MDS - Cybersecurity Assessment
Maureen Data Systems
The purpose of the MDS cybersecurity assessment is to identify and prioritize vulnerabilities within the customer's production environment, covering both cloud and on-premises systems.
The purpose of the MDS cybersecurity assessment is to identify and prioritize vulnerabilities within the customer's production environment, covering both cloud and on-premises systems.
MDS Cybersecurity Assessment Overview
The MDS Cybersecurity Assessment is designed to help organizations discover vulnerabilities in their cloud and on-premises environments. This comprehensive assessment covers two common threat scenarios: human-operated ransomware and data security risks from company insiders. By using specialized engagement tools, the assessment identifies and prioritizes vulnerabilities, providing detailed recommendations to improve the organization's cybersecurity posture.
Highlights • Human-operated Ransomware: This type of ransomware results from active attacks by cybercriminals who infiltrate an organization's IT infrastructure, elevate their privileges, and deploy ransomware to critical data. • Data Security Risks: The assessment also addresses data security risks from company insiders, which can lead to data breaches and other security incidents.
Benefits
After completing the Cybersecurity Assessment, customers will:
• Better understand, prioritize, and address cybersecurity vulnerabilities, improving their defenses against human-operated ransomware. • Gain insights into data security vulnerabilities and minimize risks from company insiders. • Have a clear set of next steps based on the assessment findings and their specific needs and objectives.
What We'll Do During the Engagement/Assessment
During the engagement, we will:
• Analyze the customer's environment and current cybersecurity maturity level based on the CIS Critical Security Controls. • Define the scope and deploy Microsoft Defender Vulnerability Management and Insider Risk Analytics in the customer's production environment. • Perform a vulnerability assessment and assist with prioritizing vulnerabilities and misconfigurations. • Conduct a data security assessment to discover and evaluate sensitive information and potential insider risks. • Plan next steps to improve the customer's cyber and data security posture and discuss future engagements.
Assessment Setup
• Engagement Setup and Scope Definition Meeting
- Define and finalize the engagement scope and required configuration settings for the engagement tools. • Change Management
- If needed, MDS will assist the customer with any required change management processes and approvals for the configuration changes as per defined scope. • General Configuration
- Configuration of the customer’s Microsoft 365 production tenant including setting up trial licenses, configuration of tenant and included Microsoft Defender XDR security products. • Microsoft Defender Vulnerability Management Configuration
- Configuration of Microsoft Defender Vulnerability Management in the customer’s production tenant including the configuration of a machine to be used to scan for vulnerabilities on-premises, if needed. • Insider Risk Analytics Configuration
- Configuration of Microsoft Purview Risk Management products in the customer’s production tenant.
Why Should Customers Request This Assessment
Customers should request this assessment to:
• Gain visibility into vulnerabilities within their Microsoft 365 cloud and on-premises environments. • Understand and address data security risks from company insiders. • Receive tailored recommendations to enhance their cybersecurity defenses and minimize risks.
Who Should Participate in This Assessment (Stakeholders)
Key stakeholders who should participate in this assessment include:
• IT and security teams responsible for managing and securing the organization's IT infrastructure, such as IT Security Architects, IT Security Administrators, IT Security Operations (SecOps) and alike. • Compliance and risk management teams to ensure alignment with regulatory requirements and internal policies. • Senior management and decision-makers to understand the strategic implications of the assessment findings and support necessary changes, i.e. CISO, CIO, CSO, CRO.
Pricing, Terms and Conditions: • Terms, conditions, and pricing can be customized to each engagement to best suite the specific needs of your organization. Contact us for more information!
Other • This engagement is also available in Spanish.