Actu
Prism Infosec announced the launch of its Cyber Maturity Assessment service
February 2024 by Marc Jacob
Prism Infosec, the independent cybersecurity consultancy, announced the launch of its Cyber Maturity Assessment service to help organisations identify areas of strong cyber security defence and where improvements can be made to help improve their security posture. The assessment provides the C-suite with a standardised initial benchmark against which to measure cybersecurity maturity and organisational performance.
The Cyber Maturity Assessment is mapped to the National Institute of Standards and technology (NIST) Cybersecurity Framework and covers all five core areas (identify, protect, detect, respond and recover) with maturity graded using five maturity rankings (initial, developing, defined, managed or optimised).
A team of GRC specialist consultants carry out interviews, review documents, and observe current practices in order to thoroughly assess, capture and report on the risks. The end report delivers insights into a variety of areas including asset management, supply chain risks, identity management and access control, staff security awareness, information protection processes and procedures, security monitoring and detection, as well as the effectiveness of response and recovery planning.
Cyber maturity is defined as being an organisation’s strategic readiness to mitigate threats and vulnerabilities, according to industry body ISACA, but the practice is not as widespread as it should be. One in five organisations do not assess their cyber maturity while the figure for those that do (65%) has not changed over the past two years, according to its The State of Cybersecurity 2023 report.
The top three reasons given for not conducting regular risk assessments, according to the ISACA report, were the time commitment involved (41%), not having enough personnel to perform the assessment (38%) and lack of internal expertise (22%) – all obstacles which indicate the need for external expertise.
The Cyber Maturity Assessment service is delivered by practitioners who individually hold more than 25 years’ experience in security assurance testing, are ISO27001 Lead Auditors, CISSP certified and are sector specialists. They form part of the Governance Risk and Compliance (GRC) Consulting team with the Cyber Maturity Assessment the latest addition to Prism Infosec’s Compliance Framework Assessments.
Suitable for organisations of all sizes from SMEs through to large enterprises, the Cyber Maturity Assessment provides a comprehensive view on the risks facing the business together with a roadmap of recommendations and estimated timescales to enable the business to achieve its cyber maturity goals.
