Our Services

Penetration Testing

This service evaluates the security of your systems infrastructure by safely trying to exploit known vulnerabilities. These vulnerabilities can exist in operating systems, applications, improper configurations and other system services.

Security Risk Assessments

This service which is fundamental to any organization will assess the effectiveness of security controls in your information systems. It will also define gaps if present within your security program allowing the organization to develop a comprehensive remediation program.

System Configuration Assessment

Our technologists will assist you in assessing your company’s security configurations on workstations, servers, operating systems, databases, other networking hardware and applications such as IE, Chrome, Excel, Outlook and more. The output which is based on the CIS top 10 vulnerabilities, provides information on how to mitigate the risks identified.

Cyber Security Program Creation

Our team of experts will takes their years of knowledge and create a custom cyber security program based on your business needs. Pick and choose which areas you want to concentrate on and we can build it for you with flexibility so you can update the program anytime the Threat Landscape changes. Implementing a cyber security program is a must for those who need to be in compliance with Federal and State regulations.

Digital Forensics

Our  computer forensics team collects, preserve, and analyze evidence in criminal and civil cases. Our experts extract electronic information which can be both visible to a user or hidden in the protected areas of many devices. Evidence including e-mail, metadata, browsing history, application logs and documents are vital in proving wrongdoing in any criminal, civil or internal dispute.

Ransomware Assessment

With the rampant spread of ransomware on computer systems, many SMBs have been forced to pay the ransom only to find they can’t decrypt their files and have lost their data forever.  While 65% of SMBs go out of business within 6 months of a major cyber security incident, protecting your organization  from these types of attacks can pay off tenfold. Our staff will evaluate and recommend measures to protect your company from this nasty and many times destructive malware.

Monthly Security Management Packages

This service provides “peace of mind” for your Cyber Security program. Not only will you have access to security policies, newsletters, threat assessments, vulnerability testing, user awareness materials, cyber security snapshots  and more, its priced specifically for SMBs without large security budgets.

NIST CSF/SOC 2/CIS-20/HITRUST

Our staff will assist and produce reports on controls at your company which are relevant to Security, Availability, Processing Integrity, Confidentiality and Privacy. These reports are becoming requirements for third parties wanting to do business with regulated industries and are used to identify and mitigate cyber security gaps.

Vulnerability Assessments

This service will search for, identify, quantify and rank known vulnerabilities in your network. These vulnerabilities many times are used as a stepping stone for attackers to enter your system and exfiltrate information including Personal Identifiable Information (PII) or Personal Health Information (PHI) about your customers and employees.

Security Awareness & Education

This service is available as an in-person presentation, live webinar or pre-recorded webinar. Security awareness and education is one of the best returns on investments for your employees since it trains your employees to integrate security into their daily routine thereby reducing your risk of exposure to issues such as phishing and ransomware.

Risk and Compliance Reporting

This service provides consultation on creating security matrix and reports that relate to the risk and compliance areas of your organization. The service provides assistance with creating monthly executive security reports as well as heat maps based on your controls.

Incident Response

This service provides basic to advanced incident response plans which will allow your organization to be prepared in the event you suffer a security incident. Responsibilities outlined in the plan include departments such as your Information Technology, legal, public relations and other internal and external stakeholders.

Data Leakage Prevention

This service is a multi-tiered data leakage prevention and detection approach for small-medium sized businesses which don’t have large security budgets. By implementing specific controls and implementing basic external search capabilities, your organization can reduce its overall data leakage risk which can affect not only monetary loss but reputational damage as well.

Security Policy and Procedure Creation

In today’s environment, regulatory issues are prompting many organizations to create information security and risk policies and procedures. Policy and procedure creation is also seen as an inexpensive way to reduce overall company risk and is a requirement if you want to purchase cyber security insurance.

Threat Intelligence

What information is being said about your organization and data leakage from inside your company is crucial in today’s commerce market. Many of your competitors are not only looking at their external risk but may be looking at yours as well to see where they can excel. Threat intelligence also provides searching of the dark web for information related to your corporate executives, partners and most importantly your confidential data that may have maliciously or inadvertently been leaked to the internet.

Security Metrics

How do you present your company’s overall security posture to your executive leadership? What controls are important in today’s cyber security environment? We will work with your team to create metrics that are both informative and useful for your information security and risk programs.

myCISO

Many smaller to mid-sized companies don’t have dedicated information risk staff let alone a Chief Information Security Officer. myCISO allows organizations access to CISO’s or comparable staff that have worked at Fortune 500 companies who can guide you and your company to a more secure environment.