Our Gap Analysis will show you the differences between where your current ICT system stands compared to the NIST Cyber Security Framework or GDPR standards.
Even with your own cyber security systems in place, your organisation may not meet the industry standards and regulations. If your organisation is not compliant, you could be at risk to devastating threats and hefty fees. Our Gap Analysis helps you quickly assess whether or not you are compliant and makes actionable recommendations for meeting those standards.
The aim of the this test is to measure the differences between your current ICT system and current accepted security requirements. During this Gap Analysis, Gaia uses the NIST 20 CIS Security Controls, an internationally recognised framework. If you wish Gaia to test against the GDPR requirements, we can customise your Gap Analysis to accommodate the GDPR requirements.
Gaia will work with your IT staff through a formal standard process, testing against each of the 20 CIS Security Controls and/or GDPR. At the end of the test, Gaia will produce a report with easy-to-understand red, amber and green recordings that indicate weaknesses (red), areas that need improvement (amber) and strengths (green). We will also provide you with easy-to-understand recommendations on how to ensure that your systems meet the required security standards.
A Cyber Security Gap Analysis identifies vulnerabilities in your existing ICT environment, the results of which will enable your organisation to plan improvements, changes, upgrades and reconfigurations that will ensure your ICT environment is safe from cyber security threats.
This framework guides organisations on how to improve their abilities to detect, prevent and respond to security attacks and threats at a high level.
The NIST framework integrates common industry standards for processes and methods used to assess and manage secure technical infrastructure. It also provides a common language that allows staff at all levels within an organisation to develop a shared understanding of the organisation’s cyber security risks
Within this framework, the Center for Internet Security (CIS) has produced a 20 point framework to protect organisations from cyber attacks. It is against this internationally understood and utilised framework that Gaia will test your current ICT infrastructure
GDPR supersedes the UK Data Protection Act 1998, and has a significant and wide-reaching scope, bringing a 21st century approach to data protection. It expands the rights of individuals to control how their personal data is collected and processed, and places a range of new obligations on organisations to be more accountable for data protection.
It is law within the EU and any organisation undertaking business within or with a EU organisation must also adhere to its requirements.
Gaia’s combination of technical consultancy and skilled work by our experts ensures that a careful review of your current ICT system will be thorough and precise. Using a defined set of processes and procedures that match your current ICT environment, we will test your system against either the NIST controls or the GDPR. Gaia can tailor the Gap Analysis to suit your requirements so that you can rest assured that your organisation meets the industry-accepted security standards and is protected against threats
The delivery process should be a non-intrusive process and should not affect your business flow. Gaia will work in the background, ensuring that all installations are handled appropriately and in a timely manner.
As part of the Gaia Defence in Depth, we will review your current security protection and provide you with the information to implement a solution that adheres to internationally utilised security controls, methods and processes