KeyInfo, a Converge Technology Solutions Company, offers Cybersecurity Assessments to help clients develop a plan to address the ever-changing technology and security needs of their business. Through a deep dive analysis of your environment, KeyInfo helps uncover new opportunities and recommends key technologies that will keep your business relevant and competitive in the marketplace. Benefits include the following:
- Enablement and best practices knowledge
- Technology investment, evaluation and planning
- Evaluation of your organization business and IT processes
- Data evolution, management, and integration
- Technology utilization and support
- Agile processes to deliver business outcomes
- Formulate a shared vision for next steps
- Opportunities for cost savings around IT spend
- Help with the creation of roadmaps
Cybersecurity Assessments Descriptions
- Network Vulnerability Assessment: The intensity, source, and intent of security threats are constantly changing which makes it difficult to know where the next attempt might break in. In order to provide organizations with an overall view of potential technical risks to their network architecture, best practice effectiveness, and gaps in information security controls, our cybersecurity experts conduct Vulnerability Assessment services.
- Penetration Testing / Red Team Assessment: Although the term Penetration Testing is now more prevalent than ever before, there is still a fundamental misunderstanding in the industry of what this entails. As a result, our Penetration Testing/Red Team Assessment Service leverages social media, publicly available information and social engineering in addition to traditional network-level testing to provide a true-to-life representation of an organization’s actual attack surface. This effective modeling of a threat actor will arm any organization with a new perspective and an accurate view of the potential for information security exposure, data theft, or other compromise.
- Security Controls Assessment: Establishing an effective Security Strategy requires using a targeted approach to determine gaps that exist in security policies and controls regarding company systems. This approach requires a review of current security processes, sensitive information locations, and internal controls that guard them. The Security Controls Assessment will take notice of areas where policies/processes are lacking as well as examine any controls that exist a rate them on a maturity and integration scale.
- AWS Cloud Security Assessment: The objective of this assessment is to perform a cloud security policy and general controls review to ensure the adequacy and effectiveness of required controls that will protect the integrity, availability, and confidentiality of customer resources. This task is modular in approach and will compare findings with guidelines dictated by NIST Special Publications for information security and Cloud-specific security controls recommended by the Cloud Security Alliance.
- Compliance Risk Assessment: The objective of this assessment is to perform an IT policy and general controls review to ensure the adequacy and effectiveness of required controls that will protect the integrity, availability, and confidentiality of customer information resources. This Gap Analysis is modular in approach and will compare findings with regulations dictated by chosen compliance framework(s). Current packages include:
- HIPAA (Health Insurance Portability and Accountability Act of 1996, including the Final Omnibus Rule update)
- PCI DSS 3.2.1 (Payment Card Industry Data Security Standard)
- ISO 27001/27002
- NIST Cybersecurity Framework
- NYDFS Cybersecurity Regulation (23 NYCRR 500)
- CMMC/GLBA etc.
- IBM QRadar Health-check Services: Our health-check service provides customers with a holistic assessment of the security controls environment. This is to not only ensure optimal functionality but also to improve the integration with QRadar SIEM so that the organization may get the most out of internal security investment.
- IBM Guardium Health-check Services: This assessment provides organizations with a holistic assessment of their Guardium environment including performance, stability, health indicators, best practices, configuration settings, effectiveness of policy, and more. The result of the Health Check is a comprehensive report with both an executive report card and detailed, actionable recommendations for remediation and improvement.
- Cisco Anti-Malware Protection Demo / POV: Cisco Anti-Malware Protection - Online Demonstration available.
- Cisco Umbrella Demo / POV: Cisco Umbrella offers flexible, cloud-delivered security when and how you need it. It combines multiple security functions into one solution, so you can extend protection to devices, remote users, and distributed locations anywhere. Umbrella is the easiest way to effectively protect your users everywhere in minutes.
- Cisco Firepower Demo / POV: Cisco Firepower - Online Demonstration of hardware and software security solution.