Risk Assessment

Is your company ready for a Cyber Attack?

Planet Cyber Security Health Check

Cyber incidents can have a significant impact on businesses and their customers, from business disruption to financial loss and reputational damage. This impact is compounded when business only address cyber risks after an incident.

The Planet Cyber Security Health Check Service helps businesses to better understand their cyber risk.

This consulting-led assessment is undertaken by industry experts using best practices according to the Australian Signals Directorate (ASD) Essential 8.
As part of this service, we provide businesses with a report assessing their maturity level alongside recommendations to mitigate identified risks. The report will assist in guiding future investment decisions the business may undertake to enhance their cyber security maturity.
This service is powered by Fortian: A leader in cyber security, privacy and risk service.

The service takes 3.5 days (7.5 hrs/day) and is ideal for businesses willing to invest in enhancing their cyber security preparedness.

Service Delivery



This service is delivered in the following stages:


Stage 1:

2 days – Assessment of current cyber security posture via consultant-driven workshops


Stage 2:

1 day – Clarification, report and recommendations compilation and qualification with channel partner.


Stage 3:

0.5 day – Report presentation with customer.

Customer Responsibilities

  • Identification and contact details of key stakeholders (mandatory)


  • Availability of stakeholders for workshops (mandatory)


  • Contact with organisation to be remote (mandatory)


  • List of IT assets and associated system architectures (desirable)


  • List of main applications used by organisation (desirable)

Provider Responsibilities

Basic scope

Overview to gather context of the business

  • Key business assets: Information, technology and infrastructure
  • Areas of known business risk
  • Concerns of business: Drivers for undertaking a security review.

Interviews with key personnel


Report Preparation

  • Use of standard assessment tools.
  • Consultant review and outcome recommendations
  • Review and analysis of all responses
  • Overview of outcomes listed
  • Selection of recommendations.

REPORT PREPARATION

Executive overview of key outcomes of the review

Assessment/responses

  • Provide responses to issues raised
  • Summary of key areas of focus

Recommendations

  • List of recommendations
  • Priority actions to be undertaken by the business

Report presentation and Q&A (up to 1 hour)

  • In conjunction with channel partner, consultant to prepare report for customer
  • Consultant to present report to the customer
  • Consultant to discuss any questions or issues raised by the customer.


ADDITIONAL SERVICES

  • Identification of potential services from security review
  • Add on SKUs for additional services can be purchased if required (see SKUs below).


ASSUMPTIONS

  • Timely access (remote) to stakeholders (or delegates) as required to complete the engagement
  • All work will be completed remotely
  • This engagement is scheduled and performed during normal business hours.

ENGAGEMENT PLANNING AND MANAGEMENT

The following planning tasks will be performed:

  • Minimum lead time for scheduling is 10 business days
  • Additional fee for expedited scheduling of less than 10 business days will apply
  • Additional fee for onsite services, subject to geographic locations
  • Additional fee for services outside of business hours
  • Coordinate kickoff and close out calls
  • Create/distribute escalation and contact lists
  • End to end non-disclosure in place.


OUT OF SCOPE

  • Hands on technical services
  • Defined future state
  • Defined cyber strategy
  • Comprehensive assessment of controls outside of ASD Essential 8
  • Formal risk assessment.


ITEM(S) PROVIDED

Contact list for personal details and hours of availability
Requirements gathering:


  • Key IT assets: Infrastructure, cloud services, end user devices and any associated system documentation
  • Applications used by the customer.
  • Purchase order.


ADDITIONAL TERMS AND CONDITIONS
Any sale of services is subject to Planet’s standard Terms and Conditions of Sale or a Services Agreement as negotiated between the parties.


Planet ADD-ON EXTENSION SERVICES FOR CYBER SECURITY HEALTH CHECK
Additional remote 4-hour block during business hours ACS-CSHCS-REM4HR
Additional remote 4-hour block after business hours ACS-CSHCS-REM4AH
Additional remote 1-day block during business hours ACS-CSHCS-REM1DY

While no set of mitigation strategies are guaranteed to protect against all cyber threats, organisations are recommended to implement eight essential mitigation strategies from the ACSC’s Strategies to Mitigate Cyber Security Incidents as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems.


For more information - Click Here

Share by: