Put simply, what is a risk assessment?
A risk assessment is a document outlining areas of concern. You engage an expert to assess the condition of your company’s systems and network security (see below for our FREE assessment offer).
When you take a risk assessment, you are assessing the following items for your business:
- Use and access to information
- Data security practices
- Mobile device use policies
- Information governance
- Security incident response
- Risk assessments help futureproof your business.
WHY DO I CARE?
Frequently, people think cybersecurity is just anti-virus and a firewall. But this could not be farther from the truth. Securing your systems requires much more than this.
There have been numerous data breaches over the last several years. Often the breaches are because of an IT person’s inexperience or incompetence. Experts will tell you that most successful attacks are preventable. Every business is a target, and all of us are under threat right now. What’s worse is that what you don’t know, will hurt you.
When you consider your neighbors, friends, colleagues, it pays to make sure that everyone in your community is protected from the cybercriminals who prey on us. And that starts with making sure you have the proper protections in place with your company.
HOW DOES A RISK ASSESSMENT WORK? WHAT IS THE CATCH?
There is no catch. Although assessments vary company-to-company, they have the same basic design:
- You sign up for an assessment.
- You have a call with an IT security consultant who will talk with you about different aspects of information security at your place of business.
- This will be a CONFIDENTIAL discussion about your business and its security posture; these calls usually take 30 minutes but may go as long as an hour depending on how many questions you have or what information comes up. The purpose of this call is so that a consultant can get general information about your systems and networks.
- Following that call, the consultant will customize a security assessment tool for you that will perform a forensic, CONFIDENTIAL, NON-INVASIVE investigation of your environment. They may assess everything from systems to backups, firewalls to the Dark Web, and much more. The purpose of checking everything and anything is to zero in on anything that might be left open for cybercriminals to walk in through.
- Once completed, the consultant will review all of the findings and prepare a “Risk Report” and a “Work Plan” that you’ll go over in a meeting; this meeting typically takes one hour and you’ll go over all of the findings, the risks they present and receive actionable intelligence on what to do about them to secure your environment.
WHAT CAN SUCH A REPORT TELL ME?
A Risk Report will tell you:
- If your or your employees’ login credentials are for sale on the Dark Web
- If your company’s confidential information has possibly been exposed
- If your systems have been properly secured
- If your “protections” are protecting you from current threats
- If your backups are working and protected
- If your firewall is behaving as a “firewall”
- If you’re in compliance with current law (NY SHIELD, CCPA, GLBA, 23 NYCRR 500, HIPAA, etc.)
- Much, much more
The Work Plan will tell you what you need to know, to fix what isn’t working and reinforce what is!
DO YOU HAVE A LIST OF EVERYTHING THIS ASSESSMENT COVERS?
We have provided the list of things a RIsk Assessment covers in the viewer below. But remember:
This Risk Assessment document is NOT a substitute for an actual Risk Assessment. It is designed to provide a high-level overview of what is covered by an actual Risk Assessment.
Limited Time Offer
If you’ve read this far then we want to make you an offer to conduct a FREE Security Risk Assessment of your computer systems (a $299 value). We’re offering this at no cost to the first 10 people who sign up from the publication date of this post.
While we will ask that you commit to a minimal amount of time, maybe 1 hour, we’ll be investing at least a week’s time in assessing, evaluating and reporting on the state of security for your company.
Contact America One today or schedule a 10-minute call below. Take action today!