Atrion

Security Assessments in the 21st Century

System ProtectionAs information security professionals, to say that our ability to predict and act on cyberattacks has improved this century would be a vast understatement. In fact, our ability to predict and act on cyberattacks has improved in just the past few months.

Technology is improving, our skills are growing, and our ability to spot patterns and footprints is increasing exponentially. However, we’re seeing that some of the same companies that are keeping up with this trend are, in fact, falling behind when it comes to conducting regular security assessments to ensure all potential gateways into the network are and continue to be effectively plugged.

Do we really need to be running security assessments?

It’s always a surprise when clients come to us with this question. Perhaps, as an industry, we’re starting to believe that we are so sophisticated that we’ll be able to stay on top of all these attacks without evaluating the source; or we’re relying too much on our reactive abilities and not enough on our proactive strategies as discussed in the last post; maybe we don’t have the resources to conduct these assessments internally — it’s hard to say. The answer will likely be different for every organization.

But the hard truth remains: Yes, every company needs to run regular security assessments. No matter how skilled any given company’s IT task force is, there are likely cracks and holes in its systems that are difficult to detect without a complete and thorough assessment.

Ok, then how do we get started?

Whatever internal challenges hold you back from security assessments, outsourcing is a common solution. There are a few reasons you might consider hiring out this essential component of your IT program.

  • Lack of internal resources
  • Need for guidance and expertise from security professionals
  • Urgent delivery requirements
  • Lack of trained internal security personnel
  • Fresh set of eyes that may pinpoint weaknesses overlooked internally

If any one of these scenarios fits your current situation, either full or partial outsourcing may be the right option for you.

How do I choose a vendor?

Once you’ve made the decision to outsource, you’ll need to evaluate the myriad vendor options to determine the best partner to lead these efforts. Here are some quick tips to help you separate the diamonds from the duds. Before signing a contract, ensure the company you’ve chosen has the ability to:

  • Understand your specific needs.
  • Meet those needs within your established budget.
  • Avoid subcontracting or provide a list of subcontractors from which you can refuse or approve work.
  • Complete your assessments according to the timelines you’ve defined.
  • Maintain flexibility as needs and policies fluctuate.

Does Atrion offer this service?

Yes! Atrion’s security consultants are 100% security focused and utilize only proven consulting methods based on current standards and best practices. Our security assessment services are full throttle and include:

  • Penetration testing
  • Vulnerability assessments
  • Application security assessments
  • Wireless security assessments
  • Physical security assessments
  • Social engineering
  • Incident response
  • Computer forensics

When you are investing in the future stability of your network, make sure to include security assessments as top priorities. Let us know how we can help.

[cta]The experts at Atrion have the experience and solutions to help you achieve efficiency across your enterprise. For more information, visit the Security Assessments & Services page of our website, or contact us at info@atrioncomm.com or 908-231-7777.[/cta]

Proven Systems

185-I Industrial Parkway
Branchburg, NJ 08876