Our Mitigation Program

We have a straightforward, three-part approach to cyber security:

When Denver Cyber Security performs the requested assessments on your IS/IT environment, we create “risk registers” as part of our report to you regarding our findings.  These are HIGHLY CONFIDENTIAL and controlled documents that identify and list the specific cyber security vulnerabilities and other issues we have identified during the assessment. This risk register list is further organized when we score/rank the problems by priority which assists your leadership make decisions about which problems to tackle first.

Please ask to see a sample risk register.

The 2nd step in the cyber security process is "mitigation" or the fixing of the identified problems/issues. The mitigation process for each company requires a unique mix of people, processes, and technologies (or products).

People. Our highly experienced and vetted cyber security experts work with your IT team to design, implement, and maintain your cyber security program. We can play a “light-touch” monitoring role or (at your request) we can assume more aggressive levels of oversight of your program. Whichever way best meets your requirements, you can rest assured that our trusted team takes your security needs seriously and will not hesitate to engage your management, your board or any other responsible parties in the effort to protect your organization’s continuity.See our TEAM.

Processes. Cyber security personnel and technologies are useless without organized and fully current processes and procedures. And these processes must be maintained, monitored, and improved in an organized manner on a continuous basis. Doing anything else creates vulnerabilities and wastes your money. Our trusted and professional technical teams are fully versed in all aspects of cyber security processes and can support your IT personnel as they develop, document, and maintain your own cyber security processes.

Technologies (products). For effective cyber security, the smallest company must deploy a minimum of five cyber security products:

  • Perimeter protection (firewalls)
  • Identity and access management
  • Encryption
  • Email protection
  • Security awareness training

 Larger companies may deploy 20-30 different products…depending upon their needs. There are thousands of different vendors that make tens of thousands of different products…and, as you can imagine, they are not all created equally. Some are better than others.

Most of the time, we find that products that have already been purchased have not been deployed, configured, up-dated, and/or managed properly. Naturally, this negates any benefits of the purchase. We help you get the maximum benefit out of the products you have already purchased and if it is necessary or desirable to purchase new products, we can help you with the vendor assessment process so you choose the product that best meets your requirements. After you purchase the product, our experts can make sure that you deploy it correctly and ensure that you get maximum security value for your dollars.