Cyber Security Assessments

Page 1

CYBER SECURITY ASSESSMENTS Security assessments identify vulnerabilities and gaps in a business’s cyber defences. Early detection introduces the opportunity to address security flaws before they can be exploited by attackers. Secure networks cost money but not as much as the cost of addressing a successful attack. Following a breach that leads to a loss of personal data there are the physical costs, potential GDPR fines (up to 4% of turnover), the possibility of class action lawsuits as well as the cost of commercial and reputational damage. Cyber Security Associates (CSA) understands that assessing cyber health is important for every Business and has developed an assessment methodology based of a number of technical testing methods and recognised cyber security frameworks. Maintaining cyber health against the cyber threat should be a core objective of a business that uses information and data in support of its commercial operations. Understanding cyber health maturity and how it can be improved through accurate and objective assessments provides clear evidence for a business to invest and focus on its future cyber security programme.

OUR ASSESSMENTS The CSA Cyber Assessments are split into two main areas: Technical and Framework. Our technical assessments focus on all aspects of the information processing environment, ranging from websites to PCs. Each technical assessment will discover vulnerabilities that could be exploited by the cyber attacker and will recommend ways to close these gaps. Our framework assessments can be tailored to suit a specific Business need by using a recognised benchmarked standard (ISO 27001, Cyber Essentials Plus, NIST and the NCSC CAF). Alternatively, the CSA ‘best practice’ framework assessment aims to focus on specific cyber areas at the strategic and higher levels of management and combines elements of the recognised standards. Every assessment will present a detailed analysis of the current cyber gaps and vulnerabilities and will present a suggested roadmap of improvements and recommendations for a Business to take forward.

TECHNICAL ASSESSMENTS Vulnerability Assessments Vulnerability Assessments identify and address any security exposures before attackers can exploit them. Tools are used to scan all IP addresses on the network to identify vulnerabilities such as out of date software and patches. Depending on scope, assessments can cover a Businesses’ internal network, external boundary or both. The vulnerability assessment report will deliver a detailed network map of all end points which can be referenced against each IT asset register. Any unofficially added devices to the network are thus identified - such rogue devices are seldom hardened or secured and therefore introduce unwanted risk to the network. The vulnerability assessment will also be used as part of the Cyber Essentials Scheme framework assessment. Penetration Testing Penetration testing identifies security holes in a network or application that a potential attacker could breach. CSA uses a methodical approach, the latest toolsets and hacking methodologies to test the defences of specific applications, servers, routers, networks and other devices, within scope systems, looking for a potential foothold. The foothold is then exploited to see how far the network can be penetrated.

FRAMEWORK ASSESSMENTS Every framework assessment uses a face-to-face interview technique with a series of tailored questions that will provide a descriptive finding and a Capability Maturity Model (CMM) score against each area assessed. The CSA team will discuss potential options to improve the score during the assessment and then present a series of recommendations to improve the score of each area assessed. The final output will be presented in a summary report which includes a visual graphical format that can be easily understood by all stakeholders within a Business. More detail will be provided in a separate document to cover each technical control relevant to the selected framework stating the current status with improvement recommendations.

The Capability Maturity Model (CMM) CSA uses the Industry recognised CMM framework to provide each Business both a current assessment and potential score based on a scale of maturity. The CMM approach provides a benchmark for comparison and guides understanding of the behaviours, practices and processes within each Business. The levels of the CMM are as follows: - CMM 0 (Not Present) – There is no evidence that the process is managed at all. - CMM 1 (Initial) - There is evidence that a security risk exists and needs to be addressed; however, there are no controls in place to tackle the issue. - CMM 2 (Limited) - Security controls are still in development and/or there is limited documentation to support the requirement. - CMM 3 (Defined) - Security controls have been documented and communicated, but there are areas where the required detail is lacking, and/or they are not enforced or actively supported by senior management. - CMM 4 (Managed) - It is possible to measure the effectiveness of security controls, but there is no evidence of any compliance reviews and/or the controls require further refinement to reach the required level of compliance. - CMM 5 (Optimised) - Security controls have been refined to the level required by industry standards based on effective leadership, change management, continual improvement and internal communication.

0

1

2

3

4

5

The assessment is a great way to benchmark your cyber maturity against one of the recognised information security frameworks.

National Institute of Standards and Technology (NIST) The American based NIST Cyber Security Framework focuses on business drivers to guide cybersecurity activities and developments. The framework consists of 5 core functions (Identify, Protect, Detect, Respond and Recover) split into a number of categories and sub-categories.

ISO/IEC 27001 Information Security Management ISO 27001 (ISO/IEC 27001:2013) is the international standard that is designed to help Businesses manage their information security processes in line with international best practice while optimising costs. ISO 27001 is technology and vendor neutral and is applicable to all organisations - irrespective of their size, type or nature. The CSA ISO based assessment will provide a high-level analysis on the effort required for Business contemplating working towards certification to this International standard.

NCSC Cyber Assessment Framework The NCSC Cyber Assessment Framework (CAF) is intended for use by organisations that are responsible for services and activities that are of vital importance. As such, organisations within the Critical National Infrastructure or managing cyber-relayed risks to public safety will benefit from the CSA CAF assessment. The CAF fourteen cyber security and resilience principles will be covered under the assessment proving a greater focus on specified essential functions.

Cyber Essential Scheme The NCSC recognised UK certification is the Cyber Essentials Scheme (CES) designed to help organisations improve their cyber defences. The CES requires each organisation to meet the necessary requirements of five technical themes. The enhanced version – CES Plus requires a technical validation against these themes.

Best Practice The CSA bespoke assessment focuses on the key areas of interest to Business executives but remains aligned to the core principles of the other frameworks. This assessment remains tailored towards more strategic and leadership cyber topics looking at governance, strategy, policy, roles and responsibilities, risk and incident management. Cyber Roadmap and Recommendations Each framework assessment will present the business with a high-level roadmap and associated recommendations of suggested cyber areas of improvement. The roadmap will cover short-term initiatives (3-6 months) and longer-term areas (12 months plus) for a Business to consider, focusing on both organisational and technological lines of development.

ADDITIONAL CSA SERVICES

MANAGED SERVICES

SECURITY ASSESSMENTS

Providing around the clock managed cyber services from the CSA SIOC from a team of Cyber professionals.

Our range of security assessments cover both technical and operational aspects for any business.

Your expert information security partner

PRODUCTS

TRAINING

CSA produces its own and re-sells a number of specialist cyber products.

CSA provides a range of cyber training services designed to meet an organisations needs.

CRISIS RESPONSE

CONSULTANCY

Our crisis response service is run through the CSA SIOC providing a number of services to help companies when something goes wrong.

The Senior Team at CSA provide a range of cyber consultancy services to assist companies understand cyber security.

+44 (0)1452 886982

|

UNIT 11, WHEATSTONE COURT, WATERWELLS BUSINESS PARK, GL2 2AQ

|

W: CSA.LIMITED

CYBER SECURITY ASSESSMENTS

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.