Types of Cyber Security, Compliance, & Risk Assessments
Sometimes compliance is the reason for looking into security. Other times, it's due to a recent breach - or hoping to prevent one.
Whatever the reason, we've got you covered.
HIPAA / HITECH Technical Compliance Assessment
For organizations in and around the healthcare industry.
NIST Technical Compliance Assessment
For companies that want to follow US cybersecurity standards, or companies whose vendors may require NIST compliance. Learn more about NIST assessments.
CMMC Technical Compliance Assessment
For organizations in the DoD supply chain, or whose vendors require CMMC compliance. Learn more about CMMC gap analysis & assessments
Network Risk Assessment
Make sure you're aligned with technology best practices to mitigate internal and external risks.
IT & Network Security Assessment
If you're not confident in your company's IT security, this assessment is for you.
PCI DSS Technical Compliance Assessment
If your company handles credit card information, you likely need to be PCI compliant.
4-Step Assessment Process:
The goal of the assessment is to gain an understanding of your company's susceptibility to risk, identify opportunities for improvement, and provide practical recommendations aligned with best practices as it pertains to the current IT infrastructure and security controls.

Phase 1: Configure Systems & Begin Security Scan
The first step is to set up the security scanning software and a few other tools so we can evaluate your network security.
These scans will begin:
- External Vulnerability Scan
- Network and Security Data Collectors
- Internal Vulnerability Scan
These tools take time, so they'll run for a few days to a few weeks, depending on the size and complexity of your network.

Phase 2: Physical Security Walk-through and Interviews
One of the most often overlooked sections of cyber security is physical security. We'll make sure that your IT systems and data are protected on a physical level, as well as at the cyber level.
We'll also sit down with your executives and your IT team (if applicable) to understand some of your processes related to data collection, storage, security threat mitigation, etc.

Phase 3: Final Data Collection & Report Preparation
We'll collect all data and assemble it in a meaningful way - that way it's clear to the executives and stakeholders where the holes are and what needs to be done moving forward.

Phase 4: Delivery and Review With Stakeholders
You'll get a high-level executive summary, as well as detailed reports with all of our findings.
We'll review the highlights together and explain the situation. You'll get actionable recommendations and insights you can use whether you work with us in the future or not.
By the end of this meeting, you'll know exactly where your network is strong and where it could use improvement.
Typical Cyber & Network Security Assessment Scope of Work
We'll perform a comprehensive review of the following areas:
- Network Architecture and Protections
- Server Environment
- Workstation Management
- Inbound Firewall Configurations
- Outbound Firewall Configurations
- Evaluate Effectiveness of Patch Management Tools
- Evaluate Anti‐Virus and Anti‐Spyware Tools
- IT-Related Administrative Control Process Review
- Shared Permissions Review
- Internal Vulnerability Scan
- Anomalous Login Detection
- Security Policy Assessment
- Backup, Restoration, and Disaster Recovery Planning
- Physical and Environmental Security
How Much Does an Assessment Cost?
Assessment services start at $3,499. Exact pricing depends on a couple things:
- Size and complexity of your environment
- How deep you want us to investigate
Fill out the form below to request an assessment and we'll put together a quote.
Not ready for a deep-dive? We also offer a FREE high-level, basic assessment. Why?
Because every business owner or manager deserves to know if there are any MAJOR gaps in their security. We'll discuss your current IT situation and your goals, then we'll provide recommendations. We may also run through a quick security checklist, if necessary.
Learn more about cyber security: Click here to get the Executive Guide to Cyber Security: Essential Information for Managing Business Risk