Our managed compliance solution can help your business achieve and maintain its data security requirements, help streamline the ongoing compliance processes, and stay up to date with the complex and evolving data protection laws and regulations worldwide.
We can help you
- Identify security vulnerabilities through automated assessments of your internal and public environments.
- Demonstrate due diligence or due care efforts mandated under the various industry and global standards with on-demand reporting and activity logs.
- Provide the required documentation and records needed to complete and pass a compliance audit within a single, easy-to-use portal.
- Help you fulfill the ongoing security and risk management tools and strategies needed to maintain a compliance environment as part of normal operations.
- Create and maintain the required policy, plan and procedure documents required to demonstrate compliance.
Ransomware
Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them. In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies that are used for the ransoms, making tracing and prosecuting the perpetrators difficult.
Basic Ransomware Assessment:
- Review Existing Policies and Procedures
- Manual Review of Key Risk Indicators and applicable security controls
- Written Report
- Roadmap to Compliance
Advanced Ransomware Assessment:
- Review Existing Policies and Procedures
- Creation and Editing of missing policy and procedures
- Manual Review of Key Risk Indicators and applicable security controls
- Network scan of endpoints to identify weaknesses, vulnerabilities and threats
- Full Debrief with technical samples to stakeholders
- Roadmap to Compliance and post-assessment support
Employee Awareness Training
- Single session of employee awareness training that satisfies the regulatory requirements for your specific framework.
Basic Assessment
- Audit & Analysis of the top 5 risks & vulnerabilities in your organization.
- Report of your Cybersecurity health.
- Report of recommended actions to increase Cybersecurity health.
Advanced Assessment
- Audit & Analysis of the top 10 risks & vulnerabilities in your organization.
- Report of your Cybersecurity health and risk assessment.
- Non-Intrusive scan of your firewall to determine risk of attack and vulnerabilities
- Report of recommended actions and remediation plan
Annual Compliance Package
- Network scan to identify and report on technical requirements in your organization
- Interviews with relevant stakeholders to report on administrative requirements in your organization
- PDF Output of all compliance artifacts and reports (Including POA&M)
- Single Instance of compliance reporting (SPRS or applicable regulatory portal)
- All required policies, plan, and procedure documents
Monthly Compliance Package
- Recurring network scan to identify, report and track changes on technical requirements in your organization.
- Interviews with relevant stakeholders to report on administrative requirements in your organization
- PDF Output of all Compliance Reports (Including POA&M)
- Custom compliance portal to review all compliance artifacts, reports, and status in real-time
- Regular compliance reporting (SPRS or applicable regulatory portal)
- Real-time alerts and notifications of non-compliance
- Recurring update of all policies, plan, and procedures
- Integration with organization change management to ensure real-time compliance
- Employee awareness training and follow up information campaigns.