Information Security Risk Assessment

IT Risk: The Challenge
Today risks and threats to your proprietary information and IT infrastructure come from everywhere, both inside and outside your organization. It is absolutely critical to identify and understand these threats in order to be able to properly act upon them and reduce your overall risk levels. Achieving this understanding can be difficult due to human and capital resource challenges.
Presidio’s Cyber Security vulnerability and risk assessment can help you:

  • Benchmark your IT security posture
  • Understand vulnerabilities in your environment
  • Reduce IT security risks and liability
  • Protect intellectual property and company data

 

IT Risk Assessment Approach
Risk Analysis Presidio uses the Risk Assessment portion of the International Organization for Standardization (ISO) information security standard ISO/IEC 27005:2011 as an operating framework for vulnerability and risk assessment engagements. Identified threats are analyzed in light of the value of the asset(s) in question, pervasiveness, effectiveness, existing controls, likelihood of exploitation, and potential impact to the organization if the threat is acted upon. This risk analysis, using an internal risk scoring methodology based on NIST 800-30, results in a risk score that describes the actual risk being incurred due to the existence of the threat or vulnerability and produces comparable and reproducible results in accordance with ISO 27001.
 

Threat Identification
Threats are identified using a variety of methods, including, but not limited to:

  • Gathering of publicly-available information
  • Review of existing policies, procedures, frameworks, and processes
  • Interviews with various personnel
  • Automated and manual technical testing of technology infrastructure
  • Review of technology infrastructure architecture and configuration

We offer a number of Risk and Vulnerability Assessment to meet your every business need. These assessments are modular in nature, which makes them highly flexible and customizable, so they can be scoped to meet virtually every business, compliance, policy, and budgetary need. Below are links to the assessments Presidio currently offers.

 

Contact us to learn more about our Cyber Security Solutions.