What is our service for Comprehensive inspection and diagnosis of your information security?
This service follows a consistent way of measuring and benchmarking your cyber security across all aspects of information security and specifically:
1. What are the problems it addresses?
- What is your current state and resilience of your information security?
- What are the gaps in your current environment?
- How effective are your information security spends?
- How can the value of your cyber security and cyber resilience investment be maximized?
- How can you achieve cyber resilience and at what cost?
2. What is this service in brief:
- Quantitative and qualitative assessment that uses years of experience in the field of information security, referring to the right questions to ask and how best to interpret the answers you will give.
- We provide the ability to position and compare your current appointment against the environments of your competitors, other similar businesses, and businesses from a different industry.
- Two types of diagnostic service – basic and full. The full one is based on a comprehensive and detailed analysis, composed of over 300 questions, which we discuss together to achieve maximum engagement and efficiency in the answers.
- We also provide benchmarking and compliance with security standards and best practices.
3. What would be the result of a comprehensive check and diagnosis of your information security?
- Assess the current state of your information security and cyber maturity.
- Assessment and diagnosis of the technologies used, processes and the people involved in the process regarding their preparedness and ability to survive a cyber-attack.
- Comparison of your business with similar and analogous companies from the same or other industry.
- Identification of gaps in your information security and recommendations on how to fix them.
- Cost-benefit analysis of the recommendations, as well as a road map on how to improve the identified inconsistencies.
3. What is our approach to a comprehensive check and diagnosis of your information security?
|1. Preparation and initiation of the project
|4. Building a roadmap
|1. Identify key stakeholders
2. Schedule interviews
3. Determine the target maturity score
|1. Set up scoring according to roles
2. Conduct interviews and evaluation of each question appropriately
3. Gather supporting evidence
|1. Review and normalize the results
2. Analysis of evaluations by functions and capabilities
3. Gap analysis
4. Benchmark and comparison with relevant businesses
5. Develop a detailed maturity report
|1. Identify recommendations based on Gap Analysis
2. Cost/benefit analysis
3. Identify the quick wins
4. Develop a roadmap presentation and next steps
|Deliverable / results
|1. Opening presentation
|1. 1. Inspection and evaluation
|1. Report on the resilience of your information security
2. Match report with relevant businesses
|1. Roadmap for improvement based on cost / benefit analysis
4. Workflow and what are the working models we are using?
- Based on our predefined questions correctly ordered by the US National Institute of Standards and Technology (NIST) and specifically the Cyber Security Framework (NIST CSF) the framework for determining the maturity and resilience of your business.
- Ability to use other compliance frameworks and standards such as ENISA, SANS, ISO27001, PCI-DSS, HIPAA, etc. In case of need, we are at your disposal to determine and prepare a similar type of diagnosis and assessment according to your specific standard.
- After extracting the necessary information from the initial questioner, we map them against the model for determining the maturity of the system from Capability Maturity Model Integration (CMMI).
Once we have your responses against the NIST CSF as well as the alignment against the CMMI model to determine your maturity and begin the analytical work to produce a final report on :
- Your current information security assessment.
- Report on the sustainability of your information security.
- Benchmark report with relevant similar businesses operating in your industry.
- Roadmap for improvement based on cost / benefit analysis.
- Final presentation and provision of all the necessary materials that we have used during the process to determine the necessary parameters.
5. Sample reports:
- a. NIST CSF + CMMI map:
- b. Cost / benefit analysis :
- c. Sample analysis of your current situation and revealing the possibilities of how to reach the desired results.
6. What can we do for you and what services do we offer?
- a.Comprehensive check and diagnosis of your information security with the help of our information security consultant.
i. For this purpose, write to us in the contact form.
- b.Purchase the predefined list of questions from us and you can make your own evaluation, classification and determination of your maturity.
a. For this purpose, write to us in the contact form.
c.Specific inspection and diagnosis of your information security with the help of our information security consultant only for certain predefined standards, regulations and frameworks such as:
- ISO27001, ISO27701, ISO31001, ISO22301, GDPR, ePrivacy, ENISA, PCI-DSS, HIPAA and many more.
- For this purpose, write to us in the contact form.
Reduce the risk of your information security to the level acceptable to you and trust our many years of experience in providing consulting services on information security. Contact us via the contact form.