Discovery Assessment FAQs
Used to conduct an initial evaluation on a client’s current security posture. The assessment provides context around where we, Infoaxis, should be focusing our efforts to meet desired outcomes- whether that’s to increase overall security measures, or helping an organization meet a compliance standard.
Some commonly asked questions:
Q: Is the Discovery Assessment equivalent to a Pen Test?
A: No, this is not equivalent to a pen test. A discovery assessment evaluates your current cybersecurity program focusing on people, process, and technology. A pen test tests the controls in your IT environment, where the Discovery Assessment is only examining at your responses. It has been proven that conducting a discovery assessment, followed by a pen test will give you the most thorough 360-degree view of your cybersecurity posture.
Q: Will a Discovery Assessment identify the effectiveness level of my current cybersecurity procedures?
A: Yes. The Discovery Assessment is a questionnaire-based review that creates a readiness report based on your answers. The report is centered around meeting guidelines of the National Institute of Science and Technology (NIST) Control teamwork (which in cyber speak, is a very universal compliance standard).
Q. On average, how long does the Discovery Assessment take from beginning to end?
A: It will take under one hour for someone at your company to complete, and on average 3-5 days in total to deliver the report and schedule a call to go over the report and plan.
Q. I’m not very familiar with how cybersecurity works and how to implement it, will your team help guide my staff on what technology we need to acquire to build up our cybersecurity model?
A: Once we receive the Discovery Assessment results, our staff will provide you with a high-level overview of your current cybersecurity posture along with some recommendations on what actions you can take to better secure your infrastructure. This will lay the foundation for your Cybersecurity Roadmap. If you decide to continue your relationship with Infoaxis we will guide you in building your cybersecurity program focusing on people, processes, and technology.
Q: Is my company a good fit for a Discovery Assessment?
A: In today’s environment, it is not a question of “IF I experience a security breach” but rather “When I experience a security breach”, so every company is a great fit for the Discovery Assessment.