Cybersecurity Maturity Assessments

Gain a holistic view of your organization’s people, processes and technological cybersecurity maturity through both technical and procedural testing and investigation.

Your company’s assets, infrastructure and applications need to be protected. The only way to ensure they are secure is to test the systems you have in place. SubRosa’s Cybersecurity Maturity Assessments can do that for you.

SubRosa’s Cybersecurity Maturity Assessment leverages industry-standard risk and compliance frameworks to protect critical assets, applications and infrastructure. In order to assess your organization’s information security, SubRosa’s team will utilize its extensive experience to collect and review data from your organization. The team will analyze the information collected and conduct interviews, and then communicate recommendations to better secure your information. SubRosa will also lay out a plan to enable its recommendations to be effectively implemented.

Read the Guide
Contact Us
Submit an RFP

What The Service Includes

Board Level Briefing

After the assessment is concluded, SubRosa provides a comprehensive brief for your senior leadership and board of directors. This brief includes all of the actions taken in the assessment and the recommendations to improve your organization’s cybersecurity.

Risk Assessment And Gap Analysis

Benchmarked against industry-standard risk frameworks, the Risk Assessment and Gap Analysis provides your organization with a holistic view of your organization’s current information security program. The gap analysis also identifies any opportunities to enhance your program to better your information security.

30-Day Threat Report

Leveraging the SubRosa SOC as a Service solution, we will provide you with a 30-day snapshot of your internal and external network activity, enabling you to identify indicators of compromise.

Penetration Test Report

After the Cybersecurity Maturity Assessment, you will receive a full and comprehensive penetration test report identifying known and exploitable vulnerabilities in order to assess and manage potential avenues of attack into your organization.

24-Month Roadmap

SubRosa will provide a 24-month security program roadmap to help you prioritize and implement the recommendations and outputs of the Cybersecurity Maturity Assessment.

Cybersecurity Maturity Assessment Methodology

All Cybersecurity Maturity Assessments are conducted by teams of at least 2 assessors. “slim” assessments are available with less, although we typically reserve this service for smaller/self-assessing Clients. The SubRosa Cybersecurity Maturity Assessment is conducted in 4 phases:

  1. An onsite assessment of evidence gathering, interviews and Q&A with the appropriate teams. (COVID-19 permitting).
  2. Video and phone calls to validate and verify information gathered in step 1. This step may replace step 1 if teams are unable to travel onsite.
  3. Technical assessments: network assessments and threat and vulnerability validation.
  4. Information collation and report writing.

Read The Blog on How COVID-19 is Impacting Cybersecurity:

Read Now

Our Supported Cybersecurity Frameworks

As a part of a standard Cybersecurity Maturity Assessment, SubRosa Cyber Solutions will benchmark your organization against the Center for Internet Security (CIS) Top 20 Critical Security Controls. This is an excellent baseline for organization’s wishing to know their cybersecurity maturity. However, some organization’s may have industry-specific cybersecurity requirements, such as finance or healthcare. As such, SubRosa Cyber Solutions specializes in a number of different frameworks, including but not limited to:

  • NIST Frameworks CSF, 800-53, 800-171
  • ISO 27001
  • HIPAA
  • Hitrust
  • Sarbanes-Oxley

Explore Our Services

SOC as a Service
Third Party Assurance
Incident Response
Penetration Testing
Cybersecurity Awareness Training
Contact Us
Submit an RFP