top of page

CYBER RISK

AdobeStock_372564896.jpeg

Smith’s Cyber Gradings is proud to help ensure protection for America’s Municipalities and Critical Infrastructure Assets.

 

Founded in 2015, Smith’s Cyber Gradings offers seasoned maturity with decades of experience and tip of the spear threat deterrence. Our team is lead by Terence Smith, founder, and Hans Holmer, CISO and 25 year veteran of the Central Intelligence Agency (CIA).

 

Our engagements are left of boom (assessments of known vulnerabilities), right of boom (after attack risk remediation) and, of course, during the boom.

 

There are two types of organizations: those that have been hacked and those that don’t know they have been hacked.

  

The research says, almost all breaches could have been prevented with simple countermeasures. According to the US-CERT the four critical (and simple) preventive measures are fully patched operating systems, fully patched applications, the use of white lists and rigorous access controls for users and administrators.  While this will not prevent every intruder, it will likely prevent 85% of breaches and it is possible to measure how well these preventive measures are applied in a manner that is repeatable and predictive.  Organizations that do not score very highly on these preventive measures will be more vulnerable to unsophisticated hackers and also will not be able to prevent sophisticated hacks.

​

Regardless of whether the sector is healthcare, utilities, power generation, public transportation or banking, the chances of a breach is primarily correlated with the security posture of the organization and no organization can succeed at effective security if it doesn't execute the above mitigations with excellence in a repeatable manner.  Because the correlation between organizational behaviors and cyber risk is so high, the measurements of cybersecurity excellence can be used to directly predict cyber risk.

​

All Source Capabilities

  • Certified Experts in Cyber Investigations

  • Certified Cyber Intelligence Professionals

  • A-Z Cyber Counterintelligence

  • Digital and Mobile Forensic Analysis

  • eCommerce Fraud Investigations

  • Cyber Warfare

  • Advanced Social Media Intelligence Gathering

  • Qualified Cyber Counterintelligence Threat Investigators

  • Qualified Forensic HiTech Investigators

  • Cyber Human Trafficking Investigations

  • Qualified Work Place Violence and Threat Specialists

bottom of page