Cybersecurity

Cybersecurity risk is at an all-time high. According to the FBI, cyber-attacks are up 400% since the start of the pandemic.

It is critical to know what your organization needs to do to determine its level of risk and to protect itself against the latest cybersecurity threats. Specifically, you should be able to answer the following questions:

• What is our level of risk, and the likelihood of exploitation?
• What are our internal and external vulnerabilities and gaps, and what is the impact if those vulnerabilities and gaps are exploited?
• What types of cyber-attacks, cyber-threats, or data breaches could affect the ability of the business to function?
• Are we subject to any federal, state, or local cybersecurity compliance regulations, and if so, what do we need to do to achieve or maintain compliance?
• What are our organization’s most important technology assets?

Promenet’s advanced cybersecurity consulting team offers a full range of assessment services, custom-tailored to your organization’s specific needs. Our recommendations are based on the latest ISO/IEC 27001 standards, NIST framework, and network security best practices. Below is an overview of our cybersecurity-related offerings.

Proactive Monitoring and Threat Detection

• Periodic Security Assessments & Vulnerability Scans. Successful security initiatives start with comprehensive, accurate assessments. We’ll tell you which systems are most important to assess and how often you need to take a closer look.
• Intrusion Prevention and Detection Systems (IPS/IDS). Just because you’ve locked the door to your house doesn’t mean it’s safe. We’ll share our experiences with various IPS/IDS products and the best ways to use them in your network.
• Security Information & Event Management (SIEM). In the event of a compromise, your IT personnel need to know when, where, why, and how it happened. We’ll detail our SIEM best practices and suggest optimal configurations for your network.

Data Security

• Data Governance. Do you know who has access to your sensitive files? A data governance solution allows you to identify data owners, inventory permissions and groups, and align security groups to data sensitivity levels.
• File Integrity Management (FIM). File modification is a fact of life at any organization, but not all modifications are benign. FIM allows you to protect critical data from modification, detect changes on critical servers, and detect deviations from the known states of files or configurations.
• Data Loss Prevention (DLP). Every member of your organization is a potential data leak. Learn how to ensure the safety of sensitive data and prevent data loss through endpoints like email messages and USB sticks.

Audit and Compliance Documentation

• IT Policies and Procedures. Documented policies and procedures provide a blueprint for the acceptable use of technology throughout your organization. Your documentation should include provisions for user training, standards for hardware and software, and data storage policies.
• Cybersecurity Framework. A set of documented processes for securing your network over time and responding to various scenarios is critical to your company’s health. We’ll show you how to get it started.
• Incident Response and Recovery Plan. When disaster strikes, will your team be ready? This document defines roles and procedures in the event of a network compromise or failure.