We cover the full scope of NIST 800-53, plus an assessment of your Active Directory and if you use cloud services, your AWS, GCP or Azure/365 environments.
Use the Information Security Program Plan to turn it into a Fortress!
Audit your People, Processes and Technologies, all in two weeks.
We will share more about the process and people parts of the assessment lower on this page.
Our Auditors go beyond just asking questions.
We explain why we asked the question.
Then we share the kinds of risks you might face by implementing the security controls or not implementing them.
And if relevant, we also share our experience in mitigating those risks with other clients.
Hackers don’t care if you are compliant with SOC 2, NIST, ISO 27001, PCI or HIPPA.
You might have a wall of certificates and they could still come in; take everything they need and leave unnoticed.
In fact, this happens all the time.
Our assessment focuses on the methods hackers use to get in.
The mitigation advice you will receive in the end is focused on preventing real-life threats and attacks.
During the assessment, take the opportunity to ask questions and get them answered by our security experts.
Every point mentioned in the “what is included” above can become a discussion topic and we will tell you all we know about potential defense strategies.
Imagine you own a house and want to add an additional floor. First you have to review and strengthen the foundations. This service builds cybersecurity foundations to facilitate growth in a resilient, timely manner.
This service will also provide the company with a cybersecurity risk assessment and improvement plan but with significantly more support from a senior consultant to help the company embed improvements in a continuous, timely manner
The dreaded car MOT is looming. It’s the unforeseen wear & tear that results in some necessary annual maintenance. Our cybersecurity review will highlight what needs to be done as your engineers.In addition to the context gathering stage and security footprinting service, a senior consultant will perform a risk assessment to understand the company’s cyber risks and provide recommendations. They will also be available to undertake monthly calls for answering questions, providing guidance and checking on whether risks are reducing.
You’re embarking on a more active lifestyle, chosen to go on a diet and get in shape. Think of this service as the cybersecurity equivalent of the personal trainer, helping you along the way.
After an initial context gathering stage, a junior security consultant will be available once per month to answer questions and provide recommendations based on company goals and activities. A cybersecurity footprinting service will allow the company to continuously monitor its external security posture.