Cyber Risk Audit
Developed to deliver FACTS, empowering businesses to determine RISK and EVIDENCE cyber security priorities.
How a Cyber Risk Audit works…
The FACTS are derived from assessing organisations IT environment over 4 to 8-weeks, with an agile and non-disruptive proccess.
Think of it like a forensic investigation of each device in the estate to ascertain its purpose and how it’s being used. Providing valuable insight into:
- Potential data loss.
- Previous and active indicators of compromise.
- Breach susceptibility.
- Internal risks including:
- Operating System build inconsistencies.
- Multiple or outdated software versions.
- Persistent services.
- User profile propagation.
- Over-privileged users.
- Suspicious service connections & configurations.
- Orphaned computers, users & admins.
Of organisations audited…
What do you get?
The results are delivered through SMART, our interactive analytics tool that packages your data by user, host, business unit, operating system, software versions, risk category etc. to provide valuable insight into current posture and IT Hygiene.
The Cyber Risk Audit results drive continuous improvement and prioritise critical system admin housekeeping to significantly reduce your attack surface.
Why work with Secrutiny?
Secrutiny is committed to helping organisations focus efforts and resource on quantified, factual information rather than the wider industry view or ‘threat-mania’. Our industry-leading cyber risk audit does just that by providing valuable insight into the IT operational risks facing an organisation. Ultimately allowing organisations to become more aligned with best practice protection as opposed to operating in a perceived risks defensive model. Learn more
Traditional Audits are based on paper exercises that give a generic view of risk based on the policy, process and controls in place. Secrutiny on the other hand, have been able to show exactly what is going on in my estate by developing a Cyber Audit that gives a comprehensive view of data loss and sabotage, network and user anomalies and comprehensive insights to installed software and hardware build and configuration.
Over nearly 30 years in Information Security, Secrutiny’s Cyber Risk Audit has given the most meaningful results by far.
Head of Information Security, Leading UK Construction Group
In 2017, we undertook Secrutiny’s Cyber Risk Audit to inform compliance issues, policy violation by privilege users, misuse of services, policy and system administration violations.
The results have provided insight into risks that we were not aware of and will be used to make informed decisions that embed security by design according to IT operations.
Information Security Manager, Prominent Investment Management Firm