Ransomware is a scourge leaving organisations facing severe consequences including financial impact and damage to brand reputation. A RRA or Ransomware Readiness Assessment (also known as a Ransomware Risk Assessment) is a quick way to:
During our Ransomware Risk Assessment, we will understand how you handle:
At the end of the Ransomware Risk Assessment, we will provide you with an executive report with details on all the 10 categories that we have assessed, along with a breakdown for each category.
We list additional observations on your organisation's ransomware preparedness levels that our consultants make during the assessment.
The report provides easy-to-understand recommendations on improving your ransomware preparedness score and closing the gaps.
Find out more.
We adopt the same rigour, discipline and evidence-based approach to all our assessments. In Phase 1, we are in a ‘fact-finding’ mode and want to read and consume all the necessary information. This can take as little as a few hours or days, depending on the size of your organisation.
In phase 2, we dive into the Ransomware Readiness Assessment. We will need to speak with someone who has the experience, the organisational context and the holistic awareness of the business. We then finish the assignment with a management report.
This particular assessment is a high level assessment and in most cases should not take longer than a day or two days.
Yes. This assessment is based on a self-assessment by the US CISA. You can download their Ransomware Readiness Assessment, install it and conduct if yourself.
We are a boutique cybersecurity consultancy with a global and solid reputation amongst small, medium and large companies. See here for a small list of our satisfied clients.
We deliver the Ransomware Readiness Report in a PDF format. We will also spend about 30 - 60 minutes explaining the report in a Zoom or face-to-face presentation with the key stakeholders.
NO. In this high level assessment, we will not require to visually review your technology configurations. Conversely, you must arrange for a technically competent person to be available for the assessment.
As we do not do a deep dive review of your technology and documents, you must arrange for a technically competent person to be available for the assessment. This may involve a third party service provider.
We have assisted numerous organisations including FIFA, NHS, Capita, BNP Paribas, Formula One Racing, British Medical Journal, and many more with assessments and audits. Here's some feedback from just a few of them.
"I would recommend Cyber Management Alliance’s tabletop workshops to anyone genuinely interested in being on top of their cyber incident response strategies. The format and style of conducting the entire workshop is what I found a lot of value in. Most importantly, the scenarios on which the workshop was based were relevant to the business, making the exercise a great investment of time and resources."
"In order for BMJ to the right way forward we looked for a VCISO to advise us on the right way to do things and give us expertise. We went to Cyber Management Alliance and it's been about a year now and we ran workshops, looked at our response to incidents, created the incident response plan and we are in a position now where we understand our way forward. Our VCISO keeps us on our toes and overall it's been a very effective way of delivering expertise into the organisation that we wouldn't have normally had."
"The Cyber Crisis Tabletop Exercise and corresponding audit conducted by Cyber Management Alliance Ltd was expertly delivered and has given us insights to reinforce our cyber strategy by continuing to help build the picture of where we were, where we are now, and our next focussed steps. We will be engaging CM-Alliance on an annual basis."
Why not find out more about our audits and assessments? Book a no-obligation discovery call with one of our consultants.
Amar and the team at Cyber Management Alliance have been a huge help in getting our firm positioned to deal with cyber security risk. Having opened our eyes to the variety and scale of challenges we face, and the potential financial consequences, they worked closely with us to improve our infrastructure, processes and understanding to embed cyber awareness into the firm. Their invaluable experience has guided us to the point where we should receive ISO27001 accreditation in the coming weeks – a key stamp of approval that lets clients know we take these risks very seriously.