Flex Protection Logo

Streamlined Cybersecurity education, planning, assessment, monitoring, and testing

Risk Assistant: Your Private Cyber Risk Management Framework

The Simple, Powerful Weapon to Protect Your Data and Critical Assets

Show your management or clients that you are taking action to reduce cybersecurity risks, and to implement best practices.

Use your private cloud-based Risk Assistant tool to import common risks and add additional threats you may face. Deploy effective defensive measures to reduce and track overall risk. Use your personal dashboard to manage your exposure and your flexible preventative measures.

Start identifying, tracking and evaluating your risks, and taking counter-measures. Please complete the short form below.

View a short demo of the user-friendly Risk Assistant tool.

Poor security can be stressful.

Tracking Cyber Threats Can Be Exhausting

Users can work with confidence.

Risk Assistant Provides Peace of Mind

Example Risks from Risk Assistant Database

  • Social Engineering attacks
  • Shared passwords
  • Poor password management
  • Ransomware attacks
  • End-of-life system software
  • Invalid input in web application
  • Default Login and Password on devices
  • Unsecured IOT devices
  • User awareness training stale, forgotten
  • Improperly configured user accounts
  • Weak encryption
  • Buffer overflow
  • Non-updated machine as attack pivot point
  • Third party unmonitored network access
  • Unauthorized VPN access
  • Unauthorized RDP access
  • Improper certificate & key management
  • Post-incident weak or ineffective response

Defensive Measures from Risk Assistant Database

  • Documented, comprehensive Information Security Policy
  • Overall Risk Assessment by qualified third party
  • Current inventory of data stores: where, how accessed, how protected
  • Current inventory of hardware devices: data stored, how protected
  • Web Application vulnerability scan with ZAP or similar
  • Network vulnerability scan with NESSUS or similar
  • Airgap - physically separate critical data stores
  • Keep operating systems version current
  • Automated full or differential backups for server data
  • Validate all user input before using
  • Audit and correct default ID/Password on all devices
  • Inventory and Secure IOT devices
  • User awareness re-training
  • Audit and verify need for all accounts
  • Cipher Suite (protocol, length, hash)
  • Update all virtual/physical devices regularly
  • Formal certificate process, plan, issuer, intermediate, responsibility
  • Incident Response Plan

Flex Protection Logo

Copyright 2021 National Training Systems 16586 N Dale Mabry Hwy. Tampa FL 33618  --  Training provided by FlexTraining