As technology advances so do the adversaries who utilize it. It is important to note that cybersecurity is not a destination – it is an ongoing process. Vantage Point is dedicated to helping you stay ahead of these ever-growing threats.
Vantage Point has offered cybersecurity services since 2011. We primarily focus on financial institutions and the telecommunications sector. However, we have also provided our services to medical service providers and school systems as well as government entities and a variety of small to medium sized businesses. Our experience includes, but is not limited to internal and external vulnerability and penetration assessments, full IT audit services, company-wide consulting and program and policy creation, industry standards and regulatory best practices.
Phishing emails, which allow employers to test employees on real-world attacks, giving better context to actual attacks against the company.
Voice Phishing or “vishing” are conducted to test the processes in place to identify individuals on the phone from releasing sensitive information. Vantage Point will customize the scope to better suit your individual needs.
Onsite impersonations test the processes in place for companies for unauthorized parties entering the building. Vantage Point will customize the scope to better suit your individual needs.
Vantage Point can provide training for staff on any number of topics conducted in-person or through a recorded webinar. Topics include but are not limited to:
Vantage Point tests your organization’s incident response or disaster recovery program to assess your team’s ability to respond to changes, adapt to new situations, and prepare for various real-world scenarios and incidents.
Vantage Point provides an independent assessment of your institution’s IT security policies and procedures. Vantage Point will review if your organization’s controls are adequate when compared to the requirements listed by the FFIEC Regulations, GLBA Part 364 Appendix B, NIST, CIS industry standards, and IT best practices.
An Information Technology Audit (IT Audit) includes all the elements of an IT General Controls and Policy Review along with an onsite portion that verifies adherence to the review process. The IT Audit combines the scope of the IT General Controls and Policy Review along with a comprehensive onsite review allowing Vantage Point to check your institution’s policies and procedures for compliance and physical security controls.
The Vantage Point External Penetration Assessment is designed to help protect your institution against cyber-attacks from outside your network. This assessment analyzes your external, Internet-facing networks and identifies known and potential vulnerabilities. Vantage Point also simulates attacks from outside your institution.
The Vantage Point Internal Vulnerability Assessment is designed to help protect your institution against cyber-attacks from inside your network. This assessment also analyzes your internal networks, identifies known and potential vulnerabilities. Vantage Point also simulates attacks from inside your institution.
Vantage Point will test the customer’s network quarterly, monthly, or weekly based on the customer’s preference. Upon completion, customers will be provided a report of the new and recurring vulnerabilities found listed from highest remediation priority to lowest.
Vantage Point will attempt to use common as well as advanced techniques to exploit vulnerabilities discovered in a client’s network to gain unauthorized access. Vantage Point will also create a comprehensive simulation of an attacker’s methods to gain physical access to the client’s structure, building, or other environments.
Download and complete this Self-Assessment, then send to Natalie Reed or Kelly Pfeifer for a customized review of your Risk Score.
Choosing the Best Assessment for You
When choosing which assessments to conduct, many businesses start with an Information Technology Audit or a General Controls Review to gauge their cybersecurity controls and readiness. Vantage Point will make recommendations based on the needs of your organization to meet compliance and applicable industry best practices and standards. The results of these assessments often reveal other unknown opportunities to harden critical services and processes.
Other institutions may opt to begin by conducting a penetration test or vulnerability assessment to further scrutinize the state of your network’s infrastructure. Another great way to test the responsiveness of your employees and the depth of your training and policies is to conduct a social engineering assessment. We can create custom options that are tailored to suit your unique needs. If you have any questions, we are always happy to discuss how we can meet and exceed your cybersecurity requirements.