Our standard list of services include:
Through our partnership with leading cyber security readiness provider GreyCastle Security, we are able to provide our clients with industry leading offerings that ensure your organization is well positioned now and into the future.
01.
Incident Response
All companies are vulnerable to attacks and are often in a state of continuous compromise, which means not being finished with the previous incident before a new incident begins. Breach and incident response can be chaotic and stressful without the right tools and partner. We'll prepare your company for potential breaches by offering the following:
- Plan Development: The best time to prepare for a cyber incident is before it happens
- Tabletop Testing: Effective recovery requires a well-tested plan and a certified team of professionals with real-world scenarios
- Training: The incident response team needs to know what the plan is, how to follow it and know it without referencing it during a real-world security incident.
02.
Vulnerability Assessment
Vulnerability scanning is a vital cybersecurity staple for a company's entire infrastructure. This service provides the ability to:
- Match up critical vulnerabilities with critical assets
- Generate a list of the patches or other remediations
- Identify all of the false-positives and false-negatives that exist
- Satisfy PCI, HIPAA and NERC-CIP regulatory requirements.
03.
Risk Assessment
A risk assessment is the best first step in protecting your company. We offer the following customized assessments:
- A HIPAA Risk Assessment provides an evaluation of healthcare and ePHI-related security risks as determined by the requirements of the HIPAA Security Rule
- An ISO 27002 Risk Assessment provides an internationally recognized standard to use as a reference for implementing and managing information security controls and used in conjunction with ISO 27001
- A NIST SP800-53 Risk Assessment provides guidance for the protection of an organization’s and citizen’s private data
- Vendor Risk Management provides an assessment of what risk third party vendors might present to your operation
04.
ISO 27001
ISO 27001 is the international standard for the governance of information assets, creating an effective and sustainable Information Security Management System (ISMS). ISO 27001 certification is a core compliance program to establish an organization’s cybersecurity foundation. Our ISO 27001 services provide:
- A 100% success rate leading to certification and security of your organization
- An implementation road map with policies and standards that are segmented into five steps for certification within eight months
05.
Penetration Testing
A penetration test, often called "red teaming,” simulates the effect that cyber threats could have on your business, providing a real-world view on targeted assets while using the same tools and techniques that modern criminals use. We work to identify your company's adversaries as well as their capabilities, motivations and targets. A penetration test is a valuable part of your company's cybersecurity program and should be performed:
- To test your cybersecurity controls after they have matured
- To identify potential security breaches, as well as exploitable vulnerabilities in critical assets, including money, intellectual property, credit card applications and critical infrastructure
- To satisfy PCI, NERC and other compliance requirements
- After significant changes to your business or infrastructure
06.
CMMC
The Cybersecurity Maturity Model Certification (CMMC) is an approach designed by the U.S. Department of Defense (DoD) to create a unified cybersecurity standard and secure their supply chain and Defense Industrial Base. Companies will need to journey towards CMMC compliance in order to conduct business with the DoD. We offer a comprehensive plan to guide your company through all levels of compliance to ensure certification by the DoD.
07.
Cybersecurity Consulting
Our team of experts will listen to your immediate needs and long-term goals to map out a comprehensive compliance and/or risk program.
We will work with you to develop effective cybersecurity programs, minimize the impact of state and federal compliance regulations, improve your client retention and mitigate security incidents. Our revolutionary approach to service delivery uses the mindset that cybersecurity is not just an “IT” issue – it’s about the overall health of your business.
Interested? Get in touch with AssuredTek today!