Use our Cybersecurity Assessment to take a comprehensive look at your cybersecurity profile and receive key insights to help you establish the right processes to reduce cyber-risk in the cloud.
The Cybersecurity Assessment provides your business with a foundational analysis of your cybersecurity program and practices, taking your current software usage and deployment position into consideration. The analysis will be the basis for the evaluation of the business’s basic cybersecurity state, providing insights into what software is deployed and areas of potential risk. The analysis will also provide guidance on cybersecurity programs and policies to help enable strong software asset management and improved cybersecurity.
You will be surprised by our findings.
This assessment is ideal for businesses concerned about:
- Preventing data breaches and lost revenue
- Combating credential theft and fraud
- Managing infrastructure and devices
- Regulation of their industry
With cybersecurity, a safety-first approach is vital. The purpose of the assessment is to take a comprehensive look at your cybersecurity infrastructure, including current software deployment and usage, and receive key insights to help you establish the right processes for cyber-risk reduction in the cloud.
INPUTS FROM YOU
We will require:
- A comprehensive assessment of the business’s existing IT infrastructure and environment, including on-premises, cloud, and as available outsourced installations for all affiliate’s locations and/or divisions
- Protocols for accessing the network and corporate network connectivity to external networks
- Any IT monitoring tools that the business uses
- The business’s IT vision and/or road map, including current cybersecurity concerns and plans
- The business’s IT policy manual related to managing cybersecurity – if one exists
Based on the size of your environment and agreed scope, SoHo will use one or more automated discovery tools to collect inputs from your IT estate that will be the basis for establishing the areas of cloud capabilities.
Session 1 – Discovery
Gather accurate data from your IT environment. This will facilitate us to:
- Gain full visibility into everything you have deployed
- Identify unmanaged devices
- Provide an Executive Summary: A high-level summary of project background and scope, data discovery
- Provide an assessment of the business’s overall cybersecurity state – in relation to its IT infrastructure, that includes:
- SQL Server Service Pack deviations
- Windows Server Service Pack deviations
- Mainstream/Extended support analysis – Operating system and Microsoft software
- Anti-virus software/Anti-malware running in the environment
- User account status
- Password controls and last login dates
- Stale domains and data sources
Session 2 – Plan and Decide
Determine what changes are top priorities. This will include:
- A defined cybersecurity road map based on a maturity model using the current CIS Controls™ (v7) to assist the business in better protecting its IT assets, including all business, licensing, and technical guidance.
- Review of business’s cybersecurity-related policies and procedures strengths, weaknesses, and areas of opportunity, including findings and recommendations.
- Advice on how to engage with a local cybersecurity professional, if needed, and a list of additional resources on cybersecurity, such as the Council on Cybersecurity, which would benefit the customer.
- Discuss policies and controls to reduce risk
- Develop infrastructure to quickly respond to threats
Session 3 – Mitigate (Act)
Take action steps to secure your environment. This will be based on 30, 60, 90 days goals to:
- Address all immediate vulnerabilities
- Understand the security benefits of the cloud
Session 4 – Optimize
Set SMART (Specific, Measurable, Achievable, Relevant, and Time-based) goals and to help you measure your progress.
This will include:
- Track and achieve milestones using custom migration plans
- Establish a utilization baseline for assessing progress over time
By the end of this assessment, the customer will have an understanding of the current cyber-risks and an action plan to mitigate these within a defined time frame.