Mitigate your business risk with CYFOR
14th September 2011
Risk management should be an integral part of an organisation’s information security policy to protect the confidentiality of your corporate information, disruption to services and lost business costs. The process of risk management is an ongoing iterative process as the business environment is constantly changing with new threats and vulnerabilities emerging every day.
With high profile hacking reported daily, including recent cases of Sony and SOCA, companies face serious risk by not protecting their IT environment. If you are already undertaking vulnerability assessment, is it time to review whether the you are receiving the best possible service and protection?
We have launched CYFOR Secure to support an organisation’s risk management strategy through vulnerability assessment and penetration testing. Combining CYFOR’s vast experience in digital forensics with industry leading products from Rapid7, NeXpose and Metasploit, provides a service that helps companies protect the confidentiality of their corporate information, disruption to services and lost business costs.
A logical and integrated security risk approach is undertaken:
1. Discovery – Identify business critical assets and vulnerabilities
2. Risk detection – Verify and prioritise vulnerabilities based on exploit-ability and overall risk score
3. Testing and validation – Identify gaps in security controls
4. Remediation and mitigation – Prioritise efforts based on acceptable risk
5. Actionable reporting – Management and operations reporting
6. Repeatable process – Regular assessment of business risks
CYFOR Secure also includes forensic readiness services which ensure companies are prepared should they need to respond to a regulatory compliance, support a digital forensic investigation, or as part of an internal investigation.
Combined, these services provide a integral part of your risk management strategy.