Category 1: Policies and Procedures
| Service Description | Deliverable | |
|---|---|---|
| 1 | Access Control Policies/Procedures: A security documentation service focused on helping agencies design and document system access control processes and procedures that comply with federal guidelines. (CISA) | Summary Report and Recommendations |
| 2 | AD Hardening Review/Assessment: Assessment to discover and analyze privileged account exposure and provide transition assistance for deviations from Microsoft’s privileged administration recommendations. | Document findings; provide recommendations |
| 3 | Backup & Recovery Strategy Assessment: Discuss the state of the current backup and recovery strategy to ensure their perceived safeguards will perform as intended when needed. | Discussion of customer environment and backup/restore considerations for up to one hour. Written report including the size of backups, retention strategy, cloud hosting requirements and time objectives |
| 4 | Business Impact Analysis (BIA) System Security: BIA System Security services include the development, update, or review of the BIA to determine the mission/business process and recovery criticality, identify resource requirements, and identify the recovery priorities for system resources. |
Discussion, Findings, and Recommendations |
| 5 | Disaster Recovery Plan Review: Review to assess how capable the organization is to restore IT infrastructure functionality and access to critical data based on current Disaster Recovery Plan | Summary Report and Recommendations |
| 6 | Foundational Assessment: A questionnaire in the form of an assessment addresses foundational cybersecurity questions to get you started with evaluating your organization’s current cyber posture. The assessment is aligned to both the NIST Cybersecurity Framework and the CIS Critical Security Controls and for those who have not taken other larger assessments before. | Assessment and Recommendation |
| 7 | Internal Vulnerability Scan: Scan and categorizes security threats, mapping those to policies to see what the mitigation should be. | Summary Report and Recommendations |
| 8 | IT Asset Management (ITAM): Evaluate whether the organization’s assets are accounted for, deployed, maintained, upgraded, and/or disposed of | Summary Report and Recommendations |
| 9 | IT Security Posture Profiling: Discuss municipality or school district’s current IT security program to obtain insights on how they measure up against Center for Internet Security Best Practices and Controls and gain practical advice for next best steps. | Identify security gaps; provide strategic plan to improve IT security environment |
| 10 | Log Audit/Monitoring Processes/Procedures Consultation & Documentation: Audit log monitoring processes and procedures consultation and documentation includes a security documentation service focused on helping agencies design and document system audit log monitoring processes and procedures that comply with federal guidelines. | Security documentation service focused on processes and procedures that comply with federal guidelines |
Category 2: Cybersecurity
| Service Description | Deliverable | |
|---|---|---|
| 11 | Asset Detail Report: This is a comprehensive report of all assets found within the client's IT environment. | Summary Report and Recommendations |
| 12 | Cyber Resilience Review (CRR): The Cyber Resilience Review (CRR) is an interview-based assessment to evaluate an organization’s operational resilience and cybersecurity practices. The organization will develop an understanding of its ability to manage cyber risk during normal operations and times of operational stress and crisis. | The organization will be evaluated and informed of understanding of its ability to manage cyber risk during normal operations and times of operational stress and crisis. Summary Report and Recommendations |
| 13 | Cybersecurity Policy Support: Assists customers in developing and maintaining information security and privacy policies based on the most recent guidance from legislation, executive orders, directives, policies, regulations, and other technical standards. | Guidance in developing and maintaining Information Security and Privacy Policies. Summary Report and Recommendations |
| 14 | Cybersecurity Sounding Board: Discuss strategies to rationalize and prioritize investments of financial and human capital to improve cyber security. | 2-hour conversation to discuss a cyber-security-related Challenge. Summary Report and Recommendations |
| 15 | Data and GAP Analysis: A gap analysis provides an overview of your current security operations and points out weaknesses when compared to industry standards | Discussion, Findings, and Recommendations |
| 16 | Data Breach Liability Summary Report: This is a report summarizing all data breach liability, which was uncovered during the assessment. | Summary Report and Recommendations |
| 17 | Data Security Review: Review the effectiveness and efficiency of existing data security processes. | Summary Report and Recommendations |
| 18 | Email Encryption Assessment: Test for existing email encryption and report on effectiveness of current solution in place. | Summary Report and Recommendations |
| 19 | Email Ransom and Phishing Attack Scan: Review the difference between phishing and spear phishing and why it matters; Review the techniques used in impersonation and spoofing attacks and how to recognize each; Discuss the economics of ransomware and spear phishing and what that means; Provide initial review of GAP analysis for email security threats; Provide a recommended action plan for remediation; Document all findings, provide review call/meeting with key personnel. | Provide initial review of GAP analysis for email security threats; provide a recommended action plan for remediation; Document all findings, provide review call/meeting with key personnel |
| 20 | Endpoint Security Assessment: Today’s sophisticated attackers are going “beyond malware” to breach organizations, increasingly relying on exploits, zero days, and hard-to-detect methods such as credential theft and tools that are already part of the victim’s environment or operating system. Endpoint security products respond to those challenges with a solution that unifies next-generation antivirus (NGAV), endpoint detection and response (EDR), managed threat hunting capabilities and security hygiene that is cloud-managed. | Review customer’s existing endpoint security strategy; Deploy a limited number of sensors on customer identified endpoints; document vulnerabilities and threats found in the customer’s environment; Meet with key personnel to review findings and provide recommendations |
| 21 | External Vulnerability Scan: An external vulnerability scan to look for vulnerabilities on network perimeter or website from the outside looking in. Examine the organization's security profile from the perspective of someone who does not have access to systems and networks security perimeter. | Review customer’s network and firewall policies to gain an understanding of their environment; Conduct external scan to identify vulnerabilities and possible threats; Conduct external scan to identify vulnerabilities and possible threats. Document vulnerabilities and threats found in the customer’s network. Meet with key personnel to review findings and provide recommendations |
| 22 | Firewall Penetration Testing: Security testing used to evaluate a firewall's effectiveness in blocking unauthorized traffic. | Summary Report and Recommendations |
| 23 | Network Assessment Report: This report provides an overview of critical information with various areas of the network, providing a detailed asset inventory summarizing the current status of the network. | Summary Report and Recommendations |
| 24 | Penetration Testing; Basic & Level 2: Security test that launches a mock cyberattack to find vulnerabilities in a computer system. By staging fake attacks, TOSS will help security teams uncover critical security vulnerabilities and improve overall security posture. | Summary Report and Recommendations |
| 25 | Physical Site and Equipment Assessment: This covers everything from your building and security systems to plans and procedures to potential threats from your surrounding environment. | Summary Report and Recommendations |
| 26 | PII Record Exposure Assessment: Review and assess any potentially exposed PII currently on your system. | Summary Report and Recommendations |
| 27 | Recommendations and Remediation Plan: Provide recommendations as well as a remediation plan to bring a system up to requirements or suggested levels of security and compliance. | Summary Report and Recommendations |
| 28 | Security Vulnerability Assessment: This testing process is used to identify and assign severity levels to as many security defects as possible. | Summary Report and Recommendations |
| 29 | Social Engineering Assessment: Perform a social engineering test and provide the results and provide suggestions on training or remediation. | Summary Report and Recommendations |
| 30 | Whole-Disk Encryption Assessment: Review all machines for whole disk encryption to ensure it is installed, enabled and working as expected. | Summary Report and Recommendations |
Category 3: Other
| Service Description | Deliverable | |
|---|---|---|
| 31 | Cloud Readiness Assessment: Cloud business review of infrastructure. Discuss the readiness of your infrastructure to move to the cloud; identify gaps in current infrastructure to deliver on your cloud vision; and make aware of changes that will happen from a business perspective. | Discussion; Findings; Recommendations |
| 32 | Cyber Threat Hunt Assessment: Provides agencies with the ability to proactively search through networks and systems to identify threats that have already bypassed network defenses and established a foothold. | Hunting Service for a specific threat actor |
| 33 | Database Vulnerability Scanning: Includes the scanning of databases and is conducted with credentials to provide a full and comprehensive view of the database(s). | Comprehensive Report to identify all potential database security related issues |
| 34 | G-Suite Security Assessment: Identify G Suite security features and application settings for administrator accounts that deviate from security best practices, as defined by Google, INNO4, or both. Report with actionable remediation recommendations with risk analysis for each recommendation. | Report with actionable remediation recommendations with risk analysis for each recommendation |
| 35 | LAN, WAN, VPN Review: Review your current infrastructure and network for possible issues and provide remediation recommendations. | Summary Report and Recommendations |
| 36 | Network Hardware Lifecycle Review: Review existing hardware within the network and provide suggestions on replacing or upgrading these devices. | Summary Report and Recommendations |
| 37 | Network Site Diagram: Provide a system diagram of the network upon review. | Summary Report and Recommendations |
| 38 | PC & Laptop Lifecycle Review: Review existing PCs and Laptops within the network and provide suggestions on replacing or upgrading these devices. | Summary Report and Recommendations |
| 39 | Remote Access Review: Review your remote access procedure and associated technology to ensure secure approach. We will provide remediation and recommendations as appropriate based on findings. | Summary Report and Recommendations |
| 40 | Resource Allocation Review: Review current allocation of resources within IT for the client. | Summary Report and Recommendations |
| 41 | Security Report Card & Plan: This is a report card which grades different areas of security for the client. This is a helpful summary-style output that puts a grade to each section of the assessment. | Summary Report and Recommendations |
| 42 | Staff & Stakeholder Interviews: Interview & meet with key staff and project stakeholders to help ensure an inclusive and fully effective assessment process. | Summary Report and Recommendations. |
| 43 | Vendor Management Review: Process to understand the potential risks of utilizing a vendor's product or service, as well as an ongoing process to ensure that quality security practices are being maintained. | Summary Report and Recommendations. |
| 44 | Wireless Network Vulnerability Scanning: A comprehensive report that identifies all discovered wireless devices. For each device detected, the report will contain the type of signal detected, the Media Access Control (MAC) address of the device, the wireless channel the device is operating on, what type of security/encryption the device is using, and the Global Positioning System (GPS) location of said device. | Summary Report and Recommendations |