What is a Security Risk Assessment?
The Security Risk Assessment (SRA) is the first step every organization should take to understand their current security posture. GoldSky engineers use a threat-based framework to conduct a 360 degree assessment on your organization’s cybersecurity in five areas:
- People. People are the foundation of any risk assessment and the foundation of your business. GoldSky analyzes the risks that all your stakeholders pose to your cybersecurity posture, from hiring to daily operations to termination.
- Processes. Your employees, partners, and customer have certain roles and responsibilities in your organization. In many cases, the processes in-place in your organization don’t support proper cybersecurity.
- Facilities. Securing the physical access to your data is critical. From securing on-site servers to laptops, GoldSky analyzes the best and most cost-effective methods for better securing your data from physical attacks.
- Technologies. The technologies we use put us at risk every day. GoldSky engineers inspect the hardware, software, and computers in your environment for vulnerabilities and unnecessary risks.
- Compliance. Do you see patients? accept credit cards? Hold sensitive data? The chances are that you’re subject to at least one legal or regulatory compliance mandate. GoldSky will discover those requirements to keep you in compliance and potentially avoid costly fines.
At the end of the engagement, you will receive a report detailing all the activities performed, your risk analysis, and a security roadmap. Assessment reports and security roadmaps are designed to be:
- Risk Ranked to help you understand your highest areas of risk
- Actionable to help you get on track FAST
- Prioritized to help you focus your efforts
The security of your organization depends on the security of those around you. GoldSky develops custom supply chain assessments to review and rate the security of all your vendors, partners, and suppliers. We can design and execute this function, allowing you to continue to do business while improving your security at the same time.