Maturing your cybersecurity program takes time, and it can be difficult to know where to start. An effective way to prioritize your path forward is to first figure out your current state. Our assessment evaluates the maturity of your organization’s cybersecurity readiness using the Cybersecurity Framework, issued by the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST). The framework provides a common language for understanding, managing, and expressing cybersecurity resilience.
For this assessment, we use a subset of the NIST controls that are appropriate for organizations just beginning their first formal approach to a cybersecurity program to identify and prioritize actions for reducing risk.