Home / Services / Technology / Information & Cybersecurity

Information & Cybersecurity

Maximize the security, integrity and availability of your information, assets and IT investments. Our services help assess your risk for a data breach, identify system vulnerabilities, and offer solutions.

Cybersecurity

Keep Your Data Secure.

Securing your data through sound risk management will help protect your organization, your clients, and your reputation.

Our cybersecurity services include:

Documentation & Governance

  • Security policy, procedure & program development
  • Response and recovery planning & testing
  • IT risk assessment

Security & Privacy Compliance

  • Regulatory compliance assistance e.g. PCI DSS, HIPAA, GDPR, NY DFS, GLBA
  • NIST 800-53
  • NIST Cybersecurity Framework (CSF)
  • NIST 800-171
  • ISO27001/2
  • FFIEC

Security Assessment & Testing

  • Security assessments: IT, Cyber, Mobile, Web Application
  • Vulnerability assessment
  • Penetration testing
  • Social engineering

Database Management Controls

Take Control of Your Data.

Controlling who has access to your information and ensuring that your data is recoverable are critical to protecting your systems and staying compliant. Our consultants can help you ensure that access controls, backup controls and procedures are effective and up to date.

IT Risk Assessment

How healthy are your IT systems?

Maintaining a healthy IT system is mission critical, but can often be neglected. Cost and time constraints, more pressing priorities, or a lack of understanding can lead to serious gaps in IT security and inefficiencies that slow you down.

We offer a quick, low-cost, minimally invasive way to look under the hood. Our IT Risk Assessment can help you head off problems that threaten your IT security and the overall health of your business. Reach out to us today to get started.

Cybersecurity Resource Center

Visit our Cybersecurity Resource Center for more tips and tools.

IT Internal Audit

IT Internal Audit

Expand Audit Functions.

Whether you are creating an initial internal audit function or looking for someone to assist your already established team, our experienced internal audit consultants can help.

We can:

  • Build an internal audit governance structure
  • Assist with the development of an audit committee
  • Develop an internal audit charter
  • Design a customized internal audit manual
  • Train those involved with the charters, policies/procedures, roles/responsibilities
  • Perform a Quality Assessment Review (QAR) for established internal audit departments

IT Internal Controls

Minimize Loss & Protect Your Organization.

With the right internal audit consulting and internal audit procedures, our advisors strengthen and support your control environment to help you to manage your organization’s risk.

Design & Implementation

Strong internal controls can provide assurance that your organization is operating in line with company policies, industry standards and regulatory requirements. They also help minimize the risk of data, financial and reputational loss from breaches and fraud. Our consultants can develop and implement robust internal control systems to help protect your organization.

Testing

While internal controls have always been a critical component of a corporate infrastructure, the focus and attention on this area has never been greater. With the enactment of the Sarbanes-Oxley Act (SOX), terms like COSO and CobIT have become commonplace well beyond internal audit. Our consultants follow the standards of the PCAOB, IIA, SEC, and AICPA, which requires us to monitor our approach to consulting on a regular basis, and helps ensure that we are following industry best practices and standards.

IT Policy & Procedure Development

Craft Policies for Compliance.

Updating policies and procedures is time-consuming and challenging. Creating documentation from scratch can be even more difficult. Our consultants can help you review, revise and create well-designed procedures that keep your organization complaint and help you improve in areas such as accountability, training, efficiency and consistency.

Vendor Management & Third-Party Oversight

Make the Most of Vendor Relationships.

Effectively managing third-party relationships to monitor performance, decrease risks, and reduce cost can be challenging. And with increased regulatory scrutiny and requirements of PCI, SOC 2, HIPAA, GLBA, GBPR and other regulations, it’s more important than ever to assess your organization’s risk.

Whatever the scope of your management and oversight needs, we can help. We've helped clients:

  • Evaluate vendor relationships
  • Assess individual vendors and partners
  • Develop reports to define controls and show testing

SOC 1, 2, 3, Cybersecurity & Supply Chain

Validate Controls & Provide Peace of Mind.

Our advisors and consultants provide the System and Organizational Controls (SOC) examinations that fit your needs – SOC 1, 2, 3, supply chain or SOC for cybersecurity. We offer assurance about your systems’ financial reporting controls, the controls you use to protect the privacy and confidentiality of users’ data, as well as the security, availability and processing integrity of your systems.

Information & Cybersecurity Guidance

Articles

Article

2 Min Read

 4 Key Benefits of a Cybersecurity Live Fire Exercise 

Article

2 Min Read

NYDFS Cybersecurity Checklist

Article

2 Min Read

Navigating the New Data Privacy Landscape

Article

2 Min Read

Don’t Be a Victim of Construction Fraud

Article

2 Min Read

Infographic: 7 Reasons to increase Your Cybersecurity Budget

Article

2 Min Read

Infographic: 7 Common Behaviors That Make Your Company an Easy Target

Webinars

Webinar

What we wish clients would do about Business Email Compromise

Webinar

Fighting Cybercrime with Detection & Prevention

Webinar

Maintaining Data Security in the Cloud

Get in Touch.

What service are you looking for? We'll match you with an experienced advisor, who will help you find an effective and sustainable solution.

  • Hidden
  • This field is for validation purposes and should be left unchanged.