WHAT IS A FISASCORE™?

The FISASCORE is the numeric value cumulative high-risk score assigned to your company based on the information security assessment report (FISA®). The score range indicates critical vulnerabilities, control strength inefficiencies, and applicable threats to the security of your company.

WHAT IS FISA™?

FISA is a proprietary assessment tool created by Evan Francen in collaboration with industry experts. FISA encompasses the ISO. IEC. COBIT5. CCS CSC. NERC and the NIST Cybersecurity Frameworks. These combined standards create a new baseline to measure Information Security best practice. In addition, FISA takes the subjective nature common among many industry assessments and makes them objective.

FISA is the comprehensive and expert assessment of your current security risks by licensed FISA security professionals. It assesses the likelihood and impact of a breach and measures the maturity your security program. This in-depth and high-level reporting allows recommendations to enable you to better your security posture in the most efficient way.

The FISA framework consists of a thorough evaluation of risks within each of four phases; Administrative Controls, Physical Controls, Internal Technical Controls, and External Technical Controls.
fisacontrols.png

WHO NEEDS A FISASCORE™?

The short answer is all businesses but small to medium sized organizations in particular are vulnerable. According to governmental agencies, there were 28.8 million small businesses in the United States, of which 25% (or 5.8 million) have paid employees by comparison there are more than 18,600 large businesses. The latest Symantec Internet Security Treat Report (ISTR) indicates that 1 in 40 small businesses are at risk of cyber-attack and that seems to pale in comparison to the 1 in about every 2 large businesses which are targeted every year and multiple times with a cyber-attack. However, the ISTR shows that hackers are indiscriminately choosing victims regardless of company size and what motivates them is businesses revenue.

WHY IS A FISASCORE™ IMPORTANT?

A FISAScore allows businesses and organizations to know and understand how they are vulnerable and how they compare with peers within similar industries. The FISAScore is constantly calibrated to the latest security threats used by attackers with controls designed to medicate those threats and protect data from unauthorized access, disclosure, distribution and destruction.

WHY IS USING THE FISA™ FRAMEWORK IMPORTANT?

Since 2016, the FISA framework has been used by licensed practitioners to identify the unknown vulnerabilities of businesses and organizations as well as provide road mapping to systematically address discovered weakness. This assists clients in determining new budgetary outlay for future IT and information security expenditures as well as improve the information security posture of the organizations in an expedient manner.


Cited:
https://www.sba.gov/sites/default/files/advocacy/SB-FAQ-2016_WEB.pdf,
https://smallbiztrends.com/2016/04/cyber-attacks-target-small-business.html
fisa1.png