Your security roadmap must include at least one annual external risk assessment. We deliver trusted external assessments with a core set of questions that will guide your prioritization of the identified gaps and security controls based on actionable and data-driven findings.

CIS Top Controls v8 Assessments

CIS Top Controls is a prioritized set of safeguards to mitigate the most prevalent cyber-attacks against systems and networks. They are mapped to and referenced by multiple legal, regulatory, and policy frameworks. CIS Top Controls v8 has been enhanced to keep up with modern systems and software. Movement to cloud-based computing, virtualization, mobility, outsourcing, Work-from-Home, and changing attacker tactics prompted the update and supports an enterprise’s security as they move to both fully cloud and hybrid environments.

NIST 800-171 Assessments

NIST SP 800-171 “Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations” states: The protection of Controlled Unclassified Information (CUI) resident in nonfederal systems and organizations is of paramount importance to federal agencies and can directly impact the ability of the federal government to successfully conduct its essential missions and functions.

NIST CSF v2.0 Assessments

The NIST Cybersecurity Framework (CSF) v2.0 provides guidance to industry, government agencies, and other organizations to manage cybersecurity risks. It offers a taxonomy of high level cybersecurity outcomes that can be used by any organization — regardless of its size, sector, or maturity — to better understand, assess, prioritize, and communicate its cybersecurity efforts. The CSF does not prescribe how outcomes should be achieved. Rather, it links to online resources that provide additional guidance on practices and controls that could be used to achieve those outcomes.