Figure 1 - The Plain Language Overview is a security expert's perspective of your cybersecurity at a high level.
What's it like?
Expert cybersecurity consultation
Your top cybersecurity risks
Easy to understand plain language
Affordable at $499
Satisfies most annual risk assessment requirements
What we do
Data Gathering:Conduct business and technical interviews, use our assessment tool for network scans, and open-source intelligence gathering
Data Processing:Analyze the data gathered and build an executive summary
Consultative Briefing:Present findings and provide collaborative guidance for improving security maturity
Concludes with a consultative briefing
The assessment ends with a live consultative briefing for senior leadership with a cybersecurity expert, where we review findings, discuss recommendations, and have time for Questions & Answers.
What’s the difference between this and a full-blown multi-thousand-dollar cyber assessment?
This risk assessment is a short, focused look at key areas we often find major risks. We think it's a waste of time to dig any deeper if you're not already moderately mature in managing cyber risk. There is a better way!
A full-blown expensive assessment goes into further technical detail and requires more hours of business and technical interviews and questionnaires.
We use the same assessment tool as in larger / more detailed assessments.
The "stack" of reports in other assessments will be much taller, because we focus on just the top 10 risks you can do something about. We feel the rest of the pile is just noise when you need to focus on several key items right now.
More expensive assessments often include penetration testing. We believe penetration testing is wasteful until your security program maturity merits a real test or unless it's required by contractual obligations or laws.
Who should purchase THIS assessment? / Who is this for?
This Top 10 Cyber Assessment is most beneficial for organizations of any size with low to moderate cybersecurity maturity and those who consider themselves to have limited resources.
This is a great option for companies who want a peek into what the more expensive assessments will contain.
Any organization needing a quick turnaround time with key actionable insights should purchase this Top 10 Cyber Assessment.
This cyber assessment is geared toward business leadership who wants to be able to make informed risk decisions.
Our cybersecurity experts will build and present a practical, prioritized mitigation plan at the interactive executive briefing for senior leadership.
What is a risk assessment?
A risk assessment examines your security controls and how they stack up against known vulnerabilities to determine your security posture. It's an essential part of the risk management process in that it evaluates your general cyber resilience.
Do I get to ask questions?
Yes! During interviews and at the final presentation, you should be asking questions and getting answers. This is your assessment and we want to maximize value to decision makers by providing helping you understand your specific risk profile.
You may also request an extended consultation or a follow-up consult if there was not enough time to answer all your questions.
Is this a pentest / penetration test / hacking?
No, this is based on live interviews, open-source research, and a scan of the devices on your network.
We believe that penetration tests are often a waste of money until an organization reaches a moderate-to-high security maturity level; the money saved on penetration testing can be spent remediating real problems, therefore this Top 10 Cyber Assessment can be used to determine if a penetration test will be cost-effective.
Is this an audit or compliance assessment? Will this make me compliant?
No, this is not an audit.
Yes, this will contribute toward your compliance requirements if you are required to conduct an annual risk assessment.
Since this assessment produces security best-practice recommendations, it may help you adhere to compliance standards, and it may identify some areas of non compliance, but it is not designed to be a compliance consultation; "compliance" is a broad topic and you would need to pursue a gap analysis for the specific regulation/standard for which you're seeking compliance.
NSI offers total IT support and cyber security services to firms and non-profits from Waterbury, Hartford, New Haven, Bridgeport, Danbury and the rest of CT. Our all-inclusive IT services are best for organizations with 10 to 250 employees.