Info Security Risk Assessments

Our assessment of an organization’s data risk and security can help you plan short-term, intermediate and long-term risk management strategies. 

Risk assessments help your organization determine what you have of value, how it can be attacked, what you would lose if attacked, and how to address the vulnerabilities. 

Great Lakes Forensics can help you audit, test, report and manage your security features in order to comply with various Regulatory Responsibilities including GDPR, HIPAA, PCI, FISMA, Sarbanes-Oxley, Gramm-Leach-Billey and more. Organizations pursuing System Organization Controls (SOC) 2 Audits and Certification may benefit from our consulting knowledge in the area of IT system controls.

Today, insurance carriersshould be assessing the level of security in organizations they are underwriting. They can do this with the help of Great Lakes Forensics to better assess the level of risk of the potential insured.

Organizations contracting with the US Governmentmay need to demonstrate compliance with the National Institute of Science & Technology’s (NIST) Framework for Improving Critical Infrastructure Cybersecurity, also known as the NIST Cybersecurity Framework.

We can assess and review your organization’s current status against the SANS 20 Critical Factors for securing an organization’s IT resources. Furthermore, we review potential cyber-attack vectors, existing security patch levels, network security, infrastructure best practices, encryption usage, virus protection, access management, network security, and regulatory compliance as requested by our clients.  

In order to protect your organization from cyber-attacks, Great Lakes Forensics will assess your performance against published IT policies. We are highly knowledgeable in emerging threat vectors, including firmware attacks on computer equipment microchips, as well as various side channel attacks that may be used to disrupt your business or compromise your data.