Cyber Health Check
Let's Check Your Cybersecurity Health
A Cybersecurity Health Check is essential in establishing a solid foundation upon which to build your cybersecurity infrastructure and will help you identify your weakest security areas, it will also recommend the appropriate actions to mitigate any potential risks that we discover. A cyber health check will provide you with a detailed report describing your current cyber risk status and will leverage best practices, such as ISO 27001 to provide recommendations for reducing your overall cyber risk footprint. Ultimately the health check is all about helping you to uncover your cybersecurity weak spots before the attackers do and can help you identify your weakest security areas.
An awareness of cybersecurity risks at board level is critical to your organisation, as part of our comprehensive health check we focus on executive management’s knowledge and awareness of your key risk areas. Our cybersecurity health check service quickly identifies potential issues by asking targeted questions. We assess how you respond to cyber incidents, as well as your team’s knowledge of cyber security and risk management and ensure that your cyber risk management processes are sufficiently robust.
CERT-MU can evaluate your current cyber capabilities across multiple dimensions including governance and strategy, security defenses and controls, threat and vulnerability management, and incident readiness, response, and resilience. We implement a phased approach to identify the true nature of your organization’s threat profile, assess your cybersecurity posture and provide practical and actionable recommendations to assist you in maturing your organization’s cybersecurity program.
Our Cyber Health Check report provides feedback in the following areas:
- Cyber risk governance
- Cyber asset management
- Cyber risk management
- Legal, regulatory and contractual obligations
- Policies, procedures and information security management
- Roles and responsibilities
- Business continuity and incident management
- Training and awareness
- Cyber security controls
- Vulnerability assessment
- Staff awareness assessment
What is the difference between a Cyber Heath Check and a Cyber Security Audit?
A cyber security audit is a one-day consultancy service offering a high-level cyber review of the organisation and its IT estate. It identifies key areas of cyber risk.
A cyber health check, however, is more exhaustive in scope. Aside from the audit and the technical cyber security controls included in the cyber security audit service, a cyber health check also conducts vulnerability scans of critical external infrastructure IP and website addresses, and an online staff questionnaire that determines employees’ actual cyber security practices.
A cyber security audit provides a snapshot, or an overview, of an organisation’s IT security posture at a particular moment. A cyber health check, however, delves deeper and looks at the policies and procedures that have contributed to that IT security posture. In that sense, a cyber health check is more concerned with the security processes that describe how people and technology interact to determine whether it is contributing to or hampering overall cyber security.