Skip to Content

Cyber Assessments

 

Security shouldn't be a guessing game.

1

Insurance Compliance. 

Does your current security meet the stringent requirements of your cyber insurance carrier? We provide the proof you need.

2

Law & Medical Standards.

We map your defenses against HIPAA and NIST frameworks to ensure client data remains confidential and privileged.

3

M365 Hardening. 

Most breaches start in the inbox. We validate your Microsoft 365 configuration against global best practices.

From Inquiry to Intelligence in 72 Hours


Kickoff Call

A 15-minute briefing to define your perimeter.

Silent Analysis

We perform our scans and reviews with zero downtime for your team.

The Delivery

You receive your Executive Summary and Roadmap in a high-impact briefing.

Data-Driven Security Validation

Choose the assessment that fits best for your firm's need

Tier 1 assessments - 

Health Check

$ 1495

Focus: Speed and immediate risk visibility.

  •  External Vulnerability Scan
  •  M365 Security Baseline Review
  •  Dark Web Identity Leak Check
  •  Executive Risk Heat Map



  • Deliverable: 3-5 page Executive Summary.
  •  Turnaround time : 24-48 hours

Tier 2 assessments - 

Insurance-Ready Audit

$ 2995

Focus: Compliance (HIPAA/NIST) and Insurance Requirements.

  •  Everything in Tier 1
  •  Deep Perimeter Manual Validation
  •  CIS Microsoft 365 Benchmark
  •  NIST/HIPAA Mapping
  •  Insurance-Ready Attestation Letter


  • Deliverable: 15+ page Technical Roadmap
  •  Turnaround time : 48-72 hours


 

Setup a Free Appointment

Not sure which assessment fits your firm?


Choose Tier 1 if: You are a small firm (1-10 staff) looking for a quick baseline of your external risks and email security.

Choose Tier 2 if: You have an upcoming insurance renewal, handle high-stakes litigation/PHI, or need a roadmap for future technical investment.

Frequently Asked Questions


Will these scans disrupt our daily operations or slow down our network?

No. Our external vulnerability scans and M365 baseline reviews are "non-intrusive." They are designed to simulate how an attacker sees your firm from the outside, requiring zero downtime and zero software installation on your local machines.

Does DCYBR need our administrative passwords to perform the audit?

For the M365 Security Review, we typically request temporary, "Read-Only" delegated access. This allows us to inspect your security configurations without the ability to read your actual emails or modify your data. We adhere to strict "Least Privilege" protocols.

We already have an IT company/Managed Service Provider. Why do we need this?

Think of us as your firm's "Independent Auditor." While your IT team manages your day-to-day uptime, DCYBR provides a third-party, unbiased validation of their work. This is often required by cyber insurance carriers to ensure there is no "conflict of interest" in security reporting.

Is the "Insurance-Ready Attestation Letter" a guarantee of coverage?

While we cannot guarantee an insurance carrier’s decision, our Attestation Letter provides the technical evidence carriers look for (MFA verification, encryption standards, and vulnerability management). It significantly strengthens your application by proving you have undergone professional third-party validation.

How often should we perform these assessments?

At a minimum, we recommend an annual Tier 2 audit for compliance. However, for firms handling high-stakes litigation or PHI, a Tier 1 "Health Check" is recommended every 6 months or whenever there is a major change to your staff or cloud infrastructure.

Schedule a free discovery call