As one considers that an organization’s key assets are primarily a combination of infrastructure and corporate data, it is critical for an enterprise to put appropriate safeguards and countermeasures in place so that the protection, integrity and availability of that data is uncompromised or unhindered.
Our TRA or Threat & Risk Assessment (TRA) offering provides a mechanism whereby assets are identified, catalogued and prioritized against a threat criterion. Our resources work closely with our clients to help identify:
- Current threat profile
- Possible impact to the business should the asset be compromised
- Determine steps to mitigate or remediate identified gap or vulnerability
- Assist in policy development or modification to align with asset threat risk
Our resources work with industry proven practices and procedures using leading technologies. as such they are knowledgeable on the latest IT threats and typical infrastructure vulnerabilities. Upon the completion of the Threat & Risk Assessment our resources will prepare a report and presents the findings. This is delivered to client management as a summary presentation, followed by a detailed report. Our document provides a criticality ranking of assets against corresponding threats or risks.
The document contains recommendations for remedial activities that can be undertaken to address those risks. Considering the importance and in some cases mandatory requirements to comply with particular regulatory frameworks [PCI, SOX, ISO, etc.] the TRA becomes a valuable exercise in protecting the enterprise while adhering to industry trends in infrastructure and data defense.
Business Drivers
A TRA from Digital Locksmiths will be considered if:
- Your organization is unsure of the current threat profile to its assets and infrastructure
- Your company needs a means to prioritize and scope its security related project pipeline
- Your organization needs verifiable evidence of significant risk to its data infrastructure in order to obtain C-level sign-off on policy initiatives to minimize threat profile
Business Improvements
There are several benefits to the IT organization upon completion of a TRA:
- Immediate improvement to the organizations security posture due to short term tactical changes.
- Greater awareness of security shortfalls that can be inputs for senior management’s decision making.
- Provides a foundation for mid to long term development of policy, procedures, IT security plans and guidelines.
- Enables prioritization of security projects based on measurable risk of threats to the business.
