SCA Vulnerability Assessments identify known vulnerabilities and configuration issues for external and internal systems. Social Engineering evaluates the human link of information security. Finally, we will review the physical security measures taken to safeguard information systems and sensitive information in all forms.
Penetration testing is a form of security testing where SCA emulates real-world attacks to identify methods or pathways to evade the security features of a network, system or application. These real-word attacks use tools and techniques, both automated and manual, that are commonly used by attackers which is why penetration testing is sometimes referred to attack and penetration testing; attack the target(s) to see how far they can be penetrated.
SCA Application Security Assessments will evaluate the security of critical applications, internal and externally facing applications, and web applications by identifying potential vulnerabilities through a series of automated and manual testing. SCA assessments of high-risk transaction platforms including online and mobile banking play a crucial role in 3rd party risk management and protecting customer data.
SCA Controls Reviews evaluate the technical, administrative, and physical safeguards in place to protect the confidentiality, integrity, and availability of information and information systems. Our process identifies control deficiencies, documents compensating controls and helps you choose and implement controls commensurate with your organization’s size and complexity.
SCA Risk Assessments are the foundation of a risk-based approach to information security. Following established methodologies from NIST, SCA Risk Assessments identify threats, vulnerabilities, their likelihood of occurrence and impact on your organization to arrive at a resulting risk rating for each. The resulting report helps management make informed, risk-based decisions, helps prioritize remediation efforts and populates your information security policy and procedures.
The role of an Executive Security Officer (ESO) has become increasingly critical in the workplace. Given the difficulties involved in finding the right person for the position, SCA offers Centurion ESO services designed to improve and oversee your organization’s information security practices. Part of the purpose of an organization’s Executive Security Officer is to align security efforts with enterprise initiatives and company goals. This must be accomplished in a manner that prioritizes the protection of data, assets, and technology.
As your virtual CISO, SCA can design and oversee your information security program or be a sounding board for your existing information security leadership. Employee information security awareness training helps prepare employees to use information systems, handle sensitive information and identify potential malicious efforts to access information. SCA will also assist with 3rd party due-diligence, allowing you to have a more detailed picture of vendors you work with.