We offer onsite and offsite cyber security health check workshops for your business
What to expect – Cyber Security Health Check Workshop Structure
The onsite tailored workshop will be structured along the following lines of open discussion:
- Meet and greet – The business explains its business model and the BAU business function. We provide our credentials in this space
- Determination of key business assets and their owners in order to assign their true value to the business
- Determination of threats to the business and likelihood those threats will be realised
- Review likely places for vulnerabilities in the business
- Merge the above found assets, threats, likelihood and vulnerabilities to determine the risks posed to the business
- Review ways to manage those risks – providing options with pros and cons
- Understand existing risk controls and advise of supplementary controls
- Agree practical ways to assure controls are effective
- Optional: Plan next steps
We are very experienced in tailoring the Cyber Security Health Check workshop to suit your appetite for cyber security. We aim to deliver this workshop in two parts. The first is schedule for two hours involving the senior staff to target the lowest hanging fruit, getting an accurate gauge for the business attitude to risk and cyber security.
The second part consists of in depth discussions with key operational staff.
The Cyber Security Health Check workshop will give you deep insight into your current state of cyber security.
Typical audience for the Cyber Security Health Check workshop
Heads of the following departments: Finance, Operations, IT, Marketing, HR, Legal and other key individuals within the company – those that know everything about how the company got to where it is and how it is running now.
We might think that any other stakeholders involved in a five year/future plan for the company should also attend.
Remember Cyber Security is affected by what happened in the past, what is happening now and what is likely to happen.
The workshop will not be a death by powerpoint!. It will be a chaired discussion about your security posture. A white board will be suitable and/or required to record key points from the discussion and to illustrate key security concepts.
Note: Allow the rest of the day for meetings with key staff who have been identified during the initial workshop to get more in depth discussions on any particular points or concerns.
Optional Take Away
Secure Coding can optionally provide a report detailing the information gleaned from the discussions. The report will include recommendations listing alternatives. Each topic will include pros and cons for each mitigation and risk control measure. This report may require more interviews with key staff and reviews of company policies, procedures and documentation.