A cyber security review provides an independent and in-depth assessment of the ability of an organisation to protect its information assets from the impact of cyber threats. The cyber security review aims to establish and validate the effectiveness of cyber security measures. It also identifies vulnerabilities in an IT system and matches them to potential internal and external cyber threats.
An initial cyber security review identifies the current cyber security risk ‘posture’ and defines the baseline for improvement in the future. Cyber risks are identified, and security measures (controls) are applied to mitigate the risks consistent with the objectives of the organisation. Subsequent reviews are performed at intervals to ensure that all of the security measures are performing as required. Cyber security reviews are essential to delivering the effective management of cyber security and underpin compliance to ISO 27001, PCI DSS and Cyber Essentials Plus standards.
An experienced cyber security consultant will perform a comprehensive audit of the cyber security measures implemented in the organisation. This audit will involve on-site visits and remote access where required. Interviews with senior managers may be conducted to adequately identify and validate the relationship between the people, process and technology controls being used. A comprehensive written audit report will be delivered which documents the status of each security measure and indicates the level of cyber risk in the context of the vulnerability, threat and potential impact. The report will identify actions and recommendations that can be taken to minimise cyber risks.
We have the widest range of network devices, operating Systems (OS), databases and applications in physical, virtual and cloud infrastructures.
We support non-credentialed, remote scans, credentialed, local scans for deeper, granular analysis and offline auditing.
450+ templates available to measure against for compliance and configuration. (e.g., FFIEC, HIPAA, NERC, PCI, more) and configuration (e.g., CERT, CIS, COBIT/ITIL, DISA STIGs) auditing.
A cyber security review is designed to assess the key aspects of your IT security related infrastructure, processes and technical management capabilities, and balance these against the cyber threats that are most relevant to your business
Our Cyber Security Review is available for all existing and new customers as a one-off service. We always recommended a Cyber Security Review to all potential customers as it gives you and us an understanding of your current security posture.
A CSR is made up of a few different elements but the 3 key areas is an ‘interview’ process which involves speaking with someone in IT. There is also two vulnerability scans that are performed (inside & external). We also would require access to a standard build machine. Part of the assessment is performed onsite as well as a portion will be completed from our office.
The report will contain the results of both vulnerability scans, the results of our CIS control interview with your chosen IT contact as well as an overview score of your current security posture. We will also give you advice on how to improve your security posture.
The report will be securely sent to you and a call with your account manager will happen shortly after to talk through the key elements and what the next steps are to start improving your cyber security posture.
If you have any further questions regarding Cyber Security Review, please contact us via email firstname.lastname@example.org or 0333 311 0121