Cyber Security Assessment - MVP Phase 2

from $1,500.00

Yes, there are many cyber standards, but the one thing they all have in common in their binary approach to pass/fail. They all drive your organisation to meet a ‘compliant - standard met state’ that may not be representative of the level of risk or investment you are comfortable with.

To tackle this problem, we have assessed all of the major cyber standards in depth and summarised them down to 20 key control groups. We then shaped these into Low, Medium & High tests. Based on your Cyber Risk Appetite score in Phase 1, we serve up the appropriate posture assessment.

Each of the 20 control groups are presented as a scenario or statement and you are asked to score how closely your current posture aligns with that statement. We use the COBITT maturity model for scoring.

The posture assessment has three levels and you can choose whether you complete 1, 2 or 3:

  1. Desktop assessment of your cyber posture across the 20 control groups.

  2. Request for evidence to validate the scores given in 1 above.

  3. Technical assessment to ensure practices can be observed and align with the scores provided in step 1. This involves in depth internal vulnerability and external attack surface assessments as well as the assessment of many other technical controls.

This phase concludes in a posture assessment report which details the score for each control group and how that relates to the target score, therefore highlighting the gap to meeting the risk appetite or potential over investment.

How does the Minimum Viable Protection (MVP) approach work?

  1. The cyber risk appetite score sets the target the organisation seeks to be for their cyber posture.

  2. Next we assess and score your cyber posture score across 20 cyber specific domain areas. This articulates the effectiveness of your cyber protections.

  3. Finally we prepare a targeted cyber remediation plan to guide your organisation to lift your posture to at or above your risk appetite score - therefore ensuring relevant cyber protections are in place to meet your risk appetite.

This approach leads to a targeted investment program that aligns with the organisation’s stated requirements and avoids over investment or gaps in your cyber protections.

Note: Prices quoted cover a single legal entity with a single domain and a maximum of 150 computer users. Please contact us to price larger assessments.

Phase 2:
Quantity:
Add To Cart