Cyber Security Assessment (CSA)
Every business faces the threat of cyber-attack. However, you cannot take the right precautions until you know where your IT systems are vulnerable. A Cyber Security Assessment will give you that valuable insight.
CSA key benefits
- Identify IT network vulnerabilities and enhanced security
- Guard against business downtime
- Ensure network and employee productivity
- Protect corporate data
- Meet compliance obligations and avoid costly penalties
- One-off or on-going risk evaluation
- Demonstrate best practice and GDRP compliance with Cyber Essentials certification.
In recent years, cybercrime has reached epidemic proportions. Unfortunately, landmark office buildings and busy shopping centres make very attractive targets. However, insider threats such as disgruntled employees, weak access controls and human error represent nearly 60% of all data security threats to business.
Cybersecurity is not just one thing. Instead, it is a collection of processes, procedures and technologies, which together protect your IT systems, people and data. Effective cyber security reduces the likelihood of a successful cyber-attack and ensures your organisation, business or building can quickly recover should the worst happen. It also demonstrates compliance with data protection legislation and best practice.
Before you can put a cyber-security strategy in place, you need to understand what assets you have and where any vulnerabilities exist. That is why Modern Networks created the Cyber Security Assessment (CSA) to scan your building’s IT network and make a thorough assessment of your hardware, software, configuration and access controls.
Cyber Security Assessment (CSA)
Our CSA generates a ton of useful information about everything connected to your IT network and its overall condition.
First, we discreetly scan your building’s IT network. There is absolutely no disruption to your business, and no one need know an assessment has taken place until you are ready to share the results. We encrypt the data we collect to ensure your security and privacy.
Next, our team of experienced network engineers review the scan results; we prepare a detailed report and make recommendations based on IT industry norms and best practice. We also archive your scans for future reference and comparison. As well as our in-depth technical reports, we prepare a straightforward summary that highlights the greatest risks to your organisation or property. Finally, we make a plan of corrective actions starting with the biggest risks and vulnerabilities first.
Regular health checks
A computer network is an active environment that constantly changes. A CSA provides a snapshot of the health of your IT network at that moment. By running regular scans, we can produce comparison reports that will highlight anything that has changed on the network, good or bad, over time.
Any technical issues the CSA discovers will immediately generate IT support tickets for existing Modern Networks customers. We can plan remedial work for new clients. We can also offer ongoing monitoring and regular business reviews to ensure your IT network is secure and operating correctly.
Crimes of opportunity
If you leave your car unlocked, the windows open and the key in the ignition, you are asking for trouble. Most cyber-attacks are crimes of opportunity. Unfortunately, many organisations fail to take even basic precautions to protect themselves from hackers and malware. How many of your employees repeatedly use the same weak password to access multiple IT systems, for example? How often are your vital IT systems patched for known security vulnerabilities? There are too many ways that your IT network can be compromised to leave things to chance. A CSA will provide you with an in-depth report on potential security risks and highlight any gaps in policies and procedures.
We’ve got you covered
Our CSA includes:
HARDWARE: Servers , workstations, printers, and non-AD (Active Directory) devices like switches, routers and printers.
Old computers that are still connected to the domain and should be removed.
SOFTWARE: Systems with missing patches, service packs and security updates.
Local accounts (per-system) with weak or insecure passwords.
Systems with missing anti-virus, anti-spyware or firewall misconfiguration.
CONFIGURATION: Security policy inconsistencies across network servers and computers.
Outbound system access that should be blocked but is open.
Lack of content filtering (social media, entertainment, pornography, illegal downloads).
ACCESSIBILITY: Misconfiguration of user access to network shares.
Detailed breakdown of AD security group membership.
SECURITY RISKS: Old user accounts that still have access to your IT network and should be disabled or removed.
Internal systems with open ports that pose a potential security risk.
External issues that put your IT network at risk of business disruption and data loss.
Positive consequences of good cyber-security
Any disruption of your IT network can have serious consequences, from disgruntled customers and lost business to compensation claims and bad publicity. On the other hand, good cyber-security does more than protect your IT systems. It protects the personal information of your staff, partners and customers. Good cyber-security can help ensure your business retains its credibility, reputation and brand value. It can also help you meet regulatory compliance obligations.
A CSA is just the first step in your journey to effective cyber-security. Designed to protect businesses against the most common cyber threats, the UK Government introduced the Cyber Essentials scheme back in 2014. Cyber Essentials certification has a number of benefits, such as showing your commitment to cyber-security best practice. Cyber Essentials is an important step towards GDPR (General Data Protection Regulation) compliance. You now need Cyber Essentials certification to bid for UK Government contracts. It can also help your business retain the loyalty of existing customers and create trust with new ones. You might even be eligible for free cyber insurance cover, saving you thousands of pounds.
Security Awareness Training (SAT)
Modern Networks Security Awareness Training (SAT) is an engaging, interactive online learning program, which educates employees about the latest cyber security threats, IT best practice and regulatory compliance.
SAT benefits include:
- Encourage a security-minded culture to take root in your organisation
- Reduce the likelihood of costly data breaches through human error
- Prevent costly downtime and expensive repairs to damaged IT systems
- Reduce security incidents by staff becoming more cyber-savvy. Teach your staff to recognise and avoid attacks rather than recover from them
- Help your organisation stay compliant and meet the latest data protection regulations
- Avoid the negative publicity, damage to your brand and lost revenue that can follow a data breach
- Avoid financial penalties for non-compliance that can follow a data breach.
Security Awareness Training
No matter the size of your business, it’s a target for cybercriminals. It only takes a single click on a phishing link to grant criminals access to your entire IT network. Cybercriminals rely heavily on the inexperience of your staff not to recognise the tell-tale signs of a phishing attack. Security Awareness Training (SAT) can help your business transform employees from innocent victims into cyber-savvy defenders of your IT network.
Engaging, interactive training
Cyber-security training must be engaging, interactive, and hold the users’ attention to achieve lasting results. All of our high-quality online training courses fit these criteria and can be sent directly to end users on a scheduled or ad hoc basis, as many times as necessary. Users can access and launch all our courses in one click from any Internet browser on any computer or mobile device. Automated email reminders ensure that users know about any outstanding coursework.
Wide choice of courses
We offer a wide choice of training courses on every subject from password protection and email security to social media awareness, malware and phishing attacks. We also offer compliance specific courses on GDPR, The Bribery Act, Anti-Money Laundering and Freedom of Information. Our online learning system tracks every user’s participation, making all cyber-security training accountable and measureable.
Contact us now to learn more about the benefits of Security Awareness Training.