Service

You can't protect
what you haven't mapped.

A risk assessment helps you understand which assets, systems and processes are truly critical to the business, and what could disrupt operations if left unaddressed. A 3-5 week engagement — standalone, or as an entry point to ongoing management.

Book a discovery call What's included

You can't protect what you can't see.

Many organizations operate without a structured view of their cyber exposure — which assets are genuinely critical, where the gaps sit, which regulations apply, and what the impact of an incident would be. A risk assessment produces that view in 3-5 weeks, so management can prioritize remediation and plan budget on the basis of information rather than instinct.

The assessment follows recognized methodologies (OWASP, NIST), adapted to the size and nature of the organization. It can be delivered as a standalone engagement or as the starting point for ongoing management — depending on need.

Concrete deliverables, board-ready.

  • Asset inventory mapped to business processes
  • Threat & vulnerability assessment per asset
  • Regulatory gap analysis — Amendment 13, BOI 361/367, ISO 27001, sectoral regs
  • Risk register with prioritized findings (P0/P1/P2/P3)
  • Executive summary for the board (Hebrew + English PDF)
  • Remediation roadmap with effort estimates and order of operations
  • Presentation of the findings after delivery of the report

3-5 weeks, structured in 4 stages.

Stage 1

Kickoff & scoping

A 90-minute introductory call, definition of the scope of the engagement, and NDA in place.

Stage 2

Interviews & information gathering

Interviews with key staff (4-6 hours, depending on organization size), document review, and optional technical scan.

Stage 3

Analysis & prioritization

Risk scoring, regulatory mapping, remediation roadmap.

Stage 4

Delivery

Written report, a presentation of the findings, and Q&A.

Do you need access to our systems?

Optional. Most of the assessment is interview + document review. Technical scanning is offered as an add-on if you want it.

Will this disrupt operations?

No. 4-6 hours of staff interviews (depending on organization size and scope) spread over a week. We work around your schedule.

What if we find a critical issue mid-assessment?

We raise it immediately. You decide whether to pause and fix or continue the assessment.

Can this lead to ongoing engagement?

The assessment can be delivered as a standalone engagement or as a starting point for ongoing management — depending on need. The decision sits with the client and is not built into the service.

Ready to talk?

A 30-minute discovery call. Free, no commitment.

Book a discovery call