CYBER RISK ASSESSMENT AND MANAGEMENT

Bad Rabbit Security can perform onsite or off-site risk assessment of an organization’s security processes and technical controls. We use a combination of standard qualitative risk assessment tools and depending on the client’s requirements these can be as simple as a risk assessment questionnaire and remote scanning to full on site technical security audits and penetration testing / code review.

​

Risk assessments can be mapped to an organization’s current compliance programmes, or based on industry standard governance schemes such as the CIS-20, NIST, ISO27001, PCI-DSS, OWASP Top Ten for web applications etc.

Our auditors are qualified professionals holding ISACA membership, CISSP certification and CIIP Certified ISO 27001 Implementation Practitioners.

​

Following a risk assessment, Bad Rabbit Security will perform gap analysis and can provide full consultancy services to assist in the selection of controls to treat the identified risks, design of appropriate policies and procedures, and in the training of employees.

​

We can also offer online 365/24/7 security, risk and breach monitoring via an online risk scorecard system, which is also suitable for assessing an organization’s third-party exposure and risk, or for due diligence in mergers & acquisitions.