top of page

Asessment Services

In the end, a strategy is nothing but good intentions unless it's effectively implemented. 

-Clayton Christenson

If you can't sleep at night due to security concerns and struggle to determine a plan of action.  These assessment services are for you.  They provide a baseline or checkpoint of a security program's effectiveness. Each assessment offering provides a snapshot of how the ecosystem is operating and form the quantitative foundation for a security roadmap.  This allows us to create improvement and mitigation roadmaps while providing for long-term risk management.

Assessment Services:

  • Security Framework assessment (NIST, CMMC, CIS)

  • Compliance assessment (CCPA, GDPR, GLBA, HIPAA, HITRUST, NY DFS...)

  • Risk Assessment

  • Vulnerability Assessment

17.png

Framework Assessments

Framework gap assessments are the cornerstone for cybersecurity initiatives.  Cyberhawk leverages the internationally adopted United States National Institute for Standards and Technology (NIST) to assess our customers' current information security condition and build prioritized roadmaps for policy and technical controls required to meet their business risk profiles.

Before we begin an assessment, our introductory calls will determine each customer's business and risk profile.  Based on the initial profile, we determine what frameworks are most applicable to your business case and work with you to scope the proper assessment methodology and timeline.

Most customers require an assessment based on the common security controls framework (NIST 800-171).  Our customers can provide their partners, vendors, customers, and management teams with a detailed report on their current cybersecurity maturation using the assessment outputs.  It will detail their capabilities to identify, protect, detect, respond, and recover from threats to their operations and critical infrastructure. 

 

Each assessment is risk-based.  Meaning it is tailored to each organization’s potential threats and the likelihood of occurrence.

For customers with additional regulatory and compliance requirements, the common security controls framework can be augmented with additional privacy and security frameworks that align with various regulations, mandates, and privacy acts.

 

Our tailored services provide:

  • Business profile and risk assessment

  • Framework gap assessment (Compliance & Privacy if required)

  • Comprehensive security program review/development and roadmap

  • Information security policy review and development

Assessment Contact
bottom of page