CYBERCOMMANDER
OMNICOMMANDER’s approach to cybersecurity is simple yet effective. Our team focuses on the areas that hackers target most. Instead of trying to create problems your credit union doesn’t have, in order to sell you additional tools, we focus on the key areas of risk management, vulnerability scanning, penetration testing, and security preparedness.
IT RISK ASSESSMENT
The FFIEC Cybersecurity Assessment Tool (CAT) is a diagnostic test that helps institutions identify their risk level and determine the maturity of their cybersecurity programs. This assessment measures risk levels across several categories, including delivery channels, connection types, external threats, and organizational characteristics. Ultimately, the results allow management to make risk-driven security management decisions through regular cybersecurity assessments using standardized criteria for risk measurement.
The FFIEC Cybersecurity Assessment Tool measures both the security risk present in an institution and the institution's preparedness to mitigate that risk.
IT AUDITS
Have you tested the technology controls you have in place to protect your member data and systems? An IT Audit should be more than just a checkbox exercise. Poor attention to IT security controls can impact the integrity of your systems and sensitive member data. We provide a comprehensive assessment of your physical, technical, and network security controls against industry regulations and generate an easy-to-read report with actionable steps ready for your board's approval.
PENETRATION TESTING
A penetration test is a simulated attack against the outside of your network to check for exploitable vulnerabilities. One of the most common methods that cybercriminals use to gain access to an organization is finding an open port such as those used for remote desktop. If you have a third party that manages your computer systems and they use remote desktop, you could be at risk. We use industry-recognized tools to test your network defenses and give you actionable advice on how to secure them in a very easy-to-understand way.
VULNERABILITY ASSESSMENT
Do you know every system that is connected to your network? What about applications that are at the end of life and are no longer supported or updated? Finally, are you still using default passwords on any of your systems? A vulnerability assessment will scan every network-connected device and determine where any potential vulnerabilities exist inside your network.
SOCIAL ENGINEERING ASSESSMENT
Phishing is the number one method that criminals use to gain unauthorized access to organizations. With our phishing test services, we will send simulation emails that are very similar to what the attackers use. If one of your team members clicks on the link, they will receive teachable in-the-moment training.
Emails will appear to be common themes such as free gift cards, package delivery notifications, verification of loan approvals, etc.
If an employee of the credit union clicks on a test, they will receive immediate in-the-moment training that highlights areas they should be alert to in the future.
Upon completion, you will receive a report listing the overall score and a breakdown of any failed tests.
VIRTUAL CISO SERVICES
What is a Virtual CISO? We understand that finding skilled information security professionals can be difficult and expensive. With virtual CISO services, you have access to a Certified Information Systems Security Professional (CISSP) who will act in an advisory capacity. Whether you are looking to change core systems, upgrade your desktops, draft or update your existing policies or incident response plan, add wireless internet or respond to a recent audit, our CISO will come alongside and work through these projects with you from start to finish.
