INFORMATION SECURITY

Follow us on Twitter @SecurityVI
  • Twitter Social Icon

Overview

Financial service and health care companies are under increasing pressure to cut costs and improve business agility, while continuing to maintain secure and reliable systems. Yet, the threat landscape becomes increasingly treacherous, the cost of protecting systems and data continues to rise, and regulators continue to increase the cyber security requirements across the board. 

Clearly, information is one of any organization’s most important assets, and protecting information systems and data is necessary to (1) establish and maintain trust between the organization and its customers, (2) maintain compliance with the law, and (3) protect the reputation of the company. 

 

Our focus is on helping clients improve the security and availability of their systems and data.  This includes designing the right infrastructure, choosing the right mix of security controls, incorporating the right recovery strategy, and wrapping it all up in a properly defined information security program.

Our Approach

Our goal is to help create peace of mind for our clients by making their information security programs stronger and their system and data protection better. We have consultants that focus specifically on information security program (ISP) development, and others that focus on (infrastructure) availability and recovery. 

Information security programs are made up of people, programs and processes.  Our role is to help clients design, enhance and manage their information security programs.  We help them develop the documentation, assess the risks, select the products that help control or mitigate the risks, and to educate and inform their people--from the front line to the Board room--on the overall cyber security posture.

In order to maintain the trust of their clients, financial institutions must ensure that their systems are safe and available.  The information security program helps the organization identify, measure and control risks to the availability, integrity and confidentiality of systems and data.   And, we help make the Information Security Program better.

In addition to helping develop the IS programs, we often participate in the monthly management process.  This often involves coaching, reporting, preparing audits or training team members on better information security practices.

Services

Information Security Strategy

  • Information security program and policy development

  • Risk assessment

  • IT audit and regulatory examination management

  • Product selection (controls)

  • Backup and recovery strategy development

  • Incident response plan development

 

Cybersecurity Assessment Tool (CAT) Consulting

  • CAT introduction and process development

  • Management and director training

  • Assistance with CAT completion

  • Integration of the CAT into the information security program

 

Risk Assessment

  • Inventory and system documentation

  • Process development and tool selection

  • Risk assessment completion

 

System Design and Control Selection/Implementation

  • IDS/IPS product selection and implementation

  • Firewall selection and implementation

  • Log management selection and implementation

  • Assistance with system monitoring and reporting

 

Reporting and Notification

  • Review of system logs

  • Assistance with development of management reports (weekly, monthly, quarterly)

  • Assistance with event identification, analysis and forensic review

  • Participation in the event notification process

 

Backup and Recovery Solutions

  • Backup technology selection and implementation

  • Replication strategy development

  • Recovery and backup integrity testing

 

Business Continuity

  • Disaster Recovery (DR) site design and implementation

  • Recovery testing

  • Mock DR and tabletop testing

  • Assistance with business continuity plan development

 

IT Audit / Exam Preparation and Remediation

  • Assistance with regulatory exam preparation

  • IT audit preparation and item Remediation

  • Exam and audit response strategy

 

Staff Training

  • Social Engineering

  • Acceptable Use

  • Regulatory and Compliance 

 

For more information, please contact Eric Kroeger at 219-405-6533.

Visit

132 Venturi Drive

Chesterton, Indiana 46304

Call

Eric Kroeger

T: 219-405-6533

 

© 2023 by

Advisor & co.

Proudly created with Wix.com