Trustees Board asked Elliott Davis to help answer: “How can we reduce our risk and exposure as it relates to cybersecurity across each of our campuses and the Office of the President?”
Context
University Office of President requested a holistic view of the entire university cybersecurity posture (six independent campuses and the President’s office). They expressed a desire to have reports feed current university heat map management report.
Our Approach
- Profiled current state of technical and business/management capabilities
- Leveraged weighted and scoring methodology of CIS Critical Security Controls framework
- Delivered heat map based on algorithm of weighted categories by importance and maturity across all campuses
- Provided Plan of Action and Milestones (POA&M) to track risk mitigation activities and remediating security gaps
- Identified areas that can be jointly addressed with system-wide solutions
Customer Results
- Identified areas of risk that could lead to exposure
- Suggested remediation steps of security gaps to protect all campuses and Office of the President
- Enabled leveraging of one report (heat map) to monitor possible areas of risk on a regular basis
- Developed understanding of current cyber risks associated with cyber-attacks, data breaches, and other internal and external threats
We Can Help
For more information on this and other topics, contact a member of our team.
The information provided in this communication is of a general nature and should not be considered professional advice. You should not act upon the information provided without obtaining specific professional advice. The information above is subject to change.
“Elliott Davis" is the brand name under which Elliott Davis, LLC (doing business in North Carolina and D.C. as Elliott Davis, PLLC) and Elliott Davis Advisory, LLC and its subsidiary entities provide professional services. Elliott Davis, LLC and Elliott Davis Advisory, LLC and its subsidiary entities practice as an alternative practice structure in accordance with the AICPA Code of Professional Conduct and applicable law, regulations and professional standards. Elliott Davis, LLC is a licensed independent CPA firm that provides attest services to its customers. Elliott Davis Advisory, LLC and its subsidiary entities provide tax and business consulting services to their customers. Elliott Davis Advisory, LLC and its subsidiary entities are not licensed CPA firms. The entities falling under the Elliott Davis brand are each individual firms that are separate legal and independently owned entities and are not responsible or liable for the services and/or products provided by any other entity providing services and/or products under the Elliott Davis brand. Our use of the terms “our firm” and “we” and “us” and terms of similar import, denote the alternative practice structure conducted by Elliott Davis, LLC and Elliott Davis Advisory, LLC.