Contact Us

Penetration Testing

 
Penetration Testing

Proactively identify and attempt to exploit critical vulnerabilities, drawing remediation insights prior to a real-world attack

loupe

 
Vulnerability Management

Detect, categorize, and score vulnerabilities existing in your organization’s website, applications, network, or devices

employee

 
Virtual CISO (vCISO)

Leverage a team of veteran security professionals full or part-time to identify risks and enhance your security program

        

court

 
Compliance

Achieve and maintain compliance with the state, federal, and industry regulations and frameworks required for your organization

secure-shield

 
Risk & Business Resiliency

Assess your organization’s present risk level and develop policies, procedures, programs, and plans to mitigate risks identified

artificial-intelligence

 
Social Engineering & Awareness

Foster security awareness among your team and simulate real-world attack scenarios to assess the effectiveness of training

        

cloud-computing

 
Cloud Security

Evaluate your organization’s cloud infrastructure attack surface, identifying vulnerabilities in controls and configurations

Cybersecurity Services

 
Incident Response & Forensics

Determine the extent of a compromise, create a plan to keep damage under control, and preserve evidence for further investigation

copy-writing

 
White Label Security Services

Provide quality security services to your clients to expand your service offerings while our experts work under your brand name

Financial Services

 
Financial Services

Banks, credit unions, insurance, processors

Gaming

 
Gaming

Casinos, lottery services, online gambling

Government

 
Government

State, local, and tribal government agencies

        

Healthcare

 
Healthcare

Hospitals, clinics, pharmaceuticals

Higher Education

 
Higher Education

Colleges, universities, online schools

Hospitality

 
Hospitality

Hotels, restaurants, entertainment, tourism

        

Manufacturing

 
Manufacturing

Transforming materials into finished products

Nonprofit

 
Nonprofit

Charities, museums, religious institutions

Retail

 
Retail

Brick-and-mortar stores, online shopping

        

Technology

 
Technology

Technology-based products and services

Utilities

 
Utilities

Electricity, gas, water, sewage, transportation

        

Case Studies

 
Case Studies

In-depth investigations into our engagements

Datasheets

 
Datasheets

Detailed summaries of the services we offer

eBooks & Checklists

 
eBooks & Checklists

Downloadable files to help mitigate your risks

        

Glossary of Terms

 
Glossary of Abbreviations

Industry abbreviations listed and described

Industry News

 
Industry News

Recent cybersecurity and compliance news

Webinars & Videos

 
Webinars & Videos

Video content produced by our experts

About Us

 
About Us

Learn more about our story and mission

Career Opportunities

 
Career Opportunities

Explore career opportunities and apply today

Certifications

 
Certifications

Industry-leading certifications and education

        

Community

 
Community

See how we give back to the community

Events

 
Events

Upcoming conferences and webinars

Meet the Team
Meet the Team

Meet our executive team of experts

        

Press Releases

 
Press Releases

Major company news and announcements

Request a Speaker

 
Request a Speaker

Request our experts to speak at your event

Testimonials

 
Testimonials

Hear what others have to say about us
Contact Us

Penetration Testing

 
Penetration Testing

Proactively identify and attempt to exploit critical vulnerabilities, drawing remediation insights prior to a real-world attack

loupe

 
Vulnerability Management

Detect, categorize, and score vulnerabilities existing in your organization’s website, applications, network, or devices

employee

 
Virtual CISO (vCISO)

Leverage a team of veteran security professionals full or part-time to identify risks and enhance your security program

        

court

 
Compliance

Achieve and maintain compliance with the state, federal, and industry regulations and frameworks required for your organization

secure-shield

 
Risk & Business Resiliency

Assess your organization’s present risk level and develop policies, procedures, programs, and plans to mitigate risks identified

artificial-intelligence

 
Social Engineering & Awareness

Foster security awareness among your team and simulate real-world attack scenarios to assess the effectiveness of training

        

cloud-computing

 
Cloud Security

Evaluate your organization’s cloud infrastructure attack surface, identifying vulnerabilities in controls and configurations

Cybersecurity Services

 
Incident Response & Forensics

Determine the extent of a compromise, create a plan to keep damage under control, and preserve evidence for further investigation

copy-writing

 
White Label Security Services

Provide quality security services to your clients to expand your service offerings while our experts work under your brand name

Financial Services

 
Financial Services

Banks, credit unions, insurance, processors

Gaming

 
Gaming

Casinos, lottery services, online gambling

Government

 
Government

State, local, and tribal government agencies

        

Healthcare

 
Healthcare

Hospitals, clinics, pharmaceuticals

Higher Education

 
Higher Education

Colleges, universities, online schools

Hospitality

 
Hospitality

Hotels, restaurants, entertainment, tourism

        

Manufacturing

 
Manufacturing

Transforming materials into finished products

Nonprofit

 
Nonprofit

Charities, museums, religious institutions

Retail

 
Retail

Brick-and-mortar stores, online shopping

        

Technology

 
Technology

Technology-based products and services

Utilities

 
Utilities

Electricity, gas, water, sewage, transportation

        

Case Studies

 
Case Studies

In-depth investigations into our engagements

Datasheets

 
Datasheets

Detailed summaries of the services we offer

eBooks & Checklists

 
eBooks & Checklists

Downloadable files to help mitigate your risks

        

Glossary of Terms

 
Glossary of Abbreviations

Industry abbreviations listed and described

Industry News

 
Industry News

Recent cybersecurity and compliance news

Webinars & Videos

 
Webinars & Videos

Video content produced by our experts

About Us

 
About Us

Learn more about our story and mission

Career Opportunities

 
Career Opportunities

Explore career opportunities and apply today

Certifications

 
Certifications

Industry-leading certifications and education

        

Community

 
Community

See how we give back to the community

Events

 
Events

Upcoming conferences and webinars

Meet the Team
Meet the Team

Meet our executive team of experts

        

Press Releases

 
Press Releases

Major company news and announcements

Request a Speaker

 
Request a Speaker

Request our experts to speak at your event

Testimonials

 
Testimonials

Hear what others have to say about us
Ransomware Readiness Review

Business Resilience Review

Business Resilience Review Services

The US Department of Homeland Security defines ransomware as "a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid". Ransomware is arguably the most widespread and devastating cybersecurity threat currently facing the country. It seems that a ransomware attack manages to make the news at least weekly, if not daily, and the victims hitting continuously closer to home, from our school departments to our grocery stores. Experts have estimated that ransomware costs organizations globally $8 billion in 2018, with a predicted rise to $11.5 billion in 2019. No industry or organization is immune to being targeted for ransomware attacks.

Compass IT Compliance employs a team of highly certified and experienced Ethical Hackers and IT Risk Specialists to assist organizations in mitigating their risk of a breach. Due to the rising threat of ransomware attacks, we've created the Business Resilience Review service to help organizations not only mitigate the risk of ransomware infecting their systems, but also minimize the potential damages and stoppages that would result from a successful ransomware attack. Our Business Resilience Review can be broken down into five areas:

1. Incident Response Plan Review
Compass IT Compliance will review your current incident response plan for completeness and provide any recommendations to assist in making the incident response plan complete, and can also assist in building or updating a plan after the review. Our review will include the following areas:

  • Review of how the organization handles and manages incidents
  • Review of how the organization responds to such incidents
  • Review how the organization meets government, industry, legal, personnel (or other) regulations
  • Review of the organization to prevent the use of systems in attacks against external resources
2. Phishing Campaigns
Compass IT Compliance has developed phishing templates from real world experiences. We can work with your management staff and tailor phishing campaigns to target the general population of employees, spear phishing campaigns to target specific groups of people, and whaling campaigns to target high value employees.

Related Resources

Security Awareness Training

Phishing Assessments

Incident Response Planning

Business Continuity Planning

Ransomware Blog Posts

Contact Us

3. Business Continuity and Disaster Recovery Plans
Compass IT Compliance will review your current business continuity and disaster recovery plans for completeness and provide any recommendations to assist in making the business continuity and disaster recovery plans complete. 

4. Business Resilience Tabletop Exercises
Compass IT Compliance will assist you in understanding and identifying gaps in response plans through the use of tabletop exercises and documentation that will simulate the threat of security and disaster events without having to experience it for real. Depending on the needs of the organization, this can be a security event such as a ransomware attack, a business continuity event such as a fire or flood, or a combination exercise that allows the organization to utilize both incident response and business continuity during a single test. Both types of tests deal with the identification, assessment, response containment, and recovery of events. These exercises will assist in creating muscle memory for event response and recovery, and gaps identified can be used to improve the plans.

5. Backup and Recovery Procedures
To be able to recover from a security or continuity event, you must have the correct backup and recovery procedures for data. Compass IT Compliance can review your current backup and restore procedures and ensure that timely backups are being taken and proper recovery procedures are followed. We will compare your ability to recover to the RPOs and RTOs in your business continuity plans, and review that critical data, as defined by you, is being backed up.

Let Compass IT Compliance assist your organization in assessing any risks present through our Business Resilience Review so you can mitigate not only your risk of falling victim to a ransomware attack, but also minimize the damage that a successful attack could inflict. Contact us today to discuss your unique situation!

Compass IT Compliance, LLC

Corporate Office:
2 Asylum Road
North Providence, RI 02904
 
Phone: (401) 353-3024
 

Recent Posts

Subscribe to Our Blog!
Copyright © 2022 Compass IT Compliance, LLC. All Rights Reserved.