What is a Cybersecurity Assessment?
A cybersecurity assessment or cybersecurity risk assessment involves analyzing a company’s cybersecurity controls and their ability to identify and address vulnerabilities. Unlike a simple cybersecurity audit that often checks off a checklist, a risk assessment should be conducted in alignment with the business objectives of the company. This approach provides a comprehensive analysis of network vulnerabilities, allowing for subsequent measures to eliminate these weaknesses.
What Does a Cybersecurity Risk Assessment Include?
A cybersecurity risk assessment includes posing questions that can evaluate a company’s vulnerabilities and potential threats. Here are some examples of such questions:
- Is our team prepared for a cyber attack?
- Do we have a formal response plan for cybersecurity incidents?
- What types of credentials and authentication protocols do we utilize?
- How do we assess third-party vendors?
Answering these questions through a cybersecurity risk assessment enables the company to identify existing vulnerabilities and strengthen defense measures in the event of a cyber attack.
Cyber Security Assessment IT Workshops
Cyber Security Assessment I – SMALL
High-Level IT Security Interview
– Approximately 100 questions in 15 different categories
Duration: 1 Day
- 4 – 5 hours Interview (OnSite or remote)
- 3 – 4 hours Report Generation
Output:
- “Self-Assessment Maturity Level” and our “Expert Maturity Level”
- • High-Level Presentation including a Priority List for the following IT Security Topics:
Cyber Security Assessment II – MEDIUM
High-Level IT Security Interview
– Featuring 142 questions based on CIS “Good Practice”
– Additional internally developed supplementary questions
– Detailed checks of the IT environment (Firewall, AD, GPO, PW-Policy, Logs,..)
Duration: 4 Days
- 8 hours OnSite Interview
- Incident Response Test with the IT Team
- 16 hours Creation of a High-Level IT Security Roadmap + Management Report
Output:
- Report with recommendations for each area
- Final closing presentation OnSite
Cyber Security Assessment III – INTENSIVE
High-Level IT Security Interview
– Featuring 142 questions based on CIS “Good Practice”
– Additional internally developed supplementary questions
– Detailed checks of the IT environment (Firewall, AD, GPO, PW-Policy, Logs,..)
Duration: 5 Days
- 8 hours OnSite Interview with 2 Consultants
- Incident Response Test with the IT Team
- Execution of CIS-CAT with all required benchmarks
- 16 hours Creation of a High-Level IT Security Roadmap + Management Report
Output:
- Report with recommendations for each area
- Final closing presentation OnSite
- CIS-CAT Reports