Security Management
- Virtual CISO
- Business alignment
- Strategic program guidance
- Executive summarizes
- Metrics and KPIs
Cyber and Infrastructure Security
- Advanced malware protection
- Data center & perimeter protection
- Network risk assessment
- Security monitoring services (SIEM)
- Automation & orchestration
- Host & end point security
- Cloud & virtualization security
- Security device management
- Mobile security
Security Assurance
- Security program assessments
- Vulnerability assessments
- Penetration testing
- Cloud security assessments
- Wireless assessments
- Technical security controls (NIST, ISO 27001, PCI DSS, HIPAA/HITECH)
Data Protection
- Data protection audits
- Data threat analysis
- Risk assessments
- Data mapping classification
- Policy design & process definition
Identity and Access Management
- Transformation Services – access management platform, identity administration platform, directory services platform
- Productized Services – provisioning and single sign on, resource access request, self-service, privileged user password management
Governance, Risk and Compliance
- Process – Policy and procedure definition, gap analysis, security framework review, ITSM, metrics
- People – social engineering, roles and responsibilities, 3rd party/business associate security assessments, access reviews privileged user compliance
- Data – Data governance, ownership, classification, data risk assessment, PHI/Pll compliance
- Infrastructure – Security baseline (standards, patches, and configuration), IT risk assessment, risk mitigation, security configuration & compliance
- Applications – application risk assessment, access reviews, S-SDLC, ITSM, application dependency mapping