Cyber Security Risk Assessment 2

Hi, I am certified risk assessor and auditor for risk assessment and management. Ping me for further information. Thanks and have a good day.

Hi, One of the services I offer is Penetration Testing of client sites and systems. Part of this process includes doing a risk assessment before developing the approach we will use for the penetration test. Normally I do this for utility companies in Australia. As you can imagine they require a high level of security. As part of this assessment I would look at the following * Online profile of the company. * Services, particularly internet based that the company provides. Are any of these of interest especially finance, sensitive information. * What information is publicly available about the company * What information is available about the companies employees i.e. email addresses, phone numbers, home address ect * Enumeration of possible cyber attack vectors based on collected information * Research examples of similar companies being attacked hacked Once I have completed the above, taking notes as I go I will produce a report with correct references for you. I will pace on a first draft of that report so you can have a look and advise of any areas where you want more information ect. Once you provide feedback I will update the report and send you the final draft.

A proposal has not yet been provided

I have more than 40 years in IT, with more than 20 years in networking and more than 12 years in security. I have researched several companies like CheckPoint, WatchGuard, Barracuda, McAfee, Intel Security, etc. I can provide professional writing and understanding in the security space. I have also provided security assessments for companies.

not sure If I understood this. Do you want me to perform a risk assessment or you want just a report template? If you want me to perform a security risk assessment, you need to tell more about the application. That will help me in understanding the threat landscape, possible attack vectors and obviously in quantifying my effort. Thanks!

I have a broad expertise in reporting and whitepaper writing. Also red teaming and deep analyses for corporations in order to understand it's security posture and maturity so new strategies and planning can be achieved to improve security overall.

certified ISO 27001 LA

Hello, I have experience performing risk assessments using different methodologies as CRAMM, ISO 27001, Ebios, and others. My approach is to build a profile of the company based on the questions and information gathered, modeling a stream value, identifying the products and services delivered by the company. At this point the client can define the scope of the analysis. The next step is to analyze the business impact to set the security posture in terms of confidentiality, integrity and availability. We can follow identifying the technology used and set the dependencies. After define the technology we can analyze the vulnerabilities of the technology used. The resulting risk is the crossing the security posture and the vulnerabilities of the technology that support them. With the risks defined we can recommend the countermeasures. All the information described before are include into the report. To get a successful assessment is necessary information of the company and one contact person in charge of look for the responses to the questions into the company. I am always available for interview. I will able to start your project as soon as possible according to you. Thank you for your consideration Best Regards, Jesús A. Suárez