FireEye announced new Cyber Risk Management Services from Mandiant. Mandiant Cyber Risk Management Services are designed to address critical business and security requirements to equip executives, boards of directors, and security and cross-functional leaders with risk-based data and advice to build effective and balanced security programs.
“When developing a corporate security strategy and program, it is imperative to identify the areas and assets with the highest business value and those with the most significant threats and vulnerabilities. Mandiant Cyber Risk Management Services are designed to balance business and technical considerations and provide executives with risk-based decision support,” said Jurgen Kutscher, Executive Vice President, Service Delivery, Mandiant Consulting. “Mandiant brings unparalleled frontline expertise and analysis to help business leaders focus on running their businesses more securely by prioritizing their security investments to maximize risk reduction.”
The Cyber Risk Management Services offering incorporates Mandiant threat intelligence, incident response data, and proven risk methodologies to help organizations shine a light on where harmful risk exists. This allows business and security leaders to shift from a reactive security approach to a risk-based, informed program for better decision-making and critical asset protection.
Structured as building blocks that work independently and collectively, Mandiant Cyber Risk Management Services include:
Security program assessment – evaluate existing capabilities and maturity, coupled with an actionable improvement roadmap focused on the areas with the highest risk based on Mandiant’s frontline expertise.
Crown jewels assessment – identify critical assets to shift security efforts and prioritize investment on the assets that matter most.
Cyber due diligence – surface and manage inherited cyber risks outside of an organization’s control like those found in supply chain, third-party vendors, or during corporate acquisitions and divestment.
Cyber risk operations – design and operationalize risk programs that leverage threat intelligence and frontline experience to determine custom risk profiles and tolerances, including how to best invest in security capabilities.
Threat and vulnerability management – build and improve the capability to identify and manage specific threats with significant technology impact and vulnerability if left exposed.
Threat modeling – uncover unknown risks in both current and future state for improved planning.