TechBento’s cyber security evaluation process is designed to help organizations identify vulnerabilities and improve the overall cybersecurity posture. Based on Bento Cyber Security Framework, we work with stakeholders through a series of questions that represent network security requirements and best practices. The presented requirement questionnaires are based on selected industry standards, common requirements, and network topology. The result is a formal report with a prioritized list of recommendations for improving the cybersecurity posture.
We offer up to a 1-hour assessment to potential new customers at no cost. Beyond that we charge hourly rates for services which are scoped through agreement or work-order. The difference is breadth and depth of the assessment.
Cyber security assurance is a process of reviewing your organization’s information technology, understanding what processes or tools your company uses to protect information systems and data, and then evaluating those protections for their effectiveness. While there are many cyber security standards available (including Bento Cyber Security Framework), the breadth and depth of a cyber security program depends on entirely on you. Your organization decides what information to protect and how to do it and there is ultimately no right or wrong way. What is important is that your policies are working as you expect them to work. Assurance takes your information technology management and validates that it is as effective as you think it is.
Your IT provider’s primary role is managing, monitoring, and administering information systems. Information security is fundamentally a separate and ideally segregated role. We work with your IT to evaluate your cyber security resilience and then provide expertise, engineering, and governance to the extent your organization decides is appropriate. TechBento’s team has the engineering knowledge to implement and manage information systems; we also have the confidence to operate with your IT collaboratively to make your business more resilient.
TechBento is a modern information security and systems company which means we solve many of the same issues that an IT provider might, but do it in a way that is integrated with cyber security policy. While managed service providers and IT consultants focus on system operations (SysOps) such as managing/maintaining desktops and servers, our primary responsibility is security operations (SecOps). Security operations come before and also after system operations. The “before” is generally related to planning/protecting/designing information security systems and the “after” is verifying that the system operations are working as designed. We serve some clients by purely operating an information security provider (or a Security Operations Center), and for others we also extend our system engineering services to support operations. Historically system operations were the key ingredient in IT, today they play a smaller part as planning and compliance have become integral to operational excellence.
- Contributes to an organization’s risk management and decision-making process.
- Raises awareness and facilitates discussion on cybersecurity within the organization.
- Highlights vulnerabilities in the organization’s systems and provides recommendations on ways to address the vulnerability.
- Identifies areas of strength and best practices being followed in the organization.
- Provides a method to systematically compare and monitor improvement in the cyber systems.
- Provides a common industry-wide tool for assessing cyber systems.
Yes! Our framework and governance program is based on NIST-800 53 Draft 5, the latest standard in cyber security management. It pairs well with FIRNA, SOC, and FISMA requirements.