Optimal Risk has recently expended its portfolio of services to offer a Security Threat & Breach Assessment as part of it's Risk and Resilience Assessment services. [see http://www.optimalrisk.com/Information-Risk-Security-Consulting/Cyber-Readiness-Services].
The service is based on combined specialist technology of a self-learning data protection system and advanced Natural Language Processing (NLP) algorithms to address key questions of:
1. What is
the business critical data
2. How is this data represented (files examples, application forms, Cloud Apps, etc.)
3. Where is this data located, [including outlining higher-risk locations]
4. Who can access this data, [including outlining higher-risk permissions]
5. Who is actually accessing the data and how? [including outlining potential Insider or APT Activity]
6. Was the data been exposed already (and seen in known black markets)
Director of Cyber Risk & Resilience Services, Dan Solomon announced the new service recently saying “This addition is absolutely central to any firms assessment of its current situation. It’s key applications are to detect APTs, identify BotNet command & control activity, uncover network reconnaissance, and seek out internally spread malware”
He continued “By correlating high risk data and high risk users, with cyber intelligence on potential insider activity and APT activity, we can generate very powerful recommendations for identity management, access control, and data protection including an automated data classification solution”
“With more attention on insider threats, this ability to identify patterns of suspicious activity & anomalies is superb for both forensic and immediate remediation priorities….. but for those firms that have a more mature security set-up, the service will identify key intelligence on who is targeting your organization, what techniques they are using, and what their intentions are”.
In conclusion Dan summarized: “Once firms accept that malicious script on the network is a problem that a standard audit will not solve, and boards start to fear the ‘attack beats audit’ headline, this addition to any assessment process is going to be increasingly vital, and we intend to offer it as a staple of any readiness assessment”.
For more information about Cyber Readiness Assessments contact Dan on Dan.Solomon@OptimalRisk.com