We use the NIST Cybersecurity Framework to help identify current and targeted future states of your organization's security program
Praetorian will benchmark your organization’s current cybersecurity posture to the NIST Cybersecurity Framework
and identify an appropriate target state based on the organization’s threat and vulnerability profile. By combining the NIST Framework and the Top 20 Critical Security Controls (CSC), a useful current/target state analysis can be performed and then utilized as a driver for prioritized activities to improve an organization’s security posture.
A third-party security assessment that leverages these frameworks is an established cornerstone of information security operations, providing:
A threat profile of an adversary with access to the Internet or internal networks
Enumeration of systems, services, and applications that comprise these networks
An evaluation of the environment for technical vulnerabilities and security exposures
An analysis of the vulnerabilities for systemic causes
Strategic recommendations to improve technical, procedural, and administrative controls
We use data gathered during the various phases of a security audit to identify the current state. Working closely with your organization, we will identify a target state based on the threats to your particular organization, your business needs, technology profile, and overall risk approach. Praetorian utilizes the results of technical security assessments, interviews, and documentation reviews to complete this service.