Governance, Risk and Compliance (GRC)
Why should you consider doing a Cybersecurity Assessment
Most often companies choose to do a cybersecurity assessment because their industry or customers expect documented compliance with HIPPA, PCI-DCC, or SOC. Even without such a requirement, a cybersecurity assessment can save your company lot of money and people hours by clearly identifying and prioritizing the most pressing security issues for mitigation.
Cybersecurity assessments are a key tool for ensuring the security and integrity of an organization's systems and data,
and for protecting the organization's reputation and bottom line.
What we examine in Cybersecurity Assessments
Zephon's comprehensive assessment of your organization's cybersecurity posture includes the following areas:
-
Network security: A review of the organization's network architecture and security controls, including firewalls, intrusion detection/prevention systems, and VPNs.
-
Endpoint security: An assessment of the security of the organization's devices, including laptops, smartphones, and servers, and the software and policies in place to protect them.
-
Cloud security: A review of the security of the organization's cloud infrastructure, including the use of multi-factor authentication, encryption, and security monitoring.
-
Identity and access management: An evaluation of the organization's policies and controls for managing user identities and access to sensitive data and systems.
-
Compliance: An assessment of the organization's compliance with relevant industry regulations and standards, such as HIPAA, PCI-DSS, and SOC 2.
-
Incident response and disaster recovery: An examination of the organization's plans and procedures for responding to and recovering from cybersecurity incidents and natural disasters.
-
Penetration testing: A simulated attack on the organization's systems and networks, to identify vulnerabilities and assess the effectiveness of the organization's defenses.
-
Risk assessment: A comprehensive assessment of all potential risks to the organization's information assets and the likelihood of those risks occurring.
Why choose Zephon
-
We are a team of highly experienced and highly technical security professionals. We not only assess and document the vulnerabilities but we can design and implement solutions to close your immediate and most critical security gaps.
-
We provide custom security policies aligned with your business as opposed to trying to make your business fit some off the shelf cookie cutter templates.
-
Included in our assessment is the integration of our vulnerability scanning tools with 3rd party feeds to ensure you are staying up to date in the future.
-
We build scripts that automate the ongoing monitoring and remediation of risks (Here's an example of a utility we built to extract security policy to role mappings for a client's AWS environment so it can be ingested into RSA Archer for monitoring and tracking).​
Success Story
Challenge
Health Care Service Corporation (HCSC, also known as Blue Cross Blue Shield of Illinois and Texas) – HCSC had just started migrating to Microsoft Azure Cloud and wanted security policies applied. The Information Security Team had defined and documented robust security policies applicable to Cloud environments but not all were available out-of-the-box within Azure Security Center. This posed a challenge to the Information Security team as they were unable to verify and validate the current security posture of the Cloud environment.
​
Solution
Zephon designed and deployed Azure Security Center policies as per HCSC's Security Policies and CIS 1.0 and 1.1 benchmarks. Where out-of-the-box policies were not available, custom policies were created. The policies were tied to custom rules and alerts for automatic and near real-time notifications using Microsoft Azure Sentinel. Zephon also developed a custom script to extract policy compliance information from Azure to ingest it int RSA Archer integration for reporting.
​
Impact
-
Developed custom security policies for CIS 1.1 where Azure Security Center did not have one out of the box
-
Developed custom scripts to extract policy compliance data and import it into RSA Archer
-
Designed, developed and deployed custom rules and alerts for automatic notifications and resolutions to compliance gaps
-
The Information Security team is now able to get a complete and detailed resource level picture of compliance gaps against organizational security policies
If you have not conducted a cybersecurity assessment or looking for a more thorough assessment then please contact us for more information.
What you receive in our Assessment Reports
Our cybersecurity assessment reports typically include the following elements:
-
Executive Summary: A brief overview of the assessment's findings, including a summary of the key risks identified and recommendations for addressing them.
-
Background: Information on the scope of the assessment, including the systems and networks evaluated, the assessment methodology used, and the team that conducted the assessment.
-
Current Security Posture: A detailed analysis of the organization's current cybersecurity controls, including an assessment of their effectiveness in protecting against known threats.
-
Risk Identification: A comprehensive list of risks identified during the assessment, including the likelihood and impact of each risk, and the systems and data affected.
-
Recommendations: Specific recommendations for addressing the risks identified, including the implementation of new controls, the strengthening of existing controls, and the development of incident response and disaster recovery plans.
-
Conclusion: A summary of the assessment's findings and recommendations, and a discussion of next steps for implementing the recommendations and improving the organization's cybersecurity posture.
-
Appendices: Additional information, such as detailed test results, vulnerability data, compliance checklists, and other supporting documentation.