REPORT

Cyber Risk Assessment

CLIENT

GANESH TECHNOLOGIES

Report Date: 15th Apr 2024 Confidential

 4/15/2024

Cyber Health

Methodology
TitanDef follows a simple methodology to evaluate inherent cyber risk to your organization (Inherent Risk Score) and subsequently
recommends a target maturity level to protect your environment from cyber threats. Gaps identified in security controls are prioritized
for remediation by measuring their impact and likelihood of potential losses. A detailed Plan of Action is created by assigning time
and resources to elevate your security posture.

Steps

Created by TitanDef - Cyber Risk Assessment Report 1 of 10

 4/15/2024

Inherent Cyber Risk Score

Evaluation Report
Overall Risk —

Based on your overall inherent cyber risk, we recommend assessing security controls in Level 1 through 3 to
protect your IT environment from common cyber threats.

OVERVIEW

Created by TitanDef - Cyber Risk Assessment Report 2 of 10

 4/15/2024

Overall Security Posture

Ransomware Malware Phishing / Business Email

Compromise

Based on Ganesh Technologies current cybersecurity measures view its probability of impact from the top 3 cyber
threats i.e. Ransomware, Malware and Phishing / Business Email Compromise.

In addition to its internal cybersecurity measures, Ganesh Technologies also follows a defined methodology for
managing third-party cyber risk. An inventory of all IT vendors/third parties is maintained, and periodic assessments are
prioritized based on the extent of cyber risk with each vendor and the results of prior vendor assessments. The
organization evaluates its data loss exposure by documenting the type and extent of data shared with each vendor. A
vendor exposure rating is calculated and assigned to all vendors. Further, local vendors are periodically sent a
standardized self- assessment cyber questionnaire. Based on the responses from the questionnaire, cybersecurity risk
ratings are assigned to each vendor.

The chart below shows the percentage of cyber controls completed within each of the 3 recommended levels (Baseline,
Intermediate and Defined) for Ganesh Technologies.

Cyber Maturity
Your organization has yet to achieve a Baseline level of cyber defense capabilities.

Created by TitanDef - Cyber Risk Assessment Report 3 of 10

 4/15/2024

Residual Cyber Risk Heatmap

View the residual cyber risk heatmap considering the likelihood (x axis) and severity impact (y axis) of each risk.

Control Distribution Asset Type

Showing a distribution of control attributes and your "Assess Cyber Controls" responses.

Created by TitanDef - Cyber Risk Assessment Report 4 of 10

 4/15/2024

Kill Chain

Showing a distribution of your ‘Access Cyber Controls’ responses mapped to the cyber kill chain

Created by TitanDef - Cyber Risk Assessment Report 5 of 10

 4/15/2024

Cyber Hygiene Report

Cyber security hygiene is a set of practices organizations perform regularly and consistently to maintain the health and
security of users, devices, networks, and data. Cyber hygiene aims to keep data secure and protect it from theft or
attacks. In the below section, view the basic cyber hygiene best practices you consistently or mostly follow.

DETAILED REPORT

Ganesh Technologies consistently follows best practices around these basic cyber hygiene controls

Created by TitanDef - Cyber Risk Assessment Report 6 of 10

 4/15/2024

Ganesh Technologies mostly follows best practices around these basic cyber hygiene controls

Hardware Asset Inventory

Lack of an accurate hardware inventory deters identification of unauthorized devices on your network. Maintain an accurate
and up-to-date inventory of all physical technology assets.

Asset Type NIST Function Control Type Control Category

Devices Identify Preventive Administrative

Created by TitanDef - Cyber Risk Assessment Report 7 of 10

 4/15/2024

CIS Controls v8

Overall you have completed 0% of all CIS library controls based on the mapping to TitanDef.
You have a 0% completion rate within Implementation Group 1, 0% within IG2 and 0% within IG3.

Implementation Group 1

Implementation Group 2

Implementation Group 3

Created by TitanDef - Cyber Risk Assessment Report 8 of 10

 4/15/2024

Recommendations
Find a list of recommendations to improve your cyber security posture in order of priority below. Recommendations
provide a specific course of action and estimated timelines for completion.

Plan of Action
This chart shows the estimated remediation timeline by individual recommendation

Estimate Timeline
This chart shows a summarized count of security recommendations grouped by criticality and recommendation
timeframes

Created by TitanDef - Cyber Risk Assessment Report 9 of 10

 4/15/2024

Account Password Lockout

Recommendation
You can choose to mitigate the risk or accept it. Alternatively, make a detailed recommendation on risk mitigation by
providing a proposed remediation plan, estimated budget and estimated timeline.You can choose to mitigate the risk or
accept it. Alternatively, make a detailed recommendation on risk mitigation by providing a proposed remediation plan,
estimated budget and estimated timeline.

Priority Severity Complexity Estimate Budget Estimate Time Assignee

6 Minor $10 1 Month Sule manohar

Created by TitanDef - Cyber Risk Assessment Report 10 of 10