Do you think Mandiant is a good provider for Security Program Assessment on IT security? I have seen that they have good grades on consulting but they are not graded on Assessments. Would you recommend another provider?

Applications & PlatformsSecurity & GRC
112 views4 Upvotes3 Comments
Head of Cyber Security in Manufacturing, 501 - 1,000 employees
As with every consultancy it depends on the consultant. Personally i like mandiant because they are honest, and try to be as much as possible to do a independant proposal without driving one or the other vendor.
3
CIO, Self-employed
Mandiant tends to do a stellar job on live incident response and forensics. With respect to assessments, it may be predicated on the type of assessment contemplated. If Mandiant is doing a compromise assessment, I'd vote a strong yes. If they are looking at how a security program is structured, its alignment to a framework or standard, or the maturity of the security program, I'd think there'd be a number of competitive options. 
2
CISO in Healthcare and Biotech, Self-employed
I will echo  and 's statements that the engagement would be consultant-specific, but Madiant does a great job at post-compromise assessment.  Perhaps find out what kind of experience the proposed assessor-consultant has in your industry.  Were they in a leadership or individual contributor role regarding that industry experience?  If the organization does not have a large bench of consultants, one must closely evaluate the proposed individuals.  
2

Content you might like

Can ISO 27001 compliance be considered as benchmark for security maturity of an organization?

Governance, Risk & ComplianceSecurity & GRC

Yes87%

No13%


157 PARTICIPANTS
1k views

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & LeadershipStrategy & ArchitectureCloud+57 more
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
143 19 Replies
Read More Comments
47.1k views133 Upvotes325 Comments

What services matter most (or are your favorite) in alignment with your cloud provider? i.e. Database/warehouse (like Redshift), analytics, AI/ML…

Strategy & ArchitectureCloudEnd-User Services & Collaboration+24 more
Read More Comments
1.9k views3 Upvotes2 Comments

Have you been able to successfully integrate AI/ML into your enterprise search? What were your greatest challenges or failures in doing so?

Strategy & ArchitectureEnd-User Services & CollaborationApplications & Platforms+25 more
Read More Comments
1.8k views3 Upvotes2 Comments

So many improvements in an organization depend on not just talking about change, but actually implementing change - specifically: - improving culture - especially at the individual level around owning and delivering on concrete goals or everyday processes - strong accountability - especially around tasking, outcomes and ownership to get-things-done - rising productivity - especially around digital-first and digitally-savvy behaviors like asynchronous work, and peer-to-peer knowledge transfer - continuous improvement in processes - especially via crowdsourced ideas for improvement becoming adopted by everyone - continuous innovation - especially in a way that's process-driven so that lots of ideas can go through a pre-designed funnel  Which of the following are true, in your organization?

People & LeadershipStrategy & ArchitectureCloud+15 more

Accountability - There's no system for accountability - we just rely on people keeping their word33%

Innovation - There's a structured process to contribute an idea and see the eventual outcome and decisions53%

People - Our company finds it difficult to do any of the above33%

People - Laggards hold things back but certain people and teams make it happen31%

General - We find it difficult to do any of the above15%

IT - We are held back from most of the above by legacy systems and a dependence on IT24%

Processes and Workflow - We've reached a point where email, chat and documentation have been replaced with accountable tasking and repeatable processes17%

Processes and Workflow - We publish processes or documentation and try to keep it up-to-date13%

Something else (comments below)1%


617 PARTICIPANTS
5k views6 Upvotes2 Comments