Free Security Risk Assessments for Companies

Why ?

Nowadays, one of the biggest business risks is that of cyber-attacks / data breaches. [1][2]

Lack of understanding of security risks and a information handling hygiene brought companies out of business[3][4] and created some of the biggest scandals in the last years[5]. 

An assessment will make you understand the REAL implications and REAL cost of neglecting how you handle information. 

It can probably save your company from going out of business.

This is a sensitive topic, how could I just share that info with you ?

Trust is crucial in business in security. Even more in security. Even more for a security professional.

I’ve built that trust after advising startups, small-medium size business and high-net-worth individuals on Information Security and Privacy matters for the past 5+ years.

There’s a reason I practice what I preach – I cannot do my job otherwise! Nor can I set an example, nor could I be working with my current and previous employers and clients

Whatever we will ever discuss will remain between us, unless otherwise specified. Nothing sensitive will be discussed without a signed NDA and any other legal documentation you feel that are needed.

Why free ?

We are very dependent on information and technology for our business and day-to-day activities.

At the same time, we are very unaware of it’s implications on the bottom lines and our reputation. 

I’m here to make you understand how you should handle your information and what to expect. 

And it’s for free, because basic information about protecting oneself and ones business should be accessible to anybody. 

What you do next is up to you

No strings attached. No cheezy sales. Pure value. 

Because that’s how I’m contributing to a better and more worry-free world. 

How are We Doing This ?

1-2 hour discussion about your overall business and the information you handle.

But this is complicated subject, is that enough ?

It’s clearly not enough to cover everything. But it’s a good start to give you further pointers to look into on your own.

The purpose of this is to look at your business with a different mindset. An information security mindset which can shed light on critical risks that are bound to materialize.

What Do You Get Out of It?

An Information Security Risk report containing :

  • visual overview of critical assets 
  • top information security risks for your business
  • recommendations on how to proceed from here

To use for :

  • further maintaining and growing with a clear idea of the implications and possible costs
  • proving to your customers that you are making efforts for the proper security and privacy of their information
  • proving to the business you are servicing that you you are making efforts to properly secure their data

What you’re probably thinking*

*sample reactions from real conversations with companies throughout the years

I’m not big enough to be a target, so this does not apply to me.

It does not matter how big or small you are. Nor do you have to be a target. Most attacks are not targeted anyway, you will most likely be one of the fishes caught in the net. 

I’m too busy for this. 

You’re probably busy keeping your business afloat or growing it. A security incident can ruin all you’re efforts with a few clicks. 

I already have antivirus and some other security technologies that I’m not sure what they’re called.

Information Security is not just about the technology. Antivirus and security tech is only 1 part of the puzzle. Processes and people also need to be considered and assessed. 

“There’s no clear reason why I would get hacked, I think this is overrated”

“Hacker” motivations are diverse.  They do it for profit, to prove a point or just for fun. [6]

But then again, why think just “hacking” ? Technology can fail and you can lose data worth hundreds of hours of work because your server broke down. Regulatory fines are also a big cost – remember GDPR[7]?

I have the “IT guy” handle this for me and I trust him.

Your companies security is ultimately your responsibility. You probably demand many other things (to be delivered very fast) from your “IT guy” and security will not always be his priority. 

And maybe your company will not always be his top priority as he has a personal interest[8].

Or things can go wrong simply because he is still human and humans make mistakes.[9]


“I have  an IT company handle this for me and I trust them. “

Many data breaches happened from within the companies supply chain.[10]

Your companies security is ultimately your responsibility. The “IT company” handling security for you need to have a good grasp of the subject, which is not always the case[11]

Request an Assessment Now!

I’m doing 100 Free Security Risk Assessments.

CONTACT me to get in line.

References

[1] https://www.aon.com/2019-top-global-risks-management-economics-geopolitics-brand-damage-insights/index.html

[2] https://www.agcs.allianz.com/news-and-insights/expert-risk-articles/risk-barometer-2019-business-risks.html

[3] https://threatpost.com/hacker-puts-hosting-service-code-spaces-out-of-business/106761/

[4] https://prooncall.com/3-companies-went-business-due-security-breach/

[5] https://qz.com/1079253/the-complete-guide-to-the-equifax-breach/

[6] https://teksecurityblog.com/6-motivations-cybercriminals-money/

[7] https://eugdpr.org/the-regulation/gdpr-faqs/

[8] https://digitalguardian.com/blog/new-insider-threat-report-breaks-down-scenarios-statistics

[9] https://www.kroll.com/en/insights/publications/annual-data-breach-trends-report

[10] https://threatpost.com/half-all-attacks-supply-chain/143391/

[11] https://krebsonsecurity.com/2019/04/wipro-intruders-targeted-other-major-it-firms/