TOSS offers clients access to a proprietary threat monitoring and analysis service that includes collecting and analyzing Open Source Intelligence (OSINT). Safeguard your organization by identifying potential risk and threats with the scientific methodology of qualitative analysis. The TOSS advantage is the real world experience of TOSS researchers, which guides how they collect, group, and analyze qualitative data.

A TOSS report will include: 

  • Information Security Assessment-addressing administrative, technology and associated physical security
  • Physical security and safety assessment to include perimeter, volumetric and current security/safety protocol
  • Evaluation of general security and safety procedural documentation
  • Priority based recommendation table to address specific risks and vulnerabilities which will represent the basis of a delivered strategic plan

The process

Define Assets: The TOSS team works with key personnel at appropriate levels of an organization to establish a qualitative classification based on criticality with the primary focus on security and safety of personnel.

Threat Assessment:  The TOSS team will compile a risk profile specific to the customer, identifying and analyzing potentially harmful acts and the likelihood of their occurrence.

Vulnerability Analysis: The TOSS team will identify the physical, operational and procedural weaknesses that facilitate an assailant’s attack on any or all of the customer’s assets, prioritizing mitigating actions. 

Security Measures: The TOSS team will provide specific recommendations to concentrate resources to protect the most vital assets against the most probable threats, ensuring sensitivity to an organization’s cultural atmosphere focusing on policy and procedures, electronic security landscapes, and physical security barriers.

The TOSS Risk Assessment Process is available in whole or in part to business and/or property owners as well as architectural firms who in their design of buildings and/or floor space within a building must be sensitive to the operational environment and its inherent risks and vulnerabilities.