Maturing Your Cyber Security Framework

This assessment is designed to address the unique needs of Small and Mid-Sized Businesses. ZAG will help your organization manage the unique threats, vulnerabilities and risk tolerances that you are facing. We aim to reduce cyber security risks and help you improve the way you manage those risks. 

The Cyber Security Framework Assessment provides a structured assessment of your strengths, weaknesses and maturity in the Information Technology processes. This offering is based on the National Institute of Standards and Technology (NIST) Cyber Security Framework, and it extends beyond a conventional network vulnerability scan. We will assess the business and technical requirements that will enable you to reduce cyber security risks. 

NIST Framework

The NIST Cybersecurity Framework is broken down into the following areas:

  • Asset Management (ID.AM)
  • Business Environment (ID.BE)
  • Governance (ID.GV)
  • Risk Assessment (ID.RA)
  • Risk Management Strategy (ID.RM)
  • Identity Management, Authentication and Access Control (PR.AC)
  • Awareness and Training (PR.AT)
  • Supply Chain Risk Management (ID.SC)
  • Data Security (PR.DS)
  • Information Protection Processes and Procedures   (PR.IP)
  • Maintenance (PR.MA)
  • Protective Technology (PR.PT)
  • Anomalies and Events (DE.AE)
  • Detection Processes (DE.DP)
  • Response Planning (RS.RP)
  • Security Continuous Monitoring (DE.CM)
  • Communications (RS.CO)
  • Analysis (RS.AN)
  • Mitigation (RS.MI)
  • Improvements (RS.IM)
  • Recovery Planning (RC.RP)
  • Improvements (RC.IM)
  • Communications (RC.CO)

Practical Security Steps Review

There are a number of practical steps that can be taken to reduce the risk of ransomware taking over and encrypting your network. While nothing is 100 percent effective, we believe in making it as difficult as possible for criminals to infiltrate your environment.

Active Directory & Server Scan

Using industry-leading IT assessment tools, we will collect data and compare multiple data points to uncover hard-to-detect issues, measure risk based on impact to the network, suggest recommended fixes, and track remediation progress.

Our non-intrusive IT Assessment modules collect information from Active Directory, servers and end-point devices to evaluate the health of your devices and network.

Network Vulnerability Scan

Using industry-leading Network Vulnerability scanners we proactively identify possible or potential security risks. These risks or vulnerabilities may allow access to confidential areas of your network, allow a denial of service to be performed, or obtain information from your network. The results of these scans will produce a catalog of potential vulnerabilities in the environment.

We examine your network from the Internet as well as from the inside. The internal view of the network will identify vulnerabilities that may allow access to confidential areas of a network, or sensitive internal information to be exposed. Password complexities are also verified, virus protection and patch management are reviewed, and a sample number of servers and workstations are reviewed to provide recommendations on how to enhance the organization’s security posture.

Find Out More About This Offering

Fill out the form bellow to learn more about this offering or talk to one of our Technology Strategists to see if this assessment is the right fit for your organization

Name *