Flex Protection Logo

Streamlined Cybersecurity education, planning, assessment, monitoring, and testing

Risk Assistant: Your Private Cyber Risk Management Framework

The Simple, Powerful Weapon to Protect Your Data and Critical Assets

Show your management or clients that you are taking action to reduce cybersecurity risks, and to implement best practices.

Use your private cloud-based Risk Assistant tool to import common risks and add additional threats you may face. Deploy effective defensive measures to reduce and track overall risk. Use your personal dashboard to manage your exposure and your flexible preventative measures.

Start identifying, tracking and evaluating your risks, and taking counter-measues. Please complete the short form below.

View a short demo of the user-friendly Risk Assistant tool.

Poor security can be stressful.

Tracking Cyber Threats Can Be Exhausting

Users can work with confidence.

Risk Assistant Provides Peace of Mind

Example Risks from Risk Assistant Database

  • Social Engineering attacks
  • Shared passwords
  • Poor password management
  • Ransomware attacks
  • End-of-life system software
  • Invalid input in web application
  • Default Login and Password on devices
  • Unsecured IOT devices
  • User awareness training stale, forgotten
  • Improperly configured user accounts
  • Weak encryption
  • Buffer overflow
  • Non-updated machine as attack pivot point
  • Third party unmonitored network access
  • Unauthorized VPN access
  • Unauthorized RDP access
  • Improper certificate & key management
  • Post-incident weak or ineffective response

Defensive Measures from Risk Assistant Database

  • Documented, comprehensive Information Security Policy
  • Overall Risk Assessment by qualified third party
  • Current inventory of data stores: where, how accessed, how protected
  • Current inventory of hardware devices: data stored, how protected
  • Web Application vulnerability scan with ZAP or similar
  • Network vulnerability scan with NESSUS or similar
  • Airgap - physically separate critical data stores
  • Keep operating systems version current
  • Automated full or differential backups for server data
  • Validate all user input before using
  • Audit and correct default ID/Password on all devices
  • Inventory and Secure IOT devices
  • User awareness re-training
  • Audit and verify need for all accounts
  • Cipher Suite (protocol, length, hash)
  • Update all virtual/physical devices regularly
  • Formal certificate process, plan, issuer, intermediate, responsibility
  • Incident Response Plan

Our Partners: Related Services You May Need

Cyber Insurance
Cyber Insurance helps cover the costs associated with cyber attacks and data breaches. However, many Cyber policies don’t cover Ransomware demands, Denial of Service attacks, and regulatory fines resulting from a breach. Companies concerned about the rising threats of cyber crime need to be careful when selecting a Cyber Insurance provider. A lack of standardization makes the choice even more difficult.
We don't sell Cyber insurance. But our friends at Embroker offer excellent Cyber Insurance policies and a web site full of important information on the topic.

Pleae visit Embroker.com to learn more.
Network Monitoring
A remote network monitoring service would include Intrusion Detection Software (IDS) or Intrusion Prevention Software (IPS) that notifies the monitoring company of an incident. It may be a cyber attack or an anomaly that warrants attention. Network monitoring would include a Help Desk and a NOC that operates on a 24-hour basis.
We don't offer a network monitoring service. But we do have the ability to discuss your network applications and technology, and to help you decide what kind of solution is the best match for your budget and operations.

Let Us Assist You
Advanced Technical and Cybersecurity Training
Online and in-person training is available on a wide range of technical topics, often related to information security. Many available courses are intended for IT professionals, and prepare learners for industry certifications such as "Certified Ethical Hacker". Other courses are aimed at end users and managers, and cover a wide array of topics, typically less technical than the IT certification courses.
We offer end-user "Security Awareness Training" - valuable online courses designed to prevent your users from making a mistake that could be costly. We do not offer the highly-technical training intended to prepare learners for an industry certification in data security. However, our partners at Global Knowledge offer an array of high-quality education on many technical subjects. They deliver in-person and online training for companies of all sizes.

Please visit GlobalKnowledge.com to see their vast catalog.

Flex Protection Logo

Copyright 2021 National Training Systems 16586 N Dale Mabry Hwy. Tampa FL 33618  --  Training provided by FlexTraining