We were retained to provide an independent cybersecurity assessment and resilience plan with respect to the client’s current cybersecurity maturity, and to provide recommendations based on the findings of that assessment to strengthen the client’s overall resilience against potential cyber threats and vulnerabilities.
We conducted a thorough review of all written information technology security policies, processes, and procedures and interviews of members of the Information Systems department.
While onsite, the team visited the data center and observed physical protection measures and reviewed the company’s backup and disaster recovery procedures.
We also assessed the company’s threat profile, determined the most common cybersecurity threats the company may face, and conducted a bespoke security awareness training to the IT help desk, applications support, business solutions, services support, and telecommunications teams.
After reviewing the documents and information collected via interviews, we provided a prioritized implementation roadmap to address security gaps, improve mitigation strategies and cybersecurity measures, and meet industry standards. The recommendations spanned areas from IT Staffing to Tooling to Security Processes.
To help with implementation, we deployed a dedicated expert to act as interim CISO, who later transitioned the work to an in-house leader, a new, dedicated CISO.