The Google Workspace Security review will make use of our cyber security expertise and experience to check your Google Workspace domain for adequate reliability, auditability, scalability, extensibility and robustness.

The Ransomware Susceptibility Assessment reviews your organization’s ability to prevent, detect, respond and recover from ransomware. We review vulnerabilities, the user identity authority (AD/LDAP), endpoints (servers and workstations), malware protection, backups, and recoverability of capabilities to identify opportunities to reduce the organization’s susceptibility to ransomware.

Observability allows teams to monitor security in modern systems more effectively and helps them to find and connect effects in a complex chain and trace them back to their cause. Further, it gives security administrators, security operations and analysts, as well as developers visibility into their entire architecture. This assessment evaluates the logging and monitoring service fabric and attributes to uncover gaps and provide recommendations for improving monitoring to improve visibility into security events and incidents with the objective of improving the time to detect and respond and decrease the impact of security incidents.

Supply chain and supplier (third-party) security is a significant area of exposure for cyber security. We review the supplier security program to validate compliance requirements, efficiency and effectiveness of the supplier security program. Our experts can also establish as risk-based supplier security program and conduct assessments of third-party security. Our approach includes integration of supplier/third-party security in the organization’s Third-Party Risk Management Program.

Independent review or external internal audit for conformance with the ISO 27001/2 standards. Our ISO 27001 certified assessors will provide assurance of readiness to undergo the registrar certification audit and demonstrate that internal audits are completed, non-conformances, and continuous improvement has been addressed by management.

An independent review of your security program against the National Institute of Standards and Technology CSF. Our experts will review the categories and sub-categories to identify gaps and provide recommendations to improve the security posture of your organization.

An independent review of the organization’s security controls for protecting U.S. Government Controlled Unclassified Information (CUI) according to NIST 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations to comply with the Federal Acquisition Regulation and Defense Federal Acquisition Regulation Supplements. Our experts have extensive experience protecting systems for the U.S. Government as well as commercial environments.

Our experts will perform a risk assessment and provide a report which identifies threats, vulnerabilities and opportunities to address security control prioritization and focus cyber security investments on prioritized areas. The risk assessment assists organizations to move to a risk-based data centric security model. Our approach identifies the monetary value of the security risk portfolio and calculates the risk reduction value for security projects.