|
VULNERABILITY ASSESSMENTS |
IT
Management Programs
|
||||||||||||||||||||||||||||||||||
OVERVIEW Exploits and potential vulnerabilities are continually discovered and documented by leading security review organizations. Coupled with adaptations and changes to your network as new business requirements develop, the possibilities of exposing your systems and data are always present. It is highly recommended to repeat the assessment process periodically to minimize such possibilities. Our assessment was developed with that in mind. An
Independent Audit A Vulnerability Assessment is a risk management process that outlines the potential threats, areas of security weaknesses, and attempts to provide recommended remedies to the extent that they are available and feasible. Cornice Networks begins each assessment with a comprehensive interview, gaining insights into how the IT systems were put together and how they are intended to function as a whole and individually. Our security experts work with you through each phase of the process to ensure that every device is accounted for and tested with minimal business interruption. Both a "perceived" and an actual topology map are generated to provide a clear understanding of the make-up of the network, from a potential hacker's perspective and from the bank's. We use standard security utilities to identify the components of your network that may be at risk. While obtaining this internal information, we also research and compile the public information available regarding your network. RESULTS
We will also convey the results of the report in a Board-level presentation using non-technical language, providing your bank's board members with the right tools to make any necessary decisions. The decisions made will assist you in safeguarding sensitive customer information, can reduce your IT expenses, and improve the reliability of your network. ENGAGEMENTS
The scope of these reviews can be limited to external- or internal-only assessments to address changes to specific devices or segments of the network. It can also be extended to multi-year engagements where we perform a review periodically. |
For
additional information: |