Security Posture Evaluation Done Properly

A detailed security evaluation is a critical activity giving a wide-ranging analysis of an organisation’s entire ecosystem.

It provides both detailed findings and actionable recommendations for immediate priorities and future improvements and makes recommendations for following projects.

The findings from the evaluation are then used to remediate critical threats, recommend future improvement and to inform strategy decisions.

It also becomes an auditing benchmark for organisations wishing to demonstrate compliance with regulatory requirements (such as NIS-D).

Methodology

The evaluation reviews:

  • the status of security site or organisation wide.
  • details current processes, systems and procedures
  • maps these processes against industry best practice and latest thinking

The evaluation is completed during detailed site visits and workshop sessions with staff at all levels of the organisation/site.

A complete list of actions, arranged by category (red being most pressing actions, amber second) is distilled from the report and attached as a separate document.

What is Evaluated?

Both the Business Network (Commercial) and Process Control Network are evaluated and findings detailed for each. The status, risks and recommendations are presented and annotated separately where these networks differ and together where the stats or recommendations apply equally to both.

Physical security and access are also considered.

Prioritisation

Throughout the exercise, we ensure that client priorities are paramount. Such priorities normally include:

  • uptime/availability of core systems
  • prevention of illegitimate access to the network in order to compromise the above
  • security of data in the business network

The recommendations in this report focus on enabling the team to maintain these priorities, whilst also allowing the organisation to:

  • meet its obligations under the NIS-D
  • meet the standards of the controls in the Centre for Internet Security (CIS) Top 20 for monitoring[1]
  • alleviate some of the burden of investigating local network and application security issues from the central SOC

Benchmarks

We use our detailed knowledge and experience of accepted best practice, mapped against

  • the CIS Top 20
  • current guidance from the UK government’s National Cyber Security Council (known as NCSC, a division of GCHQ).
  • Best practice in ICS networking is based on a model called Purdue which defines the layers of network security required from most to least secure, and this method has been applied throughout this report.

Output

  • A detailed report of all findings
  • A complete list of actions, arranged by category (red being most pressing actions, amber second) is distilled from the report and attached as a separate document.
  • A list of recommendations for future improvements and further projects
  • Updated network diagrams where required (and ordered as part of the exercise)

 [1] The CIS controls and further explanations of these can be found below. 

How to Engage Us

Lithify is available for short or long term engagements, to help with a problem, to implement a specific project or as your preferred partner in IT Security. 

Contact us, book an initial (free of charge) consultation or request an urgent call back

Contact Us