HESS – Cyber Services from ASMGi
ASMGi offers HESS members the full spectrum of cyber solutions for higher education institutions with a focus on cost savings and solving business issues.
ASMGi Cyber Services for Higher Education Systems & Services Consortium (HESS)
ASMGi provide HESS members a robust set of services for the best value available for Cyber Security solutions. ASMGi can help HESS member schools plan, manage, and execute cyber initiatives. This includes it is designing /architecting, implementing, or operating your cyber solution.
Outside expertise can be cost prohibitive, so many Institutions put it on themselves to do the work, missing out on the collaboration, industry insights and wisdom of the outside experts.
ASMGi introduction for Higher Ed
ASMGi Portfolio for HESS
vCISO and IT / Governance, Risk and Compliance (GRC) Consulting Services
ASMGi ONEteam vCISO Service is designed for organizations who either don’t have a CISO or don’t have capacity to perform certain tasks that would normally be accomplished by a CISO or resource with comparable expertise.
Compliance-Based Risk Assessments
Many Universities do not have the budget to perform multiple assessment each year. ASMGi believes that the best approach is to perform one assessment per year that meets your compliance requirements.
Security and Penetration Testing
The goal of a penetration test is to identify and verify the vulnerabilities in your environment that can be exploited by an attacker and effectively communicate the findings and recommendations in a way that makes the remediation process as efficient as possible.
Third-Party Risk Management (TPRM)
Vendor Risk (Third-Party Risk) has become a priority for managing your own risk. Most Institutions don’t have the means or capacity to evaluate the risk of their vendors. TPRM is designed to fully understand the risks imposed by your third parties, and demonstrate that you are performing proper risk assessments.
Cyber Operations – MDR/MSOC plus
Our ONEteam MDR/MSOC plus Service utilizes advanced analytics, automation, risk-based vulnerability management and our team of highly experienced security experts to provide an end-to-end threat management and response strategy.
vCISO and IT / Governance, Risk and Compliance (GRC) Consulting Services
Many of the cyber journeys you take can be made more smoothly with the help of our experts. The vCISO suite of services, include any mix of senior resources required to achieve your goals. This may include CISO, Solution Architect, GRC Consultant, IT Engineer / Consultant, Project/Program Manager or any other single or combination of senior level resources.
Compliance-Based Risk Assessments
Security and Penetration Testing
ASMGi performs a variety of penetration tests for compliance as well as best-practice. The actual requirements for each penetration test are defined during scoping of the engagement and may include:
- Application Security Testing (DAST, SAST, SCA, APT)
- Vulnerability Scans (Internal, External)
- Infrastructure Penetration Test (Internal External)
- Wireless Penetration Test (Internal, External)
- Social Engineering and Testing
- Physical Security / Penetration Test
- Dark Web Monitoring
- Social Engineering Exercise(s)
- Phishing and Security Awareness Training
Third-Party Risk Management (TPRM)
ASMGi has a robust service that focuses exclusively on Third-Party Risk. Our platform includes the HECVAT Full and HECVAT Lite assessment forms, built in. Our ONEteam TPRM Service is structured to include just the parts you need – TPRM Program development, the Vendor Risk Management (VRM) platform, Data Collection (asking Vendors to complete the HECVAT questionnaire), Vendor Assessment, Reporting and Continuous Monitoring.
Cyber Operations – MDR/MSOC plus
ASMGi’s MDR/MSOC plus Program is designed to offer you the benefits of Managed Detect and Respond, and Managed SOC Services, plus Incident Response, Forensics and Risk-Based Vulnerability Management (RBVM). This includes:
- Security Operations Centers (SOCs)
- Managed Detect and Response (MDR)
- Managed Risk Services
- Managed Cloud Monitoring
- Cyber Incident Response / Forensics / Table-Top
- Risk-Based Vulnerability Management
Our MSOC-MDR Service utilizes advanced analytics, automation, risk-based vulnerability management and our team of highly experienced security experts to provide an end-to-end threat management and response strategy.
Additional Cyber Security Services available from ASMGi for HESS
- Breach Attack Simulation (BAS) – Breach Attack Simulation (BAS) is used to help you prioritize security initiatives, validate controls, operationalize the MITRE ATT&CK Framework, and integrate with valuable Threat Intelligence.
- Phishing and Security Awareness Training – Social Engineering, and especially email borne attacks such as phishing remain one of the most common attack vectors in all industries. With Higher Ed enabling remote learning and workforce solutions, it has even increased. It is paramount for Institutes to train their employees on the security practices and how best to know what to look for. ASMGi’s Security Awareness Training and Simulated Phishing services include the platform, if needed, and all the services to deliver training and simulated phishing exercises across your organization.
- Malware – Incident Response, EDR, Site License – Leverage best-in-class Malware software / tools and even let us do the clean up for you! We can offer packages with just Malware tools and services or include this in our MDR/MSOC package with Incident Response / Remediation. We have flexible packages that will enable you with EDR, Malware Remediation / Incident Response and several other features/functionalities available via site license.
How Do Colleges and Universities Develop A Cyber Strategy?
(On-Demand Webinar)
MDR / MSOC The Foundation of Your Cybersecurity Arsenal
(On-Demand Webinar)
Managing Third Party Risk And Innovation
(On-Demand Webinar and Workshop)
Prioritize Patching with Risk Based Vulnerability Management
(On-Demand Webinar and Workshop)