Risk and Compliance

Let us help you assess and prioritize your risk and align security controls to best practice cybersecurity frameworks.

Regulations change, cyberthreats evolve and vulnerabilities multiply. How can you keep up? Unit 42 can make cyber risk management and compliance easy.

Cybersecurity governance simplified

Protect your organization and demonstrate compliance

Managing risk can be tough, but you can call on Unit 42 experts for help. Our consultants have decades of cumulative experience evaluating and mitigating cyber risk, as well as deep knowledge of industry best practices and government regulations.


Cybersecurity risk assessment

Evaluate and improve your organization’s cyber resilience by testing your defenses against best practice information security standards and cybersecurity regulatory frameworks, including the NIST CSF, CCPA, NYDFS, HIPAA, FINRA, PCI DSS, C2M2, GDPR and others.

Supply Chain Risk Assessment

Evaluate vendor controls to identify risk and secure your supply chain. Perform due diligence to provide transparency and assurance for a merger or acquisition.

Ransomware readiness assessment

Governance, risk, and compliance (GRC) systems house the very information ransomware targets. Incident response plans are crucial to have should the systems ever get compromised. Our Ransomware Readiness Assessment prepares GRC and SecOps teams by identifying and closing any gaps in people, process, and technology, before an attack happens.

Cybersecurity governance review

Make sure your security team operates efficiently and effectively with guidance from our consultants. We can analyze your processes, review your controls and recommend adjustments to strengthen your security and maximize your return on investment.

Cybersecurity Expertise Retainer

Get immediate assistance when you need it. With a Unit 42 incident response retainer, you receive rapid access to our expert consultants. Extend the capabilities of your security team to respond to any incident, or apply your retainer hours to proactive cybersecurity advisory services. Our trusted advisors can assist your team with security strategy, assessment of technical controls and overall program maturity.