A few things we’re great at
Get the support you need.
Our services are broken out by where you are in your business journey.
Need coverage while conducting a search for your leader of Information Security? We can provide a virtual Chief Information Security Officer for continuity of operations and assist in the search and vetting of candidates.
Security Awareness Training
Empower users to protect your organization from cyber threats. We provide and manage security awareness training campaigns which can include phish testing your users for the utmost in cyber hygiene.
Information Security Program / Policy Creation and Implementation
Your Information Security Program document and associated policies form the foundation of an organization’s information security program. We can design policies and standards to match your need and culture.
Penetration Testing and Secure Code Analysis
Web Application Security Testing using a combination of automated and manual testing. Testing is performed in and out of the cloud by CISSP, OSCP, CEH, CCSK certified pros following test methodology from SANS and OWASP
Third-Party (Vendor) Reviews/Management
Migrating to a cloud provider does not absolve an organization of its cyber security responsibilities. Controls must be assessed and confirmed to align with your risk tolerance. Vendor information security reviews, to include thorough SOC 1/2 audit reports, are an essential element of proper information security risk management. Let us help you review your third-party vendor relationships.
AICPA SOC 1,2,3
Readiness Assessment, Scoping and Implementation through leading the audit with your CPA firm. We can act as teacher helping your team implement the controls or we can fully manage the program.
ISO 27001/2 Gap Analysis
ISO 27001 is the most widely followed information security framework worldwide, covering all aspects of an information security program. As a rule of thumb, an information security program aligned with and adhering to ISO 27001 will achieve most regulations and standards compliance requirements. We can get you there.
Compliance With Regulations and Standards
Whether CSA CCM, PCI, HIPAA, GDPR, FERPA, NIST, CJIS or another regulation or standard, we can help your organization achieve information security compliance