Cyber Security Maturity Assessment

Cyber Security Maturity Assessment

CSS provide Cyber Security Maturity Assessments across a broad range of industries.  Our expert consultants are highly trained specialists with many years experience in consultancy, business analysis and programme and project management.

 

The CSS Approach

At CSS we appreciate how busy our customers are and how confusing and technical cyber security can be for your business.  Our aim, and what makes CSS different, is that we make the development of your cyber security as simple and painless as possible.  We pride ourselves in our ability to guide, educate, inform and explain in simple, clear non-tech language what your business needs to be resilient and survive in the current Digital Economy.

 

How Much Does A Cyber Security Maturity Assessment Cost?

The fee for a cyber and data protection audit and maturity assessment starts at £1750 excl VAT for small businesses.

 

What is the purpose of a Cyber Security Maturity Assessment?

Before you can work out which way to go, you have to know where you are.  The CSS Cyber Security Maturity Assessment provides your business with an assessment of your cyber security maturity against recognised industry cyber security best practice.

 

The cyber security maturity assessment enables you to understand whether your existing cyber security controls, if any, are sufficient, need developing or need establishing.  Once you understand your position you can develop a clear, coherent and prioritised strategy for developing your business’ cyber security resilience.

 

Why is a Cyber Security Maturity Assessment necessary and important?

The increased risks of cyber attacks globally and in the UK are well reported in the media.  While currently there is no legislation that directs a recognised level of cyber security compliance, government bodies and businesses increasingly expect demonstrable cyber security maturity assurances before establishing business relationships and sharing data and information.  Your customers, staff, suppliers and shareholders are no different and expect you to adequately protect the information they entrust to you.  Failure to do so will result in their loss and possible compensation claims.

 

But our IT provider does our Cyber Security.

Many of the businesses we deal with wrongly assume that their IT provider provide the full spectrum of cyber security resilience. Our experience is that in the case of cyber security, IT provider service levels are not always as robust as anticipated or desired.  At worst, a CSS cyber security maturity assessment will give you independent assurance that your controls are sufficiently robust to resist and respond to a cyber attack.  At best we will identify any gaps and vulnerabilities you may have and recommendations on how to address them.

 

What does a Cyber Security Maturity Assessment Assess?

A cyber security maturity assessment assesses your cyber security maturity against standards recommended by the National Cyber Security Centre (NCSC), the Information Commissioner’s Officer (ICO) and other relevant standards, including Cyber Essentials and ISO 27001.

 

Uniquely, our Cyber Security Maturity Assessment can consider your cyber and data protection maturity together, should you require.  This provides a coherent dovetailed approach to your overall information security.  The CSS Cyber Security Maturity Assessment considers at minimum the following controls:

 

  • Governance
  • Risk Management
  • Network Security
  • User Education & Awareness
  • Malware Prevention
  • Removable Media Controls
  • Secure Configuration
  • Home & Mobile Working
  • Monitoring
  • Incident Management
  • Managing User Privilege

 

What is the output of A Cyber Security Maturity Assessment?

Following your Cyber Security Maturity Assessment your business will receive a comprehensive Cyber Maturity Report.  It will detail our findings and your maturity against all the recommended CSS cyber controls.  It will highlight any cyber vulnerabilities, risks and shortfalls that you have and recommended prioritised action/treatments to address them.  Your business is then at liberty to use the report how you see fit, or with CSS’ support should you so required.

 

How Does A Cyber Security Maturity Assessment Work?

The audit takes one day onsite and will require input from senior stakeholders.  In order to maximise audit time on the day, the completion of a pre-audit questionnaire and consolidation of relevant policy and process information is required for analysis prior to our arrival.

 

The Cyber Security Maturity Assessment is the first step (Plan) in the CSS Cyber Security Framework.  For more information on the Cyber Security Framework

Resist

Resist

Detect

Detect

Respond

Respond

Recover

Recover