OIXIO Cyber

Cybersecurity Assessment and Development Plan

Cybersecurity assessment and development plan of the company’s IT infrastructure. Provides clarity, provides a plan and thereby mitigates business risk from cyber threats.

Cybersecurity audit and development plan, computer security, cyber

Who is it for?

Cybersecurity assessment and the development plan is necessary for every business, regardless of size or sector, because cyber threats are today’s No 1 business risk.

What problems or needs does it solve?

A cybersecurity assessment is a mapping of the current cybersecurity posture of a company, which assesses the current state of the enterprise’s cybersecurity, identifies vulnerabilities, and provides recommendations and specific actions to improve the level of cybersecurity.
In addition, the assessment helps to raise the awareness of the company’s management and identify whether and how a potential attacker could gain access to the company’s critical information systems, devices, computer networks and data with the aim of significantly disrupting and/or interrupting critical business services.

Why OIXIO Cyber?

  • Methodology – Our assessment methodology is broader and more in-depth than many of our competitors. For example, we do a lot more manual testing and monitor network traffic to identify malware already on the network.
  • People – OIXIO Cyber auditors are highly experienced professionals in their field, who are both good theoreticians and good practitioners.
  • Experience – Over the past two years we have performed a total of 100+ assessments for both larger and smaller Estonian private and public sector companies.
  • Competence – Our auditors hold 70+ technical certifications (e.g. CISSP, CEH, SC-200, CSA, CCNP, NSE8, MS-500, CHFI, etc.), proving that they are the best in their field!
  • Capacities – We have the capacity to assess the situation, to develop a development plan and to make all development activities a reality.

Main steps of the audit methodology

Auditi intervjuu läbiviimine

Interview – Questionnaire based on the CIS, ISO 27001 and ASD frameworks.

Infovarade kaardistamine

Mapping of information assets – Detection of active devices on the network, mapping of services and databases, creation or updating of a network map.

Turvanõrkuste kaardistamine, probleemi leidmine

Vulnerability scan – Scanning of computers, servers, internal and external network perimeter, web services and other information assets.

Kontrolli läbiviimine

Manual checks – Manual checks of various infrastructure services and systems.

Võrguliikluse analüüsi läbiviimine

Network traffic analysis – Analysis of network traffic metadata (protocols, domain requests, certificates, file transfers, etc.).

Footprint ja selle kaardistamine

Digital footprint – Mapping of the attack surface, dark web monitoring.

Füüsilise turbe kontroll ja selle läbi viimine

Physical Security Check – A visit to one or more locations to carry out a physical security check.

Aruanne ja turbeplaani koostamine

Report and development plan – Analysing the information collected, storing evidence, documenting findings, preparing a development plan.

Our experience

Over the past two years, we have conducted a total of 100+ cybersecurity assessments for both larger and smaller Estonian private and public sector companies.

If you would like to ask any of our existing clients for feedback on our capabilities, please let us know and we will arrange a contact/meeting.

Ask for a quote:

Erki Markus

Linkedin

Project Manager of the Cyber Security

How can we help you?

Get in touch if you want to talk to an expert.

"*" indicates required fields

Name*
This field is for validation purposes and should be left unchanged.