The process to understand your organisation's cyber health against the NIST Cyber Security Framework is fairly straightforward.
We send you a link to a self-assessment questionnaire that you complete. After we receive payment, you are assigned an experienced cybersecurity consultant who will spend up to 4 hours with you on a single call.
The diagram on the right further describes the straightforward process to initiate and complete the One-Day NIST Cyber Security Health Check.
The one-day NIST Cyber Security Health Check covers the five key pillars of cybersecurity, namely, Identify, Protect, Detect, Respond and Recover and is based on the US NIST CSF.
As part of our One-Day Cyber Health Check or NIST Assessment, we will need to see key document artefacts including, but not limited to cyber security related policies and processes, incident response processes, key strategy documents.
Where possible, we will also want to speak to your key suppliers who may be providing your cybersecurity services.
For this NIST assessment to be successful you must have all your resources available and documents ready for the call.
Please note: This is a fixed, low-cost opportunity for you to highlight your strengths and weaknesses. We do not test any controls. We will take your responses at face value and base our reports and recommendations on those responses.
We produce a concise report that highlights our key findings and opinions on your organisation’s cybersecurity, compliance and overall incident response readiness clearly highlighting any critical deficiencies that need urgent attention.
The NIST Assessment report will include a summary list of recommendations.
Receive a high-level view of your organisation's cybersecurity and incident response preparedness.
A fixed price NIST assessment with no hidden costs.
We have assisted numerous organisations including FIFA, NHS, Capita, BNP Paribas, Formula One Racing, British Medical Journal, and many more with assessments and audits. Here's some feedback from just a few of them.
"I would recommend Cyber Management Alliance’s tabletop workshops to anyone genuinely interested in being on top of their cyber incident response strategies. The format and style of conducting the entire workshop is what I found a lot of value in. Most importantly, the scenarios on which the workshop was based were relevant to the business, making the exercise a great investment of time and resources."
"In order for BMJ to the right way forward we looked for a VCISO to advise us on the right way to do things and give us expertise. We went to Cyber Management Alliance and it's been about a year now and we ran workshops, looked at our response to incidents, created the incident response plan and we are in a position now where we understand our way forward. Our VCISO keeps us on our toes and overall it's been a very effective way of delivering expertise into the organisation that we wouldn't have normally had."
"The Cyber Crisis Tabletop Exercise and corresponding audit conducted by Cyber Management Alliance Ltd was expertly delivered and has given us insights to reinforce our cyber strategy by continuing to help build the picture of where we were, where we are now, and our next focussed steps. We will be engaging CM-Alliance on an annual basis."
Why not find out more about our audits and assessments? Book a no-obligation discovery call with one of our consultants.
We provide support on cybersecurity strategy, policies, incident response, gap assessments, SIEM assessments, GDPR, Cyber Crisis Tabletop Exercises, Breach Readiness Assessments, and more. Speak to us to find out how we can assist.
Amar and the team at Cyber Management Alliance have been a huge help in getting our firm positioned to deal with cyber security risk. Having opened our eyes to the variety and scale of challenges we face, and the potential financial consequences, they worked closely with us to improve our infrastructure, processes and understanding to embed cyber awareness into the firm. Their invaluable experience has guided us to the point where we should receive ISO27001 accreditation in the coming weeks – a key stamp of approval that lets clients know we take these risks very seriously.