Why pursue an improvement path?
In an era where everything is digital, cyber threats are ubiquitous. The consequences of a breach can be severe, especially for vulnerable small businesses. Attacks are becoming more sophisticated and challenging to mitigate. Additionally, regulations like NIS 2.0 require compliance.
42% of Belgian companies reported a cyber incident in 2022. 
50% of companies lack a cybersecurity strategy. 
37 982 average attacks per year in Belgium in 2021. What is our goal?
Your security! At Cresco Cybersecurity, we are committed to fortifying your business against cyberattacks. Our improvement paths are designed to guide your organization through three key stages: analysis, action planning, and implementation of tailored solutions to meet your needs. Our aim is to provide the support needed to protect your digital assets and establish a strong cybersecurity foundation.
Who is eligible?
At Cresco Cybersecurity, we aim to make cybersecurity accessible to all businesses, whether they are just starting out or well on their way to a secure digital future.
What path can you follow?
Three versions, your choice
We offer three different cybersecurity improvement paths:
START
Initial analysis + action plan
Ideal for companies taking their first steps towards a secure digital future. We provide a clear view of your current cybersecurity level, starting with a basic macro cybersecurity assessment and adapting further tests to your needs, such as penetration testing. All findings are summarized in clear reports, and we establish an action plan presented to the relevant stakeholders.
MEDIUM
Analysis + action plan + support and advice to resolve a limited number of security issues
After analysis and action planning, we focus on addressing critical security issues. In the MEDIUM package, we concentrate on the most critical issues identified to enhance your cybersecurity. Together, we define which aspects to address based on your specific business needs:
- Remediation of identified vulnerabilities from penetration tests and re-verification
- Inventory development
- Cloud security (Azure/GCP/AWS), Microsoft 365, Google Workspace (3-day mandate)
- Email & DNS security
- Network and server hardening
- Backup strategy and configuration (3-day mandate)
- Operating system hardening configuration (5-day mandate)
- Awareness training plan + awareness training session
- External footprint
- Phishing campaign
- Endpoint testing and hardening
- Source code review - Secure development
- VPN testing and hardening
- Active Directory testing and hardening
- Vulnerability management strategy
- Business continuity preparedness
- Incident response plan
- EDR/SIEM implementation
- Provision and drafting of procedures, policies, and documentation
Plus
Analysis + action plan + support and advice to resolve security issues
The PLUS package includes comprehensive internal and external testing to thoroughly assess your infrastructure, akin to real-world attackers. We also allocate more time for implementation, allowing us to address several points already listed in the MEDIUM package.
OPTIONAL EXTENSION PACKS
If you need more time to implement technical improvements, we offer Extension Pack A. This includes an additional 10 days for a more thorough approach. For an even more extensive approach, there's Extension Pack B, offering another 10 days for an even deeper implementation phase.
What is the duration and grant?
Thanks to VLAIO, we can offer paths at half price. Our paths range from 10 to 50 days, depending on your needs. Additionally, VLAIO subsidizes 50% of the costs, making our services even more accessible to SMEs.
- START: 10 days, including 8 days of analysis and 2 days of action plan drafting.
- MEDIUM: 20 days, including 8 days of analysis, 2 days of action plan drafting, and 10 days of support and advice.
- PLUS: 30 days, including 12 days of analysis, 2 days of action plan drafting, and 16 days of support and advice.
- Extension Pack A: 10 days of support and advice.
- Extension Pack B: 10 days of support and advice.
What is the outcome?
Start The START package initially provides a clear view of your current cybersecurity maturity level. You'll receive clear reports and a customized action plan with priorities, facilitating your start. These reports significantly contribute to improving your company's maturity level, with appropriate involvement. The START package is the first step toward strengthening cybersecurity for your business. Medium In our MEDIUM package, we offer comprehensive support to identify and resolve vulnerabilities, as well as implement essential solutions. Our intervention leads to a significant improvement in your company's cybersecurity maturity level. We focus on mitigating the most critical issues through specific sub-projects aimed at strengthening particular areas of interest. After our collaboration, your company will not only have a clear roadmap for future security improvements but also the most direct and effective improvements, also known as 'quick wins'. Plus Cresco Cybersecurity's PLUS package is a comprehensive service offering more time for thorough assessments and vulnerability testing, including the implementation of effective solutions. This comprehensive approach significantly enhances your company's cybersecurity maturity level. We focus on eliminating critical security risks and initiating major sub-projects. After our intervention, your company will have a detailed roadmap and necessary tools for a secure future resilient to cyber threats. 