Cybersecurity Assessments
Our approach and services
Dean Dorton’s cybersecurity assessment services provide your organization with specific information about the state of your cybersecurity posture and validate that key controls are working as expected. We offer a variety of services to accommodate any of your requirements, network architecture, and business scenarios.
Our methodology follows project management best practices so at any point in time during the project you know its status, the next steps, and when you will receive your security assessment report.
External Security Assessment |
Cybersecurity Scorecard |
External & Internal Security Assessment |
Adversarial Threat Emulation/ Penetration Testing |
Advanced Persistent Tiger Teaming |
|
|---|---|---|---|---|---|
| Description | Review your Internet-facing assets for known vulnerabilities and weaknesses | Provides high-level risk metrics to help your small business understand exposure to todays most common malware threats | Detailed technical audit of your enterprise environment designed to identify and eliminate weaknesses and risks | Customizable threat emulation services designed to accomplish specific goals set during scoping | Continuous threat emulation and penetration testing services proactively hunting threats before the adversary can find them |
| Options | N/A | N/A |
|
|
|
| Program Maturity | ⚪ | ⚪ | ⚪⚪ | ⚪⚪⚪⚪ | ⚪⚪⚪⚪⚪ |
| Coverage | 🔘 | ⚪⚪⚪ | ⚪⚪⚪⚪⚪ | ⚪⚪ | ⚪⚪⚪⚪⚪ |
| Threat Capability | 🐞 | 🐞🐞 | 🐞🐞🐞 | 🐞🐞🐞 | 🐞🐞🐞🐞 |
Program maturity scale
Where does your organization fall on the scale?
BEGINNING
The most common security controls are in place (password policy, AV)
No dedicated or assigned security specific responsibilities
No security control framework
No proactive testing
No talk organizationally of security status or planning
PLANNING
Basic security controls exist, but are not complemented with proper processes and trained personnel
Annual testing is conducted
Security responsibilities are assigned to an individual as a secondary role
Security Control Framework identified, but not implemented
Organizational support for security exists (budgets exist or are being developed, leaders desire updates)
MANAGING
Security Control framework has been identified and is implemented
Controls are managed by trained personnel with enough resources to proactive manage controls
Sufficient funds are placed into budgets for cybersecurity people, training, and tools
Organization conducts regular vulnerability testing, and at least annual third party testing
Metrics and key performance indicators for critical cybersecurity aspects are tracked and reported to organizational leaders
PREVENTING
Organization proactively conducts risk assessments/vulnerability scans in change process
Organization adopts a whitelisting approach to key access control lists
Dedicated security analysts are enlisted to proactively threat hunt and identify risks
Organization establishes normal baselines of operation and can identify anomalous activity
Organization provides role specific cybersecurity training to non-cybersecurity staff
LEADING
Organization establishes framework for generating and sharing threat intelligence produced by cybersecurity program
Organization develops and shares custom innovation security solutions
SCRIPT KIDDIE
An unskilled threat actor, working usually individual, that uses public exploit code for known vulnerabilities (sometimes years old) to gain unauthorized access to systems or data. Resources are typically very limited and motivations are typically ego-centric.
ACTIVIST
Threat actors (generally skilled) working individually or in small groups (with individual specializations) that use common techniques and exploits to gain unauthorized access to systems or data. Resources are limited and motivations are based in principled beliefs (which means threat actors will dedicate more time and effort at specific targets).
ORGANIZED CRIME
Skilled threat actors working in specialized groups to achieve economies of scale on returns. These threat actors employ common tools, tactics, and techniques, but also may include the use of 0-day exploits. Leveraging a larger array of resources to conduct attacks, organized crime cyberattacks, the motive of this threat actor is typically financial. They are highly motivated.
STATE-AFFILIATED
Highly skilled threat actors working in groups (and sometimes contracting with commercial organizations and products) with nearly unlimited resources, state-affiliated threat actors often are on the leading edge of developing 0-day exploits and new tools, tactics, and techniques to bypass security controls. Motivations are typically geo-political advantage (gathering intelligence), a key objective is to remain undetected.
