Cybersecurity Assessment Engagement - 4 weeks

Grant Thornton LLP

Enhance Your Cloud Security Posture with Grant Thornton’s Cybersecurity Assessment

In today’s complex landscape, organizations grapple with security threats originating from various sources. Balancing compliance with industry and regulations while collaborating with internal and external stakeholders is crucial. To bolster your security posture, consider scheduling a Cybersecurity Assessment with Grant Thornton.

Our experts will work closely with you to create a tailored strategic plan. By aligning with industry benchmarks, you’ll gain insights into your current security status. Additionally, we’ll provide guidance on remediating vulnerabilities and fortifying your long-term security posture.

Engagement Overview:

The Cybersecurity Assessment Engagement is designed to evaluate a customer’s cybersecurity posture and reduce their risk exposure by using Microsoft Security products. During this engagement, we will help the customer assess their production environment for vulnerabilities and risks, leveraging the following Microsoft Security products:

  • Microsoft Defender Vulnerability Management
  • Microsoft Secure Score
  • Microsoft Purview Information Protection Content Explorer
  • Microsoft Purview Insider Risk Management Analytics
  • Additionally, an optional Cloud Application discovery using Microsoft Defender for Cloud is available.

Engagement Approach:

The following activities will be performed during the assessment:

  • Engagement Setup
  • Scope Definition – Define and finalize engagement scope
  • Change Management - Customer to raise change management requests for environment configuration and updates
  • Environment Configuration – Configuration of the Microsoft 365, Microsoft Defender, and Microsoft Purview environments
  • Data Collection
  • Data is automatically collected by the various tools over a 1 - 2 week time period for analysis
  • Exploration
  • Vulnerability Review – Review vulnerabilities in the cloud environment and infrastructure assets identified through the Microsoft Secure score and Microsoft Defender Vulnerability Management
  • Data Security Risks – Analyze sensitive data present within the customer’s environment and identify potential insider risk
  • [Optional] Cloud App Usage – Discover what apps are being used by users within the customer’s environment

Engagement Deliverables:

During this engagement, we will partner with you to strengthen your organization's security posture and help you better prioritize identified vulnerabilities:

  • Analysis of your goals and objectives for managed detection and response
  • An overview of your existing environment, MDR technology implementation, and Microsoft products utilization
  • Best practices and standards-aligned to your technical and business operations
  • Identify Microsoft capabilities that can be leveraged to increase the value of resources you currently have.
  • Actionable recommendations to help mitigate the identified threats and discovered vulnerabilities.
  • The next steps for getting started or building out your capabilities.

Why Grant Thornton?

Experience and expertise with the implementation and operation of Microsoft technologies for numerous programs including, but not limited to Microsoft Defender, Sentinel, Entra ID, Purview, and Intune.

  • Our deeply qualified teams bring the right mix of technical expertise and operational acumen to align your Microsoft investment with your overall program goals and objectives.
  • Our team members are comprised exclusively of Microsoft certified Engineers and Analysts dedicated to providing implementation and monitoring services support to our customers for Microsoft’s entire product suite.
  • Our services and recommendations are based on lessons learned in the field performing this work, not theories. Our integration and monitoring services experience guide success by avoiding items that sound good but don’t work and the reason why.
  • Purpose built content and models to align implementations to leading risk areas such as insider threat, cyber fraud, and cyber operations automation.