Cyber Risk Assessment

Trustify’s game-changing Cyber Risk Assessment is a comprehensive Audit & Assessment Framework designed to identify and prioritise the remediation of key Cyber Risks and to protect your Information Assets, Brand Reputation and Balance Sheet from all forms of malicious attack.

cyber-risk-assessmentThe key output of this Assessment is achieving a Cyber Risk Rating for your organisation. An instant indicator of where you are exposed and how you compare. Our key objective is to help you take back control.

This CRR rates all aspects of your organisations Cyber Security Posture and is a robust solution to the need for driving standards in Cyber Risk Management (called for by GCHQ), improving your organisations Cyber Security Posture and having a direct influence on Cyber Risk insurance premiums.

If you have been breached the first step is to recognise that your current suppliers are helping you preside over your failure.

Cyber Risk Landscape

Malicious and suspicious online activities cause untold harm and financial damage, and many threat actors are proficient at hiding or, at the very least, maintaining a low profile. However, no matter how good our Operational Security is, threat actors leave a trail of information in their wake. Analysts and investigators, whether tasked with defending organisations or going on the offensive against threat actors, must make threat assessment decisions, or draw inferences, related to suspect infrastructure or identities, based on the best available information. Trustify’s CRR unites the world’s largest domain profile data store with query tools that complement and enhance natural investigative workflows.

Domain/DNS/IP related investigations can take many different forms and go in many different directions in the pursuit of pertinent and helpful information. Analysts in a SOC/NOC (Security/Network Operations Centre) may be pouring over threat indicators in order to assess risk level and define appropriate defensive postures—often in real time and under considerable pressure. In cybercrime investigations, attribution—knowing “who really is” behind observed activity on domains or IP addresses—can be a key goal, whether to prosecute a threat actor or as a means of assessing the risk posed by a particular entity. In all cases, these kinds of investigations frequently involve sifting through many different pieces of data to “connect the dots” and track down a useful identity or profile of the subject.

Trustify’s CRR Framework heavily influenced by close work with some of the world’s best cyber intelligence investigators to understand and build upon their workflows, objectives, and operating constraints.

We have extended these capabilities to design a fully operational Threat Intelligence Platform (TIP), which will be available via our new Security Operations Centre from July 2016. Until then you can purchase licenses for the individual TIP modules to provide ongoing monitoring of your Cyber Risk Rating as a feed for management of your Protection status.