Threat and Vulnerability Management is a targeted service focused on finding and closing the holes in your environment; in people, processes and technology.
The starting point for this service is the identification and mapping of your complete IT environment creating a baseline model. Processes are mapped and employees are interviewed to assess their understanding of security and the role they play in protecting company assets.
Many services offer to map your environment, but their discovery is confined to hardware and relevant software; AIM takes it to the next step employing a proprietary tool that scans your entire network locating and identifying all personally identifiable information and other regulated data. Knowing the systems connected to your network and the operating system version in each is important to cyber protection. But, the real target of breaches and other attacks is the data. And it is data that is legally regulated in several industries. Without knowing where this data resides it is impossible to protect it. Once it is identified, then suitable steps can be taken to protect it.
Based upon your industry, AIM evaluates your cyber regulatory compliance position. Failure to be in conformance to all applicable cyber regulations endangers your information and your company, as the government may hold you responsible for all damages from the leaked information. Cyber insurance issuers will consider your compliance when processing a claim, and non-compliance can be grounds for non-coverage.
The results of the baseline assessment will reveal your cyber security maturity level and cyber risk score. Similar to a credit score, these provide a simple way for executives to determine their company’s cyber risk position and the areas for improvement.
A specific course of action is prescribed with steps to secure technology, redesign processes and conduct an Awareness & Education program for employees all tailored to your situation and your specific company.
An Incident Response Plan is created during this time that clearly lays out the steps to take in the event of a cyber incident. Addressed in the plan are what to do, and not do, to protect data and the environment, how to communicate with customers, partners, employees, law enforcement and regulatory authorities.
In the event of a security breach, AIM offers full forensic services performed by experienced and qualified team members. The probable cause of the breach is identified and the extent of the breach determined. Steps are taken to contain and repair the damage.
If a cyber breach occurred or is suspected, the Incident Response plan is activated with communications to all affected constituencies.
Experience is very clear, after a breach occurs is no time to create an incident response plan. It must be in place, with all relevant parties understanding their roles and responsibilities and having been trained to perform them. Ideally, the plan has also been rehearsed before a breach occurs.