CYBER SECURITY ASSESSMENTS // PENETRATION TESTING // IT SECURITY // SECURITY AUDITS // VULNERABILITY ASSESSMENTS
CYBER SECURITY
ASSESSMENT
ARE YOU TRIPLESEC?
3 Program Levels - Regular Check Points - Individualized Coaching - Customized Risk-Based Assessments -
Actionable Recommendations - Prioritized Approach
The Comprehensive Approach
The TripleSEC leadership, through years of global experience, industry insight and executive feedback, understands that the true strength of a consulting partner is a close and continual relationship that involves knowledgeable advisement, mentoring checkpoints, and honest guidance over a long term period. With this understanding, TripleSEC devised their Cyber Security Assessment Program with 3 levels and continual check in points that will drive security within the corporation and infuse a culture of security.
TripleSEC Level 1: Program Assessment
The starting point of any relationship is understanding. Only from this viewpoint can we truly discern where we are starting from and where we need to go. This level starts with interviews and workshops to gain a depth of knowledge and understanding or our clients as individuals, their corporate culture and risk appetite, and the network and data environment itself. Baseline assessments are then conducted to include penetration testing, vulnerability assessments, and critical reviews and analysis of key security elements. The following steps are taken in a Level 1 Cyber Security Assessment:
-
Workshops / interviews to gain initial understanding
-
NIST sub-category mapping and assessment
-
Baseline Penetration Testing (External & Internal)
-
Vulnerability Assessment of external and internal networks (including websites)
-
Firewall Reviews
-
Password Analysis
-
Architecture Review
The Level 1 Cyber Security Assessment is followed up with:
-
Comprehensive, easy to understand reports
-
Security Dashboards, and
-
Onsite executive presentation
TripleSEC Level 2: Remediation Analysis & Deeper Dive
After the Level 1 Program Assessment is carried out and an understanding is established, TripleSEC dives deeper into the analysis. Full remediation analysis is carried out and tracked to demonstrate and encourage progress. Monthly check-ins are scheduled and dashboards are updated.
The following steps are taken in a Level 2 Cyber Security Assessment:
-
Workshops / interviews to gain deeper understanding, track progress and development and provide coaching
-
Reassessment of any previously discovered vulnerabilities
-
Full NIST mapping and assessment
-
Risk Assessment
-
Security Policy Review, Gap Analysis & Security Policy Creation Assistance
-
Deep Dive Penetration Testing (External & Internal)
-
Social Engineering Phishing Campaigns
-
Web Application Assessments (Pen Testing and / or Code Review)
-
Mobile Application Assessments
-
Comprehensive Vulnerability Assessments
-
Device Reviews
-
Incident Response Plan Review and / or creation
-
Tools Review (SIEM, IDS / IPS, etc)
-
Physical Review
-
Security Awareness Training
The Level 2 Cyber Security Assessment is followed up with:
-
Comprehensive, easy to understand reports
-
Security Dashboards, and
-
Onsite executive presentation
TripleSEC Level 3: Comprehensive Re-Assessment & Intense Analysis
The Level 2 Cyber Security Assessment will have provided TripleSEC a deep level of understanding and provided you with the clarity and confidence of a clear vision, and a road map to get there. Full remediation analysis is once again carried out and tracked to demonstrate and encourage continued progress. Monthly check-ins are scheduled and dashboards are updated. At this point, there is continued coaching and mentoring to ensure the road map is on track and security on the radar.
The following steps are taken in a Level 3 Cyber Security Assessment:
-
Comprehensive Reassessment
-
Social Engineering Phishing Campaigns
-
Incident Management Exercise with Red Teaming & Scenario Based Pen Testing
The Level 3 Cyber Security Assessment is followed up with:
-
Comprehensive, easy to understand reports
-
Security Dashboards, and
-
Onsite executive presentation
The benefits of the TripleSEC Cyber Security Assessment:
-
Comprehensive assessment of risk
-
Deep understanding and clarity of the path with an easy to follow road map
-
Graduated analysis for critical focus and ease of engagement
-
Measurable progression metrics that demonstrate the value of the investment
-
Analysis and reporting that can be used as attestation for compliance and 3rd parties
-
Regular check points to keep on track and ensure continuous motivation
-
Close mentoring with the backing of a host of strategic and technical experts
LET'S GET
STARTED
Contact Us Today.
Whether you are looking for general information or have a specific question, we want to help.
CALL
Tel: 650-963-5015