NEQ leverages the Framework of Risk Management and Analysis (FoRMA) methodology (developed by Cybernetix Technologies) to acutely measure the level of risk and effectiveness of the mitigating controls in your enterprise environment. The layers of your IT stack are analyzed:
The protector (Blue Team) and hacker (Red Team) strategies are used to examine the key strengths and critical weaknesses through a 4 phase life-cycle approach:
Using the FoRMA methodology results in a comprehensive review of your IT Security infrastructure and a set of valuable recommendations to address any critical control gaps.
The Framework of Risk Management and Analysis (FoRMA) Methodology begins with the identification of your key assets within the layers of your IT stack that support the business.
For each of the Control Implementation Phases, the risks are analyzed and existing and potential controls are compared to determine the acceptable level of Risk Mitigation. This may require up to four layers of control types; Awareness, Protection, Detection and Assurance.
The result is captured in a custom FoRMA report which delivers the strengths, weaknesses, gaps, and recommendations, suitable for technical and executive audiences.
For more info, see our services page
Even with a fully documented and tested IT control framework that addresses governance, risk and compliance, you may not know the complete health of your security. NEQ can assess your Information Security Program to ensure that it fits your business goals, and you will know the gaps that need to be addressed in your processes, policies, and verified by third party testing.
We accomplish this by using the FoRMA Risk Management model and focus on four critical areas of your security:
Together these areas should be providing you with the necessary protection and detection to maintain the health of your business, and should be included in your Information Security Program.
For more info, see our services page
yoLo
