Organizations looking to enhance their ability to respond to cyber-attacks, utilize industry standards to benchmark their security capabilities, provide independent evaluation of current security and incident response policies and procedures, or assess current risk posture should look no further than Kroll. Our consultants draw upon extensive experience in all aspects of risk management, including physical and data security, data forensics, business intelligence, due diligence, data recovery, and breach response to provide. Our experience in all of these areas and our investigative structure give us a unique advantage in accomplishing security assessments that take into account not just technology or policy and procedure, but also the human factors that must be integrated into any effective solution.
Kroll has the ability to conduct a variety of comprehensive assessments pertaining to an organization’s protection of physical and electronic data. Existing technology and processes are assessed, providing a window into the organization’s ability to detect, respond, and mitigate threats. Kroll experts will identify and communicate opportunities for improvement to management – helping ensure that security programs remain current and effective.
When it comes to assessment and review, one size does not fit all. The key to success is achieving and maintaining the right security level for your organization regardless of its size, one that is commercially reasonable.
We offer a full range of internal and external assessments to evaluate your systems, applications, and facilities, including:
- Cyber risk assessment and analysis
- Vulnerability assessment and penetration testing
- Physical security assessments
- Breach and compromise assessments
- Wireless security assessments
- Policy and procedure review and design
- Standards-based assessments (ISO, NIST, HIPAA, etc.)
Our methodology for these types of assessments is unique in both breadth and depth. Rather than simply following a checklist of control questions, Kroll experts use years of real-world corporate, data breach and investigative experience, coupled with an understanding of the organization’s unique environment, risk tolerances, and threat landscape to deliver a focused assessment that is current, actionable, and appropriate.
Kroll can provide a variety of deliverables that typically range from detailed reports to executive overviews to high-level presentations. In any engagement, Kroll provides regular updates on open tasks and requests, and can provide real-time updates and security remediation guidance in the event critical security issues are identified during the course of assessment. We can accommodate additional knowledge transfer that is required by the client, to ensure that any work done is not limited to the time period of the engagement, but facilitates a seamless transition incorporating this newfound knowledge into the client’s overall structure and operations. We can also assist in enabling the organization’s first responders in the event of a cyber incident to have the knowledge necessary to properly safeguard the network and capture vital evidence in the form of logs, disk images, etc.