We were engaged to achieve higher levels of Network Security, improved Cyber Risk Management, overall reduce brand risk and potential loss of digital assets for our client and their customers.

This became an ongoing periodic network “health check” and included aspects of Disaster Recovery Business Continuity.

INCLUDES RISK:

Identification: (360-degree cyber risk assessment)

Most significant exposures, such as:

  • Unauthorized access
  • Ransomware
  • Digital communications compromise – Social Engineering
  • Web site scraping
  • Fake negative reviews planted by competitor in social media
  • others…

Mitigation:

  • Manage competitive Request for Proposals from vendors providing:
  • Vulnerability assessment
  • Penetration analysis
  • Manage Bug Bounty programs
  • Employee training
  • Evaluate technology responsive to weaknesses
  • Crisis Management – post event
  • Initial assessment
  • Minimize disruption – “plug the hole”
  • Record/collect data – forensic later assessment
  • Comply with notification requirements
  • Manage Crisis Communication Vendor
  • others….

Transfer:

  • Insurance for internet based risks, 1st & 3rd party

WE HELP NEGOTIATE BETTER TERMS, CONDITIONS AND PRICE FOR INSURANCE BECAUSE OF OUR FIRST-HAND EXPERIENCE IN IDENTIFICATION AND MITIGATION NOTED ABOVE.

  • Contractual
  • Vendors – appropriate liability
  • Identify “who has what data”
  • Customers – control expectations

WE BRING IN TECHNICAL EXPERTS AS NEEDED WITH EXPERIENCE IN CLOUD SERVICES, DR/BUSINESS CONTINUITY PLANNING, COMPLIANCE & SECURITY (EX: HIPAA, PCI, SOX, JSOX, GLBA,ISO, NIST, COBIT, ITIL) MANAGED IT SERVICES, STORAGE & RECOVERY, NETWORKING, IT SECURITY SERVICES, SOCIAL MEDIA RISK & CRISIS MANAGEMENT TO NAME A FEW.