Services

A few things we’re great at

Get the support you need.

Our services are broken out by where you are in your business journey. 

Interim CISO

Need coverage while conducting a search for your leader of Information Security? We can provide a virtual Chief Information Security Officer for continuity of operations and assist in the search and vetting of candidates.

Security Awareness Training

Empower users to protect your organization from cyber threats. We provide and manage security awareness training campaigns which can include phish testing your users for the utmost in cyber hygiene.

Information Security Program / Policy Creation and Implementation

Your Information Security Program document and associated policies form the foundation of an organization’s information security program. We can design policies and standards to match your need and culture.

Penetration Testing and Secure Code Analysis

Web Application Security Testing using a combination of automated and manual testing. Testing is performed in and out of the cloud by CISSP, OSCP, CEH, CCSK certified pros following test methodology from SANS and OWASP

Third-Party (Vendor) Reviews/Management

Migrating to a cloud provider does not absolve an organization of its cyber security responsibilities. Controls must be assessed and confirmed to align with your risk tolerance. Vendor information security reviews, to include thorough SOC 1/2 audit reports, are an essential element of proper information security risk management. Let us help you review your third-party vendor relationships.

AICPA SOC 1,2,3

Readiness Assessment, Scoping and Implementation through leading the audit with your CPA firm. We can act as teacher helping your team implement the controls or we can fully manage the program.

ISO 27001/2 Gap Analysis

ISO 27001 is the most widely followed information security framework worldwide, covering all aspects of an information security program. As a rule of thumb, an information security program aligned with and adhering to ISO 27001 will achieve most regulations and standards compliance requirements. We can get you there.

Compliance With Regulations and Standards

Whether CSA CCM, PCI, HIPAA, GDPR, FERPA, NIST, CJIS or another regulation or standard, we can help your organization achieve information security compliance

Exploratory Strategy Session