Cybersecurity audit and development plan

Cybersecurity audit and development plan of the company’s IT infrastructure. Provides clarity, provides a plan and thereby mitigates business risk from cyber threats.

EAS küberturvalisuse taseme kaardistamise ja arendamise toetuse taotlusvoor on läbi. Loodetavasti tuleb uus ja veel parem…

Küberturbe teekaardi teostajaid oli Eestis kokku 30. OIXIO IT koostas kõigist teekaartidest 1/3. Aitäh kõigile, kes meid partnerina usaldasid!

__________

Kuni EU ja riik ei veel atra seab, toetame Eesti ettevõtete küberturvalisuse arengut 30-protsendilise allahindlusega. Küsi pakkumist!

Loe lisaks ja küsi abi!

Who is it for?

A cybersecurity audit and the development plan that accompanies it are necessary for every business, regardless of size or sector, because cyber threats are today’s No 1 business risk.

What problems or needs does it solve?

A cybersecurity audit is a mapping of the current cybersecurity posture of an enterprise, which assesses the current state of the enterprise’s cybersecurity, identifies vulnerabilities, and provides recommendations and specific actions to improve the level of cybersecurity.
In addition, the audit helps to raise the awareness of the enterprise’s management and identify whether and how a potential attacker could gain access to the enterprise’s critical information systems, devices, computer networks and data with the aim of significantly disrupting and/or interrupting critical business services.

Why OIXIO Cyber?

• Methodology – Our audit methodology is broader and more in-depth than many of our competitors. For example, we do a lot more manual testing and monitor network traffic to identify malware already on the network.
• People – OIXIO Cyber auditors are highly experienced professionals in their field, who are both good theoreticians and good practitioners.
• Experience – Over the past two years we have performed a total of 100+ audits for both larger and smaller Estonian private and public sector companies.
• Competence – Our auditors hold 70+ technical certifications (e.g. CISSP, CEH, SC-200, CSA, CCNP, NSE8, MS-500, CHFI, etc.), proving that they are the best in their field!
• Capacities – We have the capacity to assess the situation, to develop a development plan and to make all development activities a reality.

Main steps of the audit methodology

Interview – Completion of a control questionnaire based on the CIS, ISO 27001 and ASD frameworks.

Mapping of information resources – Detection of active devices on the network, mapping of services and databases, creation or updating of a network map.

Security network scanning – Scanning of computers, servers, internal and external network perimeter, web services and other information assets.

Manual checks – Manual checks of various infrastructure services and systems.

Network traffic analysis – Analysis of network traffic metadata (protocols, domain requests, certificates, file transfers, etc.).

Digital footprint – Mapping of the attack zone, dark web scans.

Physical Security Check – A visit to one or more locations to carry out a physical security check.

Aruanne ja arenguplaan – Kogutud informatsiooni analüüs, asitõendite talletamine, leidude dokumenteerimine, arenguplaani koostamine.

Our experience

Over the past two years, we have conducted a total of 100+ cybersecurity audits for both larger and smaller Estonian private and public sector companies.

If you would like to ask any of our existing clients for feedback on our capabilities, please let us know and we will arrange a contact/meeting.

Some examples of satisfied customers

Ask for a quote: