Risk Assessment (With hoytNIVA Defender)
Our core competency at hoytNIVA is our technical assessment of software, hardware and those who use the technologies. Anyone can check software versions, match hardware against your needs and even see how the tool should be utilized. We go far beyond those basic reviews and we completely customize each solution to ensure our service provides short and long-term benefits. As part of our assessment we provide such detail as how the tool is used for performance purposes, what does your system output for reporting purposes through dashboards as it relates to revenue streams and what is your return-on-investment for previous technology purposes. Do we check all your tools and staff to make sure you’re secure from a Cyber attack and the latest updates are in place? Yes, that’s before we really get going.
Additionally, leveraging our extensive government and industry experience, we can stress test all environments up to and beyond typical standards to see how your production environment will hold up. Listed below is a brief example of typical assessment components to serve only as a basic guide. All hoytNIVA solutions are customized.
Components of hoytNIVA Defender
- General Review
- Software Setup & Updates
- Base Tools
- ERP Review (Basic Module Review & Client Discussion)
- Hardware Setup & Updates
- Personal Computers, Workstations, Tablets, Mobile Phones, Servers
- Security Review
- Virus/Malware Protection
- Vulnerability Assessments
- Administration
- Software Setup & Updates
- Mid-Level Analysis
- General Review
- Tool Utilization Reporting (Software & Hardware)
- Training for Software(s), Hardware(s)
- Pre-M&A Review, Pre-Sale Audit & Review
- General Review & Mid-Level Analysis
- Fully Detailed Reporting for Risk & Overall Exposures
- Short & Long-Term Capabilities Assessment
- ROI of Future Enhancements & Likelihood of Goal Achievement
- Post-Sale Consulting
- Setup & Refinement
- Implementation & Integration Services
- Cyber-Setup & Training
Cyber-Risk Services
The days of patch & pray, perimeter focus, and prevention only are over. A modern comprehensive security assessment recognizes that overall security is a feature of your entire system just like performance or energy efficiency and that system includes technologies, people, and procedures across your entire organization.
What’s more, that systems is under attack from many sources beyond malicious hackers. While trends like the declining cost of components and the pace of technological change may be helping you grow your business, they are also undermining your security.
- Economies of Scale
- Desire to decrease costs has eroded the security of our fundamental building blocks since the days of Multics
- Commodity pricing facilitates brute force attacks and widespread reverse engineering of security products
- Larger more valuable datasets increase incentive for attacks
- Pace of Change
- We are continually blending new technologies into existing frameworks
- Turnover is high: How much experience does the average staff member have with YOUR system?
- It is nearly impossible train and maintain everyone properly for their role
- Increasing Connections
- The Internet of Things is upon us, increasing complexity without a commensurate increase in security
- Many vulnerabilities are introduced by the necessity to work with third-party partners
Beyond these security-specific considerations there is your broader IT context to consider:
- How will emerging technologies affect your security and when?
- Have you properly considered evolving technological and social trends?
- Does your industry have a larger compliance framework like HIPAA?
- What is the right balance of security and convenience for you and your customers?
We at hoytNIVA would love to share our expertise on these topics and discuss cyber security with you in the proper context of your overall IT Goals and objectives. We bring the structure and depth of Department of Defense (DoD) training, the latest cyber security certification from MIT’s Professional Education Program, and years of practical experience in both security and technology. Whether it involves finding the right people, tools, or training, let us develop a solution together that will grow with your needs.
From basic compliance through assessment and analysis of systems to factoring security into your overall IT strategy, we at hoytNIVA would love to share our cyber security expertise with you in the proper context of your IT goals, objectives, and budget. For example, we often begin with a comprehensive proprietary assessment that takes your broader context and goals into consideration along with the systems approach and trends that impact security.
Penetration Testing
The bad guys are always trying to get into your network, so beat them to the punch. Find and fix your own vulnerabilities before they are exploited. We will probe your network in a controlled, professional way to determine what avenues an attacker might take to get in and get access to your critical files. Aside from gaining the information you need to close potential holes, you will acquire detailed knowledge of your own systems and configurations. Often improvements to both security and efficiency are possible with the knowledge gathered from a penetration test.
Options for Penetration Testing
- External Penetration Testing (Web-Facing, IP range)
- Internal Penetration Testing (Automated, With IT Professional)
- Penetration Testing for Compliance (PCI-DSS, HIPAA, GDPR)
- Network Mapping & Segmentation (In Preparation for Penetration Test)
Whatever you needs we can customize a plan that improves your security, compliance, and peace of mind.
Compliance Services
At hoytNIVA, compliance is large part of what we support with our clients. Not just with policies and regulations on a pass-fail basis but in preparation for future compliance issues that our clients may face with changes in their industry, with mergers and acquisitions or with expanding their customer-base overseas. Based in the technical and financial systems, hoytNIVA will assess all required systems to ensure minimum requirements are met.
Focus Areas of Compliance
- NIST Compliance
- Identify, Protect, Detect, Respond, Recover
- Health Care Compliance
- HIPAA/HITECH/OMNIBUS Technology Requirements
- External Audit Support for Regulatory Bodies
- Banking & Credit Union FFIEC Compliance
- FFIEC Inherent Risk
- Technologies & Connection Types, Delivery Channels, Online/Mobile Products & Technology Services, Organizational Characteristics, External Threats
- FFIEC Cyber-Security Maturity
- Cyber Risk Management & Oversight, Threat Intelligence, Cyber-Security Controls, External Dependency Management, Cyber Incident Management & Resilience
- FFIEC Inherent Risk
- Credit Card Processors
- PCI-DSS Audit & Certification Support
- Financial Systems Audit
- SOX/SOX-Related Compliance Audit, JSOX (Japan-Based Firms)
- International Financial Reporting System (IFRS) Audit
Artificial Intelligence (AI) & Machine Learning (ML)
Machine Learning offers a new programming paradigm where algorithms are discovered from the data rather than explicitly crafted and applied to the data. It has proven to be a powerful tool to combat complexity and gain insight–even from noisy and unstructured data.
However there is a great deal of confusion, even among technically competent decision makers, about how machine learning differs from traditional statistical models and about how to best apply it in support of business decisions. There is a dangerously short learning curve to get started with available tools but a long road to deep understanding and truly effective application of machine learning techniques.
Do you have the right team and right channels of communication to answer questions about your data, your machine learning models, and their contribution to business intelligence and the bottom line?
Informatics
hoytNIVA is based in data: your data, industry-specific data, data for human capital and everywhere in between. Our data solutions extend far beyond the basics of securing, managing, and mining data sets. The primary data question we always ask the team is, “what does it all mean?” To our customers, that’s important. That deeper understanding of the data coupled with supporting external data from hoytNIVA and beyond often leads to superior solutions with significant Return on Investment.
Data Assessments
hoytNIVA Data Assessment services are unmatched. With progressive, tier-1 experience in both corporate, government and academic arenas, hoytNIVA professionals have excelled and to continue to do so.
- We evaluate data opportunities in the context of your business goals
- We do not artificially decouple human capital and information technology
- Each component of our assessment is handled by a subject matter expert using the best available tools
- We supplement component analyses with a system-level evaluation and integration
- We track the latest trends in data analytics and monetization across multiple industries