The Lightkeeper blog warns local governments of the dangers to their network & data and leads them to safety by presenting solutions that will...
Security Assessment: What is it and why do I need it?
Why do we need Security Assessments? We need them to gain a picture of our defense, to identify gaps in that defense and opportunities to improve it.
“If you know the enemy and know yourself, you need not fear the result of a hundred battles.
If you know yourself but not the enemy, for every victory gained you will also suffer a defeat.
If you know neither the enemy nor yourself, you will succumb in every battle.”
-- Sun Tzu, The Art of War
Today’s post looks at Security Assessments from the perspective of IT Management (i.e. CIO, IT Director/Manager) and the solutions they employ to defend the organizations they manage. In doing so, it answers the question…What is it and why do I need it?
What is it?
A Security Assessment is a high-level review of an organization’s cybersecurity posture. Its goal is to document the organization’s preparedness to defend its network and data against threats. In doing so, it identifies gaps in an organization’s defense and opportunities to improve it. What a Security Assessment is not is an audit as it does not verify its findings.
Why do I need it?
The threats to your network and data are vast, complex and ever evolving. Once you have a working knowledge of them you can begin planning and implementing your defense or, as in most cases, improve on the defense you already have in place today. This is where the Security Assessment comes into play. It gives you a picture of your defense - your cybersecurity - within an IT landscape that is common to all organizations.
Our assessments start with a survey covering what is arguably the core of an organization’s defense:
- Email Security
- Endpoint Security
From here it moves on to cover solutions that are complementary to the core but further strengthen an organization’s defense:
- Backup & Disaster Recovery
- DNS Security
- Management & Monitoring
- Regulatory Requirements
- Secure Remote Access
- Vulnerability Scanning
Your answers to these questions paint the picture of your defense from which we identify gaps and/or opportunities to improve.
How do I get started?
Click the link below and submit the information requested. Doing so will cause an email to be sent which includes a link to the survey we use to gain an understanding of the cybersecurity you have in place today. Upon receiving your answers, we will review each section assigning a score which will be used to identify gaps and/or opportunities to improve. This done, we will contact you to schedule a 1 hour call to review our findings and recommend ways to fill gaps and improve existing solutions assuming there are opportunities to do so. We look forward to talking with you soon!
Click here to get started today…