Vulnerability Assessment Services for District

Project Description

As part of the District’s IT plan, DDSD requested that SDI run a network vulnerability assessment. The District wanted everything except their SCADA network tested.

Client Objectives

The IT Manager wanted to determine the vulnerabilities in the DDSD network. Due to a small team, patching and proper network segmentation had not been done.

Services Delivered

SDI and one of its partners delivered services that include:

• A thorough network assessment using nMAP, Nessus, and Nipper to discover vulnerabilities
• Review of policies and procedures with recommendations for improvement
• Assessment of the District’s information security (InfoSec) program using the 20 Critical Security Controls recommended by SANS
• Assessments for mobile device security and data-loss prevention

Project Results

SDI produced an assessment report that included an organizational score indicating the organization’s cyber maturity and a list of vulnerabilities that should be remediated.  The report also included recommendations to remediate the vulnerabilities and improve the District’s cyber maturity.