Threat & Vulnerability Management

Threat & Vulnerability Management

Threats are continually evolving, necessitating a new and innovative approach to protection.

AIM offers a set of targeted services focused on finding and closing the holes in your environment — in people, processes, premises, and technology.

Basic Service

AIM's Basic Service is focused on identifying and handling specific types of cyber risks. Two distinct services may be engaged individually or together.

The first uncovers unprotected HIPAA- and PII-regulated information wherever it may be stored on your network. Protection of this information is mandated by law. In order to protect you must first know where it is stored. AIM's Cyber Sensitive Data Monitor tool will, often within 24 hours, locate this data and deliver a report showing the relative risk of it and recommendations on how to protect it.

The second element focuses on protecting your brand and reputation. AIM's Cyber Brand and Reputation Manager will scan the internet to find instances of websites purporting to be your company website or using your logos or company names throughout the world. CBRM also determines if your brand is being protected in accordance with the laws of each country where you have a presence. Each instance of a fake site or lack of compliance will be assigned a risk rating to help prioritize your remediation efforts. Recommendations will be given for correcting the high-risk findings.

The AIM Basic Service implements the tools and interprets the results. While the tools are critical, they only identify problems — they don't fix them. Your IT group and AIM consultants can implement protection for the at-risk data or fraudulent websites identified during the examinations.

Intermediate Service

Attackers often exploit holes in the technology. The specific methods for getting the information may vary but these avenues will always target your vulnerable information.

The technology environment at most companies is complex and keeping up with the rapid pace of change requires specific skill and expertise.

AIM's Intermediate Service adds another layer to the Basic Services. In place of tools that search for specific, limited types of risks, the intermediate level of service examines your network and devices for a variety of risk types. The architecture is examined for conformance to leading practices for cyber risk protection and systems and network devices are examined to determine if up-to-date releases are installed and configured properly. An inventory of devices will be created to determine if unknown devices exist on your network and a software inventory will help find unauthorized software.

The cyber tools in place at your company are examined for suitability, proper configuration, and use. This service employs the tools you already have in place augmented by local and e-discovery tools to identify holes. If gaps in the installed tool set are uncovered, we will identify and recommend additional tools to close the gaps.

For servers on your network, AIM's Intermediate Service provides server hardening recommendations based on accepted industry practices.

Advanced Service

A new era in methods of attack demands new and innovative approaches.

The sophistication and prevalence of cyber threats has increased exponentially over the last three years alone. Simple infiltration of unencrypted databases has evolved to multi-stage lateral attacks that may include social phishing, hacking, malware, and more.

Protecting against these attacks requires a four-pronged defense across your people, processes, premises, and technology. AIM looks at the protection of your business strategically — research proves a strategic approach to protection is more effective than tools alone.

The starting point for our Advanced Service is the identification and mapping of your complete IT environment creating a baseline model. Relevant processes are mapped, and we interview employees to assess their understanding of security and the role they play in protecting company assets. We examine your premises to locate security gaps and exposed information.

AIM recognizes that every aspect of your business presents an opportunity to compromise information. Above everything else, the real target of breaches and other attacks is the data.

Your premises can be vulnerable to an attack seeking this information — all the data an attacker might want is accessible in your office, and premises are rarely as secure as people believe them to be. Often, information is not protected because employees consider the office a safe environment. Experience says otherwise.

Based upon your industry, AIM evaluates your cyber regulatory compliance position. Failure to be in conformance to all applicable cyber regulations endangers your information and your company. In the event of a breach, noncompliance can mean the government may hold you responsible for all damages from the leaked information. Cyber insurance issuers will consider your compliance when processing a claim, and non-compliance can be grounds for non-coverage.

The results of the baseline assessment will reveal your cyber security maturity level and cyber risk score. Similar to a credit score, these provide a simple way for executives to determine their company’s cyber risk position and prioritize areas for improvement.

We then prescribe a specific course of action with steps to secure technology and premises, redesign processes, and conduct an Awareness & Education program for employees at all levels.

We don’t wait until a crisis to develop a plan of action. An Incident Response Plan is created that clearly lays out a response plan in the event of a cyber incident. Addressed in the plan are what to do — and not do — to protect your data and communicate with customers, partners, employees, law enforcement, and regulatory authorities. We will offer trainings and rehearsals for all relevant employees to train them. When a breach happens, you will be prepared.

In the event of a security breach, AIM offers additional services to execute a full forensic exam performed by certified team members. This team determines the probable cause and extent of the breach. Steps are taken to contain and repair the damage.

Our teams are always experienced and certified, ensuring that your data stays intact and mitigating any future risk from using an unqualified response team, such as corruption of evidence or data that may be needed for legal or law enforcement actions.