Trust but verify
Our Cyber Maturity Assessment combines traditional survey-based approaches with live, on-network analysis and threat detection tools so you don't acquire a cyber risk liability and can account for remediation costs in your deal.
How it works
RosettiStarr and our technical partners spend a lot of time helping companies investigate and recover from a Cyber Security Incident. The difference in impact and remediation time between those companies who are well prepared and organized, versus those who are not, is very significant.
Phase 1: Install Covalence and Complete Electronic Survey
In partnership with Field Effect, our expert team of cyber security analysts have developed a sophisticated threat monitoring platform and straightforward survey designed to identify key risk elements. The information collected by our monitoring platform and from the survey is then used as the basis of a tailored Security Control Implementation Plan; a series of action items designed to minimize your acquisition’s threat surface and maximize your cyber security investment.
Phase 2: Analysis
The questions you will be asked in the survey are mapped to a series of prioritized cyber security controls and appropriate maturity levels. Your answers will be assessed through custom software and by a Security Analyst. If any clarifications are required, we will reach out to your organization to discuss.
Phase 3: Report
Once analysis is complete you will receive a Maturity Assessment Report containing the following information: (1) Summary of Findings (2) Maturity Level Designation (3) Strengths and Gaps (4) Security Control Implementation Plan The Security Control Implementation Plan will be a list of recommendations based on the gaps which have been identified. These recommendations will be quite specific but also framed with more general contextual information. This will help to increase your understanding of the controls and how they mitigate risk; putting your organization in the best position to make decisions.
Phase 4: Discussion and Review
A one-hour interactive session with Field Effect is scheduled to review the information provided in the Maturity Assessment Report. This session serves as an opportunity for you to ask questions, and for us to clarify any of the information provided.
Phase 5: 90-Days of Threat Monitoring
All engagements come with 90-days of post-assessment threat monitoring intelligence through the Covalence monitoring and detection platform. This ensures that you are the first to know if a Cyber Incident occurs while the deal is pending and gives you insight into the organizations threat profile over time.