top of page

Cyber Assessments

CSS Cyber Assessment®

Assessing and identifying cyber vulnerabilities in your organization is an essential first, and ongoing process. This includes an analysis of external and internal threats. Cyber Security Service (CSS) has developed a

computer-based process that assesses cyber risk, and exposures specific for your organization. Based on your organizations responses to a cyber risk questionnaire, your organization will receive:

1) CSS Cyber Assessment® with CSS Risk-Ratings® and recommendations for mitigating cyber risk and exposures.

2) CSS Cyber Risk Management Outline Plan® based on your organizational specific CSS Cyber Assessment. 

3) CSS Cyber Assessment Certificate® of Completion documenting completion of the process for your records. 



Organizations with effective cyber risk management programs can more effectively protect their digital assets against external and insider threats that cause fraud, theft of intellectual property, and IT sabotage. The federal government has identified security requirements to comply with Insider Threat EO 13587 including assessments. Insurance carriers recognize the importance of independent assessments and have provided premium credits, and cost sharing opportunities for organizations participating in risk assessments.  


Organizational and Infrastructure Cyber Risk Assessment®

Insider Risk Cyber Assessment®


CSS Cyber Assessment® evaluates 15 cyber exposures categories for your organization based on your market segment, and cyber security program recommendations. The assessment helps your organizations gain a better understanding of cyber threats, and identifies recommendations to help manage potential risks. The assessment evaluates the organization knowledge of cyber exposures, policies, programs, and 

organizational and practice management efforts.

Benefiting Organizations

  • Banking and financial institutions

  • Healthcare 

  • Energy

  • Retail

  • Design and Construction

  • Technology

  • Critical Infrastructure

  • State/Government Departments & Agencies

  • Consultants & Contractors

  • Commercial Facilities 

  • Others




Security professionals state insiders are the biggest threat to data security.  An insider threat can be a current or former employee, contractor, or other business partner.  If you are a consultant, contractor, to the U.S. federal government, there are minimum standards you may have to comply with regarding Insider Threat Executive Order 13587. Minimum standards, including conducting annual assessments for those that operate or have access to potentially sensitive or classified information and computer networks. 

CSS Cyber Assessment® can help satisfy those requirements but also assessing organizational policies, programs and management practices to help resist attacks on networked systems, limit damage, and to ensure continuity of services.


Benefiting Organizations​ - Entities contracting, working with the federal government such as:

  • Consultants & Contractors 

  • Design and Construction

  • Technology Firms

  • Commercial Entities

  • Critical Infrastructure 



                Sub Categories - Organizational and Infrastructure Cyber Risk Assessments®

  • Cyber Policies and Digital Assets Cyber Risk Assessment - Analysis of cyber policies and digital assets practices

  • Employee Hiring, Monitoring and Cyber Training Cyber Risk Assessment - Analysis of hiring and employee monitoring program and cyber security training efforts

  • Monitoring Work Environment and Terminations Cyber Risk Assessment - Analysis of managing the work environment and termination and departure practices

  • Network Monitoring, Backup and Recovery Cyber Risk Assessment - Analysis of network monitoring, backup and recovery processes  

bottom of page