A Cybersecurity assessment solves potential problems

Every Small, Mid or Enterprise organization needs a cybersecurity policy on access and procedures.  Things like:  Who has access to what data, how to request access, what normal permissions users have (based off least privilege), data classification and destruction, can end users install programs, what employees can access on the internet,  and consequences for violations of these policies.  These are all important things to include in your current cybersecurity policy.  

All organizations need an incident response plan.  Think about this; you just found out your network is compromised, what do you do right then?  What do you turn offline? Who do you contact? Do you have backups? How do you stop the spread?

These are all things EVERYONE will know, if you have the right incident response plan in place. This can be the difference in both surviving and recovering from a cyber attack.

Your current cybersecurity stance is based on a multitude of factors.  1st, what security systems do you have in place currently?  Do you have a next generation firewall?  What about a SIEM, IDS, IPS, VPN, Multi Factor Authentication, or Full Disk Encryption?  If you do not know what some of these are, your network is not properly protected.  Cybersecurity stance also includes your companies cybersecurity culture and training.  Do people in your organization prioritize cybersecurity and making sure they protect client information?  Do you provide cybersecurity awareness training for all employees?

Cyber risk is the risk score and vulnerabilities your organization face compared to relative factors.  These factors are based off your industry, what you company offers, how many employees you have, current supply chain management/access, and risk cost.  We also have a CyberScore which is able to rate your company on a scale of 1 to 10, on how you would fare responding to and surviving an actual cyber attack.  

Being on the Law Enforcement side we were able to come up with this score based on how companies were able to recover from a cyber attack incident based on the security measures they had in place.  This score is based of real life instances and analysis.