Security Assessment

Based on CIS controls

Your security matters
0 %

of IT managers say malware threats are harder to stop compared to last year

0 %

of SMB’s go out of business within 6 months of a data breach or security attack

0 %

of SMB’s have experienced a data breach or security attack

— Your Security matters —
0 %

of IT managers say malware threats are harder to stop compared to last year

0 %

of SMB’s go out of business within 6 months of a data breach or security attack

0 %

of SMB’s have experienced a data breach or security attack


Why do you need a security assessment?

No matter how much you spend on cybersecurity, if you don’t understand and target your vulnerabilities, you won’t have the protection you’re looking for. An effective security strategy starts with – and revolves around – security assessment.

An assessment enables organizations to identify areas of weakness, make informed decisions on potential threats, align on security priorities, and measure the impacts of remediation actions they take. 

To structure and guide this process, most cybersecurity assessments follow a framework – such as Center of Internet Security (CIS). Frameworks can be highly effective because they provide a system for quantifying performance, measure progress over time and demonstrate compliance. They also provide common language and a set of defined standards that help stakeholders understand security risk and align on cybersecurity goals for the business.


Inform your security strategy

Truly understand your vulnerabilities and find out precisely when, where, and how to improve your security. We follow the globally recognized Center of Information Security (CIS) framework to evaluate your security. Our assessment focuses on providing the information needed to guide and drive your overall security strategy and budget. We will educate and help align your stakeholders on your organization’s security goals. Our security experts provide a comprehensive assessment and a ready-to-action roadmap for building your security posture.


Partner with the security experts at Able One

Comprehensive analysis

Get the full picture of your security – unlike what other security providers offer. The CIS framework involves 18 categories (called controls) of business security, covering everything from how your network is segmented to the recency of software updates to data protection capabilities to incident response preparedness. We take the time to evaluate your security practices against a number of criteria in each of these categories to give you a holistic view of your security.

Actionable strategic plan

When trying to drive the adoption and execution of a security program, the most difficult challenge businesses face is determining how to most effectively allocate their budget and measure the effectiveness of their investment. That’s why our assessment goes beyond descriptive analysis and provides a prescriptive, ready to implement security business plan that follows our proven results-driven methodology.

Security expertise

Our assessments are overseen by an internationally revered Chief Information Security Officer and are led by certified Canadian security professionals each with over 10 years of experience. Our team brings a wealth of knowledge and experience in mitigating the current threat landscape and securing Canadian businesses of all sizes.


Minimal disruption, incredible insights

Step 1

We begin by meeting with your stakeholders to review the CIS framework as a guide for both this process and your overall strategy.

Step 2

We conduct an initial information gathering covering policies, processes, previous security assessments, and other relevant information. To fill any gaps, we prepare and conduct interviews with appropriate resources.

Step 3

Our security experts analyze the information against the CIS framework to measure performance and identify issues.

Step 4

We present our findings and consult with you on how to prioritize next steps and optimize your security budget.


Completed within 2-3 weeks

What we look at

  • Inventory and control of assets and software
  • Configuration of assets and software
  • Data protection
  • Account management
  • Access control management
  • Ongoing vulnerability management
  • Email and web browser protections
  • Malware defenses
  • Data recovery
  • Network infrastructure management, monitoring and defense
  • Security awareness and skills training
  • Service provider management
  • Application software security
  • Incident response management

What we deliver

  • Gap Summary: Executive summary including a list of identified gaps and prioritized recommendations
  • Assessment Results: This detailed document outlines our findings and evaluation of performance against the CIS framework
  • Security Strategy and Roadmap Proposal: Based on the findings of the assessment, we prepare a prioritized, project-based roadmap to remediation. This includes an implementation plan detailing action lists, estimated costs, ranking of priority, and recommended tools/technologies where appropriate
Able One Cybersecurity insurance Blog

Cyber Insurance: I’ve got it but do you?

Cyber-attacks are becoming more pervasive and more successful, causing many organizations to turn to cyber insurance. Check out this article to learn more.

Read more →
Cybersecurity crisis Webinar

Cybersecurity advice during the current Russia-Ukraine crisis

In this webinar hear from security experts how the threat landscape has changed and how best to respond to keep your business protected.

Read more →
cyberattack Webinar

Hafnium Attack: Am I impacted? What should I do?

Learn the critical things you need to know about the Hafnium attack, including how to identify if you have been exposed and get access to helpful resources.

Read more →

Talk to our team of security experts