Recent Post

What is a Security Risk Assessment?

    I want to talk to you today about what is a security risk assessment and why every business owner needs to have one. So, what is a security risk assessment? It’s also referred to as an SRA in the acronym world. Ultimately, a security risk assessment is a baseline of where your company sits as it relates to its security posture.

    We are seeing more and more of this as the world and as the insurance companies are waking up they’re realizing that cybercrime if it were a world economy, would be third. It’d be the US, China, then cybercrime. So big money. A security risk assessment is the most cost-effective way to know where you sit so that you can most effectively spend your money to prevent that crime.

    As I’m getting more and more certified with what’s called the CMMC with the Department of Defense,  I am seeing that they’re taking what they call the crawl walk run approach. The reality is nobody’s saying this, probably from a managed service provider and IT provider guy, but it’s ultimately going to cost more to secure your network. There’s just no shortcut around it. And with that crawl walk run, the crawling. The first part of crawling is understanding where your data is, how you have it secured, and what measures you have in place, according to some pretty basic templates that are provided by the National Institute of Standards and Technology.

    All tech stuff, right? But not that hard to follow from a business perspective. So you get the security risk assessment, and you see where your gaps are. It ranks high, medium, and low. And of course, you want to focus on securing the ones that are the highest. Without this, what happens is people get all over the board with their approach to security. They wind up spending money very ineffectively, and they never know how to grab a hold and just get it done because they don’t see it in its entirety.

    That is what a security risk assessment will give you, is a snapshot in time to see your security posture in its entirety so that you can begin to start road mapping to get yourself secure. If you have more questions, I’m always here to help. I hope you’re having a great, Safe week.

More Questions? Book Your Discovery Meeting



Phillip Long, CEO of BIS - Managed IT Services Provider


Phillip Long – CISSP, CEO of , along with his team of marketing and information technology experts, will walk you through an overview of what your business should be doing to protect your data and plan your digital marketing strategies.



You may reach out to us at:
Phone: 251-405-2555