As part of the assessment, Cyberstone will interview key personnel, catalog existing security policies, procedures, and controls, and examine information technology assets. By following the NIST SP800-115 guideline for information security assessments, Cyberstone will effectively uncover organizational and regulatory gaps.
Cyberstone’s reporting will provide your customer with a roadmap for adhering to industry best practices around cybersecurity. After the assessment, your customer will have a better handle on the effectiveness of existing information security investments. They’ll know where their money is being well-spent and where they may need to pivot.
Most of our security assessments uncover severely lacking or outdated written information security policy. After an assessment closeout meeting, we can help your customer in this area as well.