Cyber Security Audit
Businesses are open to a wide and ever increasing range of cyber attacks.
The Security Circle recognises that organisations need support to scope and properly contextualise their cyber risk and have developed a range of Cyber Audit and Cyber Assessment Services in response.
Audit
The first premise of our approach is that Security is a big topic, it is far more than just IT. Security is physical, it is people; it is not just data and applications. Crucially,
security is not an issue just for the IT department.
Our consultants will make a broad analysis of the current organisational risk and work with that organisation to help align the risk posture, establishing the gaps that need to be addressed by an appropriate combination of training, process change and technology.
We believe that benchmarking oneself is the first logical step for any organisation seeking to shore up their security risks.
Approach
Our approach is in two parts, firstly to make an assessment of the cyber-security risk against an open security standard. Secondly, we make a multiple perspective measure of data leakage by examining the levels of leakage internally, externally and at where the endpoint meets shadow IT.
Our approach to Governance, Risk & Compliance (GRC) is to report on the current risk position of the organisation as compared against a leading open
standard measure in Security.
Audits include
-
Governance of cyber risk and threat assessment
-
Data security and risk management
-
Legal or regulatory compliance needs
-
Business continuity and incident management
-
Physical security management of IT infrastructure
-
Network penetration test from outside the network
-
Vulnerability Scan: host based, wifi and other networkvdevices
-
Policy and information security management
-
GDPR, staff training and threat awareness
-
Assessment on DDoS & Mitigation
-
Remote access and port management
-
Involvement of third-party tools and controls
-
Growth and future expansions