In order to determine which systems should be tested and in what priority order, we’ll help you take stock of all your networks, data, devices and other IT assets to help identify what you need and want to secure the most. This will also provide you with an overview of your overall network and the IT security controls around it.
Unless you have an unlimited budget for information security, you will likely need to limit the scope of your network vulnerability assessment to your most valuable and mission-critical assets, and especially with consideration for those than can affect regulatory and compliance requirements.
We can help you rank your assets based on their value, impact on regulatory compliance, and importance to running your business, and then classify each as critical, major or minor. The value ranking system involves answering the following questions about each asset:
- Would there be any financial or legal implications associated with exposing or losing this information?
- How valuable is this information to competitors?
- Is it possible to recreate this information if lost, and if so, what would be the cost in terms of time, money and resources?
- What impact does the loss of this information have on revenue or profitability?
- Could our day-to-day business operations continue without this information?
- To what extent would a leak of this information damage our reputation?