With the majority of work being completed online with access to company information, assessing your cybersecurity risk is critically important for keeping your company’s private and valuable information safe.

What is a Cyber Security Risk Assessment?

A Cyber Security Risk Assessment is a service that ICC provides to assess the data that is at risk when a cyber breach occurs.

What does a Cyber Security Risk Assessment entail?

ICC uses leading assessment tools that run in your environment for a period of days to gather information. ICC will compile the results and present this information in an easy to understand format. ICC’s assessment includes:

Data Risk Assessment – Data such as PHI, payment info, health records, photos, addresses, names, SSNs, etc. will be assessed. If that data is not properly protected or destroyed if not needed, it can lead to serious financial implications.

Fake Phishing Test – Since 91% of attacks come though employees clicking on malicious links, phishing tests are important for assessing risk.

Patch Management Status – The status of an operating system and application patches is a huge factor in the overall strength of a network’s ability to ward off attacks.  If the operating system is outdated or the patches are not current, this is a huge vulnerability and can leave your business exposed to malware/ransomware.  Additionally, updates for applications like Java and Adobe are two avenues hackers will use to gain access.

Dark Web Scan – What data has been compromised from employees and the business.

Scanning Network Port and Service – Yes, if certain ports are left open, someone can gain access to your network simply by typing an IP address in their browser’s address bar.  ICC examines the vulnerable ports which can allow access to sensitive information.

Network Mapping – ICC will provide a network diagram for you to see how the network is connected and where the emphasis should be directed.

Reporting – ICC will compile a detailed report of all findings as well as any recommendations for a secure computing environment.

Incident Response Plan – This is an additional service ICC can provide to your cybersecurity assessment.  ICC will outline a very detailed set of instructions in case of a variety of scenarios such as a breach, physical theft, server crash, cyber-attack, or even natural disasters. This service is not included in the assessment.

The I.T. landscape has changed and a cybersecurity risk assessment is critical.  Cyber-attacks have increased by 72%, especially with COVID-19.  With technology being such a crucial component of any business’s ability to operate, proper management and security practices are important for the health of a business’s network and the safety of patient/client data.  Many businesses feel as though they are not a target or simply choose not to employ the resources to protect themselves against an attack. This will have a significant financial impact when data or the network are compromised. For more information on ICC’s cybersecurity risk assessment, give us a call at 970.419.0602 or contact us at [email protected].