Cybersecurity

Professional
Services

Our expert cybersecurity staff works as an extension of your team to assist with security assessments, cyber risk management, penetration testing, incident response and planning. No matter the size of your business, Dunbar Cybersecurity will fully evaluate your business to detect and mitigate security gaps.

Security
Assessment

Our team assists you in adopting an enterprise-wide approach to analyzing and prioritizing risks that also aligns with your strategic goals.

Cyber Risk Management services include:

End-to-end risk modeling and assessment

IT and third-party oversight

Enterprise risk management (ERM) reporting

Policy management and review

Continuous monitoring

Cyber Risk
Management

Our Process

  • Review of policy and procedures
  • Employee Handbook
  • Information Technology Policy
  • Password Policy
  • Email, Social Media, and Internet Policy
  • Encryption Policy
  • Remote Access and Mobility Policy

Organizational analysis

  • Validation of policy enforcement
  • Physical assessment of security at corporate locations
  • Interviews with the key stakeholders
  • Interviews with third party vendors
  • Gathering of open-source intelligence available on the Internet

Technical analysis of systems and controls

  • Assessment of previous vulnerability assessments
  • Web traffic analysis on the Client’s customer portal
  • Review of firewall, active directory, database, and sensor logs
  • Vulnerability scanning and validation
  • Penetration testing

Reporting

  • Summary of findings and needs for improvement
  • Insight into emerging threat trends
  • Road map for implementation of processes and solutions for remediation, prioritized based on a combination of severity and ease of implementation

Penetration
Testing

Dunbar Cybersecurity utilizes the Open Source Security Testing Methodology and the Penetration Testing Execution Standard. These processes allow for an objective, scientific approach, including:

Pre-engagement interviews

Intelligence gathering

Threat modeling

Vulnerability analysis

Exploitation

Post-exploitation

Reporting

Social Engineering

Planning and
Management

We can control costs, drive service, and mitigate risks from an outsider’s perspective, meaning we’ll often spot issues that have become invisible to internal teams over time. We’ll integrate our services with your current IT team and infrastructure, to provide guidance on all things cybersecurity, including:

Project management

Implementation consulting

Board and executive education

Security awareness training

Request an assessment

Open Form