Cyber security has become one of the most important yet overlooked aspect of most small to medium sized companies. Unfortunately most IT & Network Professionals, as well as web designers are trained to focus on the operational function of the network as opposed to cyber security, thus for leaving an organization vulnerable to cyber attacks. A secure network starts with proper design to provided network segmentation, more detailed access controls, better logging and monitoring, and the removal of single points of failure. In fact most risks can be mitigated by implementing a security-by-design infrastructure.
At CIS we utilize a proven three-pronged approach to help protect your organization from malicious attacks.
- Identify all network vulnerabilities
We perform a comprehensive analysis to identify all network vulnerabilities.
- We Perform “Proof of Concept” exploits to show current vulnerabilities.
We save you money on addressing actual vulnerabilities , not “false positives” provided by most vulnerability scans saving you thousands of dollars on your IT Security budget.
- Get next step recommendations
Deliverable’s include a Network Infrastructure & Architecture Security Assessment Technical Report, an Executive Summary, and a in person presentation for corporate executives and IT Administrators on our findings.
During our assessment, our professional security consultants review the security architecture of your entire network. CIS evaluates your your companies security control mechanisms and balance them with practical goals of the organization and critical assets. Our process takes a careful look at:
- Critical Assets of The Company
- Technological Infrastructure
- Security Policy & administration procedures
- Network Mapping & Topology
- Personnel and IT Experience Levels
- Authentication and access procedures
- Disaster Preparedness and Contingency Plans
- Incident Response Policies and Procedures
- Data Storage and Backup Procedures
- Third Party Risk
- Training and Policy Controls
The components listed above are assessed in three primary phases:
- Documentation review — Evaluate the current requirements, architecture, and design, for any design issues or exposures. This phase also includes a review of policies and processes related to network design.
- Vulnerability scanning and penetration testing — Evaluate the security of each host by doing a network device vulnerability scan and penetration test.
- Administrator interviews — Conduct an interview with the network administrator that focuses on industry best practices in infrastructure design, and validate the findings from documentation review, vulnerability scans, and penetration tests.
Once completed our security professionals will provide you with:
- Executive Report
- Comprehensive Report of Vulnerabilities
- Recommendations to address the organizational cyber risk
- Personal Presentation of Findings To Key Personnel