Cyber Security Review
Charterhouse's Cyber Security Review covers a holistic review of your current security posture helping you to identify any gaps that could be leaving your organisation exposed.
Based on our 3-layer approach to security; understand the risk, reduce the risk and automate against new risk, the assessment will provide a prioritised list of actions based on the risk they pose to the organisation.
We believe our layered approach helps organisations improve their security posture and makes it easier to explain and present to other people within the business.
Understand the Risk
Most organisations we speak to don’t have the visibility they need to understand the actual risk to their business, visibility is critical to reducing your risk. This could be understanding what vulnerabilities can be exploited by a script-kiddie to what SaaS applications are posing a risk to your data. What are the business risks? Is it reputation damage that is the most concerning to the board?
The most obvious of the three and what every organisation is attempting to do, but without first understanding and creating a risk-based priority list, investment and effort can be made in the wrong area.
Automate Against New Risk
As the threat landscape changes extremely quickly, the risk to your organisation also changes. When investing in solutions to help you reduce risk, it is essential they can be automated to help reduce your ongoing risk. This could be simply giving you visibility of new vulnerabilities or automatically securing your firewall rules.
The Cyber Security Review
This free review captures important information across the organisation.
- Business Risk Questionnaire
We will pose several questions to understand the risk of a successful cyber-attack, what is the reputation impact, what is the operational impact, for example. Then understand what are the key assets, what are you trying to protect and why?
- Reconnaissance Scan
Any targeted attack always starts with reconnaissance looking for gaps in security that allows an attacker in. The report will detail any externally facing vulnerabilities we can find including those with publicly available exploit kits.
- Cyber Health Questionnaire
What is currently being done to give you and your team the right visibility and ensuring you can protect against as many threats as possible and those you cannot, how do you detect and respond to?
Can your team see a vulnerability that someone with very little knowledge can exploit? Can you detect users entering their credentials into phishing sites? Is your IDS/IPS inspecting all traffic or is it blind to encrypted traffic?
These are just some of the questions our consultant will explore with you.
The Cyber Security Report
Our consultant will provide you with a report detailing all the findings and create a list of prioritised actions based on the risks identified.
The Cyber Security Review will add value to you and your organisation by identifying potentially unknown gaps in your security posture, while the report will detail both the changes required but also the positives already in place.
You will be able to present to your line management the successful steps you have already taken whilst leveraging the report to build a business case for any further investment needed in terms of resource or budget.