Venseca Overview

Page 1

Information Security Reporting Agency

Program Overview

venseca.com

Venseca Vendor Outputs

VENSECA DIGITAL TRUST SCORE

Independent and ongoing evaluation of all internal policies, procedures and collected evidence

EXECUTIVE SUMMARY

2 pages that highlight Digital Trust Score, Service Description, Shared Data, Evidence Collected & Validated, Compliances Observed, Prior Breach details

DETAILED REPORT

6 – 12 pages of additional evidence providing detail about cyber risk posture, recommended areas of improvement/remediation, and supporting evidence

SECURITY RISK ASSESSMENT MAPPING

Map all collected information to common risk assessment standards (NIST CSF, NIST 800-171, SOC2, HIPAA, CISv8, CMMC Level 1 & 2, ISO 27001, GLBA, PCI, others)

VALIDATED INDUSTRY QUESTIONNAIRES

Completed industry specific questionnaire (HIMSS, HECVAT, K-12CVAT, CAIQ)

Venseca Digital Trust Score*

INDEPENDENT

& ONGOING EVALUATION OF:

• Cybersecurity Public Facing Information or Cybersecurity Risk Register

• Risk Mitigation Strategies (Cyber Liability Insurance)

• Policies, Plans, and Documentation

• Compliance, Certifications, Standards, and Regulations

• Cybersecurity People, Process, and Technology

• Cybersecurity Program Assessments and Testing

72 0 * Provisional Patent granted

Vendor or Executive Security Report

EXECUTIVE SUMMARY

2 pages that highlight Digital Trust Score, Brief Service Description, Shared Data, Number of Records, Evidence

Collected & Validated, Compliances Observed, and prior breach details.

DETAILED REPORT

6–10 pages of additional evidence providing detail about a provider’s cyber risk posture, recommended areas of improvement / remediation, and supporting evidence.

BusinessContinuityTest PenetrationTestingExternal PenetrationTestingInternal PenetrationTestingSocial PenetrationTestingPhysical PenetrationTestingWebApplication PenetrationTestingWebSite PenetrationTestingWireless VulnerabilityScansExternal VulnerabilityScansInternal AwarenessTrainingSecurityPoliciesReviewedIncidentReponseTabletopCybersecurityInsuranceRenewalRiskAssessment DataClassificationProjectFirewallReview SecurityEventManagementThirdPartyClassificationReviewThirdPartyContractReview 3 8 8 6 12 12 1 1 3 12 12 5 12 6 Aged in months

In summary Win/Win Solution

Member

• Free Access to Public Facing reports on vendors

• Free Access to Catalog of High-Quality validated Vendor Risk Assessment reports with Digital Trust Score

• Meeting GLBA Compliance with TPRM requirement

Trust Catalog - Vendor

• One to Many Model

• Efficiency: Questionnaire Mappings

• Cost Effectiveness: Access to many Risk Assessment Mappings

• Marketing differentiator: Validated questionnaire

• Favorable Cyber Liability Terms and Conditions

• Ability to work with cyber-analyst to aid

Simple Process

Member

• No contract

• Provide list of Vendors

• Receive Access to portal for you and your team

• Select your vendors

• Access to public facing reports at a minimum

Vendor

• Provide Questionnaire for no cost

• Validation and Vendor Security Risk Assessment –

minimal cost

Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.