Our consulting team was recently engaged to carry out an in-depth cyber risk assessment for a global IT consultancy, specialising in digital transformation and solutions-orientated services.

As part of their commitment to cybersecurity, the company sought to conduct a comprehensive cyber risk assessment to understand their critical systems, data, and operations, and identify key cybersecurity risks.

The assessment was also intended to provide transparency to the cyber insurance market regarding the organisation’s overall risk, resilience, and control measures.

The Process

The AnotherDay cyber consulting team employed a simple and easy-to-understand methodology throughout the assessment. The methodology aimed to provide a clear vision of the current state of information security at the company, with a focus on the overall architecture, levels of resilience, and the protection measures for critical data.

The assessment covered the following components:

• Levels of resilience: The team outlined the levels of resilience across systems, architectures, and supply chains to provide context on how potential cyber breaches could be mitigated. They also assessed the current governance arrangements around resilience and business continuity.
• Current protection measures: The report provided a detailed overview of the various protection measures associated with the organisation’s systems, including specific technologies and critical third-party platforms across areas of network, endpoint and email security. It also highlighted ongoing improvement projects aimed at reducing risk and explained how these protection measures integrate together.
• Systems layout and criticality: The assessment outlined the network infrastructure, systems, and external applications used by the company in its operations. It identified the most important components for the company’s mission-critical activities and considered other critical elements within the environment that could impact potential cybersecurity losses.