Cyber Security GovernanceEstablish and implement a cybersecurity governance framework that supports informed decision making and escalation within the organization and Board to manage cybersecurity risks.

Information Security Risk AssessmentsConduct regular assessments to identify cybersecurity risks associated with firm assets and vendors and prioritize their remediation.

Vulnerability Management & Technical Gap AssessmentsStandards (ISO 27000, NIST or SANS) based assessment of adequacy of technical controls to protect software and hardware that stores and processes data

Cyber Security Awareness ProgramsCybersecurity training that is tailored to staff needs and delivers interactive CBT training with monitoring to increase retention

24×7 Security Operation ServicesEstablish a 24x7 Security Operations Center to monitor alerts and continuously analyze log events with or without a SIEM

Incident Response PlanningEstablish policies and procedures, as well as roles and responsibilities for escalating and responding to cybersecurity incidents

Cyber Insurance PlanningEvaluate the utility of cyber insurance as a way to transfer some risk as part of their risk management processes

Vendor Risk ManagementManage cybersecurity risks that can arise across the lifecycle of vendor relationships using a risk-based approach to vendor management