Cybersecurity is an enterprise-wide risk which can negatively impact a business through legal implications, direct expense, brand and reputation damage. As threats grow in complexity and volume, businesses must be prepared to respond and understand that cybersecurity is not only an Information Technology risk but also a business risk.
Stinnett is a controls-based organization that focuses on helping our clients assess, identify, implement and report on the overall status of the organization’s cybersecurity maturity. Our approach includes risk assessments with threat modeling and using industry standard frameworks (e.g. NIST, CSC) to perform baseline and gap analyses of a client’s current environment.
Our consulting services range from less mature organizations beginning to design a new cybersecurity program to performing substantive testing of controls and procedures in organizations with mature cyber processes—ensuring industry leading practices are in place. We can also identify opportunities for improvement and provide management with living documentation to help develop future cybersecurity maturity initiatives.
We provide cybersecurity reviews and testing for the following critical areas:
- Patch Management
- Network Vulnerability Scanning
- Internal & External Network Boundaries
- Firewall Implementation and Monitoring (including NextGen)
- Firewall Dataflow & Standards Documentation
- Security Incident Management
- Evaluation of Encryption Technologies
- Workstation / Endpoint Protection
- Operating System End of Life
- Security Staffing
- Wireless Security
- IPS, IDS, SIEM Implementations
- Cloud Service Provider Evaluations
- Physical Security
- Network Access Control