Security Management

  • Virtual CISO
  • Business alignment
  • Strategic program guidance
  • Executive summarizes
  • Metrics and KPIs

Cyber and Infrastructure Security

  • Advanced malware protection
  • Data center & perimeter protection
  • Network risk assessment
  • Security monitoring services (SIEM)
  • Automation & orchestration
  • Host & end point security
  • Cloud & virtualization security
  • Security device management
  • Mobile security

Security Assurance

  • Security program assessments
  • Vulnerability assessments
  • Penetration testing
  • Cloud security assessments
  • Wireless assessments
  • Technical security controls (NIST, ISO 27001, PCI DSS, HIPAA/HITECH)

Data Protection

  • Data protection audits
  • Data threat analysis
  • Risk assessments
  • Data mapping classification
  • Policy design & process definition

Identity and Access Management

  • Transformation Services – access management platform, identity administration platform, directory services platform
  • Productized Services – provisioning and single sign on, resource access request, self-service, privileged user password management

Governance, Risk and Compliance

  • Process – Policy and procedure definition, gap analysis, security framework review, ITSM, metrics
  • People – social engineering, roles and responsibilities, 3rd party/business associate security assessments, access reviews privileged user compliance
  • Data – Data governance, ownership, classification, data risk assessment, PHI/Pll compliance
  • Infrastructure – Security baseline (standards, patches, and configuration), IT risk assessment, risk mitigation, security configuration & compliance
  • Applications – application risk assessment, access reviews, S-SDLC, ITSM, application dependency mapping