Where Do I Start
Identify and Assess Your Risk
Without knowing what’s actually happening within your network and cloud (private and public) environments, and understanding whether you are at risk to cyber threats, it’s difficult to determine what measures or solutions are needed.
There are a number of cyber risk assessments available, via the Jisc Frameworks, designed to give you a complete view of all activity within your environment and identify any holes which can make it vulnerable to a wide range of cyber attacks. These risk assessments and associated reports provide the information you need to help justify investment in the ‘right’ cyber security solutions to maximise protection and prevention.
Cyber Risk Assessment: Network and Threat Visibility
Identify what applications are being used, are they a risk and have you been infected by malware.
Many security systems (i.e. Firewalls) are unable to identify network traffic at the application threat level therefore cannot identify or protect against zero-day malware attacks, let alone enable you to determine what applications are being used by your staff and students. This service provides a risk assessment based on the analysis of the traffic traversing your network, taking into account the different types of applications, how they are being used, their relative security risk and if you have been infected by malware.
Cyber Risk Assessment: Public and Private Cloud
Are your internet facing services vulnerable, do you have in-depth knowledge of your SaaS usage or know if how your cloud environment is secure and compliant?
This risk assessment analyses your mission critical internet facing systems, and private and public cloud configurations to identify risks of cyber attacks and organisation breaches. The assessment includes:
- Vulnerability Assessment – Scan entire external facing infrastructure for all vulnerabilities, with actionable intelligence provided in an advanced report allowing quick prioritisation and remediation of vulnerabilities.
- SaaS Audit – Detailed analysis of all SaaS applications in use (sanctioned and unsanctioned) providing visibility of all; users, folders and file activity.
- Cloud Audit – Discovers cloud resources and data across AWS, Azure and Google cloud platforms to detect; risky configurations (misconfigured cloud storage / S3 Buckets), identify network threats, suspicious user behaviour, malware, data leakage (publicly exposed data), host vulnerabilities and more.
A Guide To Defining a Zero Vulnerability Infrastructure
KHIPU’s Defining a Zero Vulnerability Infrastructure 6 part guide provides an insight to the most common cyber attack types, guidance on how to define your cyber security strategy and helps you identify any potential weak points in your network so you can choose the right technologies for your organisation.