by aiming it at your organization.

   • An unknowing employee connects their compromised laptop to your networking along with the latest malware.

   • Your corporate DNS is hosted with a provider who is attacked for their political views.

3. Accidental Threats: Accidental Threats are just that- they're accidents. They could be as simple as snow caving in the roof of your data center, a back-hoe slicing through the fiber of your home office, or a car knocking over the telco access box taking with it all the phone access to your office.