Know where to focus your risk management efforts with Trava's assessments and surveys.
In order to manage cyber risk, businesses must first understand their security posture.
Watch as Trava Director of Engineering Josh Hurst gives a live demo of Trava’s risk assessment surveys based on the NIST framework.
Learn more about the NIST risk management framework in our blog.
To manage cyber risk, businesses of all sizes must first understand their security posture. In our video, Trava Director of Engineering Josh Hurst offers a live demo illustrating what a vulnerability risk assessment survey looks like and how businesses can utilize it.
How Does Our Cyber Risk Assessment Survey Work?
Trava’s assessment in the video is based on the NIST framework. Our surveys aren’t designed to “reinvent the wheel” but rather to work with existing industry frameworks, which is something our customers often prefer. The survey, for our example, contains five sections presenting questions about risks. Josh Hurst provides specific illustrations of the types of questions relating to risk assessment and cybersecurity protocols a user taking the survey would be presented with. Once questions about existing controls are completed, we aggregate the responses, provide the user with a score, identify problems, and offer solutions. (The score itself isn’t actionable.)
How Can Trava's Vulnerability Risk Assessment Tool Results Be Utilized?
While the score a user receives isn’t actionable, it does illuminate areas where a user should put their focus. Vulnerability risk assessment results are easily downloaded or exported and made available for analysis purposes to help companies prioritize where they should put their efforts. The survey’s results are ranked by risk, and Trava provides the user with specific steps they can take to rectify problems. The solutions are designed to help the user, in conjunction with security experts, to determine the next steps that should be taken. Issues addressed and answered include:
- What are the highest impact items?
- What are the calculated risks?
- What is the likelihood of an occurrence?
- What happens if actions aren’t taken?
Customers, especially SMBs, find this assessment to help them fix compliance issues associated with industry, contractual, or regulatory requirements. Essentially, the survey results give SMBs a great jumping point for improving their security posture. Trava follows frameworks with the goal of helping SMBs focus.
Are There Other Frameworks Beside NIST?
In the video’s conclusion, Trava CTO Rob Beeler notes more surveys are coming that will add other requirements and frameworks, along with a broader NIST survey. All of these will be designed to help SMBs better position themselves to align with the requirements in the frameworks they need. This is an ongoing initiative that Trava is working with partners to accomplish. More to come in the upcoming months. Stay tuned!