#set text(font: "Calibri", size: 14pt) #align(horizon)[ #align( center, block( inset: 10pt, width: 100%, stroke: blue + 1pt, fill: rgb(0, 149, 255, 15%), radius: 4pt, text( rgb(0, 149, 255), size: 1.5em, [= Orion Technologies\ Cybersecurity Assessment], ), ), ) _Audit your cybersecurity stance to enhance security, improve compliance, and manage risks throughout your organization_ == Why undertake an assessment? - Build a clear picture of cybersecurity rirks to your organization - Enhance current security posture against any potential threats - Increase compliance with federal and industry requirements - Improve your organization's relisiency in the face of any cyber incidents == Jump In The Orion Technologies Security assessment provides an approach based on industry best practice and federal guidelines to enhance your organizations' security through our four identified security functions: Identify, Protect, Detect, and Respond & Recover. After an analysis of any existing policies and security programs you may have in place, we'll develop a new security policy in line with your needs and resources. We'll evaluate user account management, user training, responding to incidents, and more. == Our Model Our model focuses on practical applications for small businesses based on best practices from NISTIR 7621 honed by our industry experience. We evaluate four core security functions applicable to all small businesses as shown in the diagram below. Our model is intended to be reliable and cost effective for you to employ. == Why Orion Technologies We have deep experience with small business cybersecurity threats and the ecosystem around them. We understand that not all small businesses may be able to dedicate large amounts of resources to cybersecurity. Orion Technologies focuses on the here and now, what is practical, we ensure small businesses are prepared for handling the current and future cyber threats that they may face. ] #pagebreak() #align(horizon)[ == Overview #block( inset: 5pt, stroke: blue + .3pt, fill: rgb(0, 149, 255, 15%), radius: 4pt, )[ First we'll start by agreeing on the scope of your new policies. We want what your organization's resources can reasonably support, practical is best. After, we'll begin by reviewing any existing security policies and practices your organization may have in place. During this process we'll focus on our checklist, looking for anything out of compliance. Our primary goal is identifying security holes within your organization and determining what is in scope for your needs. Once your existing policies and stance isk nown, we'll begin a proper audit, checking your organization for anything missed during the policy review. When finished, we'll reporty back to you with any identified problems and discuss remediation plans to improve your security stance. Next, we'll work with you to begin implementation of the new framework as well as remediating problems found during our audit. Finally, we'll create comprehensive documentation and give final recommendations to assist you w ] = Goals - *Tailor a new set of Cybersecurity Policies*. After the audit, we'll work with you to build a new framework in line with NISTIR 7621 to improve your top level understanding of your security stance. - *Audit*. We'll help you go through and understand your organization's current cybersecurity stance. We'll identify problem areas and create remediation plans to enahance security and reduce risk in line with your objectives. - *Implement the Policies.* Once you're ready, we'll assist in implenting the new framework, ensuring all items identified in the audit are remediated according to plan. - *Document*. After implentation, we'll help you create detailed documentation around your new policies for future assessments and security policy updates. ]