GAP ANALYSIS

Discovering Vulnerabilities

By analyzing technology and internal personnel, we discover blind spots in the organization that could lead to a significant compromise. We go beyond simple compliance frameworks and examine the day-to-day function of cyber within the organization. This leads to critical recommendations by exposing vulnerabilities not only in software but also in people and processes.

Additional value is provided to insights given by the SpearTip Advisory Services team when the Gap Analysis is completed in conjunction with one, some, or all of our Technical Security Assessments. Identifying technical vulnerabilities inside and outside of the organization provides a deeper context to potential gaps in the environment.

Learn More About Our Assessments

Through gap analysis, a company from one industry examines its current security posture and compares it to other companies’ security posture in the same industry. A gap analysis can be useful when companies aren’t using their resources, security toolset, or technologies to maximize their full potential. By defining the gap, the company’s management team can create a roadmap to move the company forward and fill in the gaps their overall cybersecurity posture. There are four steps to a gap analysis: defining organizational security goals, benchmarking current security posture, assessing inventory and next steps, and compiling a final report.

Project Workflow

Phase 1 | Discovery

SpearTip collects key information related to the engagement.

Phase 2 | Initial Analysis

SpearTip reviews the information collected during discovery to develop interview questions and request additional documentation.

Phase 3 | Interviews

SpearTip meets with key individuals inside the organization. Interviews allow SpearTip to both collect new information and validate information already collected.