Get a Quote

CMIT Cybersecurity Assessment

Are you sure your secure? Your business and reputation rides on it

Cybersecurity Risk

Is your business safe? Our clients are asking this question everyday. In the last year alone, we’ve seen a major increase in cybersecurity questions. Many business owners are confused about whether or not cyber attacks are a real threat. Many want a quick way to find out. Why worry unless you have a real problem?

In the 2016 Ponemon Cost of Data Breach Global Study, published in June 2016, Ponemon reports, “While the likelihood of a data breach involving a minimum of 10,000 records is estimated at approximately 26% over a 24 month period, the chances of a data breach involving 100,000 records is less than 1%.” Why is this important? This statement shows larger organizations with larger data sets are typically better protected than small businesses. Simply stated, small business is a more attractive target for cyber criminals.

We recommend right-sized assessments that take into consideration 1) the size and complexity of your business and 2) Whether or not your business is subject to regulatory constraints. There is an art to right-sizing security assessments for small business and we understand the delicate balance.

The Process

The business owner will first take a five-question quiz that is located on the CMIT website.  Next, the individual will schedule a 30-minute consultation with a cyber-security expert. The franchisee or technician performs this consultation.  During the consultation, the client will complete a Multi-Question Assessment and allow the cybersecurity expert to review the answers.

The answers to the Multi-Question Assessment will forward a matrix with the following four quadrants. The four security areas consist of Administrative Safeguards, Physical Safeguards, Technical Safeguards and Organizational Requirements.

If the business is in a non-regulated industry, the generated matrix will be reviewed in concurrence with running the Full Network Detective Security Diagnostic.

If the business is in a regulated industry, the generated matrix will be reviewed in conjunction with running the Full Network Detective Security Diagnostic. In addition, HIPAA, PCI-DSS, FINRA and NIST diagnostic modules will be added for the relating industries.

Why are Assessments Important?

Cyber threats are a serious issue for businesses today. Many companies do not have the appropriate safeguards or policies and procedures in place.  Other businesses may feel they have implemented the proper standards when in reality they are at risk.  The CMIT Cybersecurity Assessment can identify the areas that your company needs to improve and recommend the appropriate action. We find your security holes and plug them.

Are you sure your business is secure?
It’s time to find out how your company rates. Take our Cybersecurity Assessment Quiz.

Multi-Question Assessment Matrix Categories

Our matrix identifies the following four areas where your business may need to improve security.

Administrative Safeguards

This identifies potential threats, risks, and vulnerabilities with your data.  It also ensures that you protect the confidentiality, integrity, and availability of the data you create, receive, maintain, or transmit.  In addition, it outlines how you manage user access to data and train workforce members to protect confidential data.  Lastly, it clarifies what policies and procedures are used to monitor login attempts.

Physical Safeguards

This evaluates the disaster recovery procedures and emergency operations plans you currently have in place.  It will also assist in identifying how you grant access to your office, your systems and your data, as well as how you inventory all systems with access to data.  Assessing the maintenance and protection of passwords is also covered.

Technical Safeguards

This ensures correct technology policies and procedures are implemented. It will look at the current framework for how access is granted to hardware/software systems and data. It also reviews the company password policies, details how inactive sessions are closed, and assess how data is protected from alteration or destruction.

Organizational Requirements

This evaluates how your business partners protect the privacy and security of confidential data and how data breaches are handled.  Contractual provisions are reviewed to ensure business partners protect the privacy and security of data.  It also ensures that records are kept to document adherences to contractual provisions.

RELIABLE SUPPORT + PROVEN VALUE

Contact us today to learn more about what CMIT offers as Your Technology Team.