ASSESS
- FRAMEWORKS (NIST, CMMC, ISO, PCI DSS) – We’ll help you determine whether you’re using the right security framework, help you find the right framework, or help customize a security policy that is right for your business.
- COMPLIANCE REVIEWS – We perform audits and compliance reviews to ensure your business is following the appropriate guidelines of the framework you’ve chosen.
- VULNERABILITY ANALYSIS – We’ll work with you to discover your security vulnerabilities. We can perform penetration testing (ethical hacking), phishing exercises, and social engineering to ensure you have a solid security posture and that your employees are properly trained.
PLAN
- POLICY AND PROCEDURES CREATION – A key to ensuring your employees know their responsibilities is to develop sound and easy to understand policies and procedures. We’ll create policies and procedures that will help keep your business aligned with your security framework and serve as a go-to repository for employee reference.
- SECURITY TRAINING – The majority of security breaches are due to employees not knowing or not following company security policies. It is essential that every organization train its employees to safeguard their business from bad actors. We’ll work with you to design a custom training program and training schedule.
- BUSINESS CONTINUITY AND DISASTER RECOVERY PLANNING – To minimize the financial impact of a security breach, it is essential that you have a business continuity and disaster recovery plan in place. Together we’ll develop a plan that makes sense for your business.
RESPOND
- INCIDENCE RESPONSE – Should you get breached, it is imperative to act quickly. We’ll perform forensics to determine how the bad actors gained access to your systems and what data was compromised.
- REMEDIATION – Once we determine how you were breached, we’ll work with you to implement a fix, evaluate your policies and procedures to ensure they’re up to date, and ensure your training is sufficient.