Information Security and Cyber Security Audits
Trust but verify. The credo that every manager, auditor and examiner lives by. Below is a listing of the types of assessments and testing we offer to our clients.
Thoroughly examine your network from an external attacker's perspective. We show you how an attacker might compromise you, and walk you through the steps you need to take to prevent it.
Perimeter and Internal Vulnerability Assessment
"Is this line secure?" A detailed analysis of your external and internal network and systems will point out vulnerabilities and potential attack vectors. We provide you with the steps to harden your network and systems against malware, espionage, and attacks from within.
Social Engineering and Physical Penetration Test
Test your organization's readiness against physical and psychological attacks. We will attempt to gain access to your restricted locations and information. We'll provide you with a comprehensive report and walk-through of the results. We might even crawl around in your dumpster. (We're not kidding!)
Disaster Recovery and Business Continuity Plan Test
- DRP Review
- Checklist Test
- Structured Walkthrough / Tabletop Test
- Simulation Test / Walkthrough Drill
- Parallel Processing Test
- Partial and Complete Business Interruption Test
FFIEC Cyber Security Assessment
The FFIEC recently released a new Cybersecurity Assessment tool for financial institutions, and we can help you implement it and assess your organization. The Assessment provides a repeatable and measurable process for institutions to measure their cybersecurity preparedness over time. It incorporates cybersecurity-related principles from the FFIEC Information Technology (IT) Examination Handbook and regulatory guidance, and concepts from other industry standards, including the National Institute of Standards and Technology (NIST) Cyber Security Framework.
Physical Security Assessment
We will develop a comprehensive site survey of each of your facilities, along with a risk assessment that details the nature, likelihood, and impact of threats to your organization. Before the job is considered done, you will clearly understand the physical risks to your business and the steps to take to mitigate them.
Information Security Program Review
Our team has developed and managed highly successful information security programs that have earned top marks in audits and regulatory examinations. We help you take a comprehensive look at your security infrastructure, identifying gaps in training, governance, and procedure. Every step of the way, you'll be learning how to refine and maintain a world-class information security program.