Concerned about your QSA's experience?
Inside the mind of a black hat
Are these the ICO's new teeth?
It is entirely possible that the perceived risks to an organisation’s data are not actually the highest priority. Expenditure should always be commensurate with the level of risk and in consideration with other security controls. A Blackfoot risk assessment exercise aims to empower businesses to make an informed decision on prioritising threats, to ensure resource is correctly allocated.
The service will discover and document where high risk data is on internal systems and find out who has access to that data and how it is controlled.
It will also assist with an understanding of the impact that a breach of confidentiality, integrity or availability of this data would have on the organisation measured in:
- Financial Loss
- Reputational Loss
- Regulatory Upset (Compliance)
The assessment addresses what threats there are to the critical data, including an understanding of how valuable your data is to a criminal (or a competitor), so that appropriate safeguards can be put into place. Visibility of where people commonly make mistakes is also evaluated, to stop accidents (like losing a laptop, for example) having an adverse effect of the company.
The resulting advice will always provide pragmatic solutions to secure data that balance the cost with the reduction in risk.
Call us: