Cyber Security Consulting & Digital Investigation

Cyber Risk & Compliance Consulting

J.S. Held Acquires Stapleton Group & Launches Strategic Advisory Practice

Read More close Created with Sketch.

Our experts are world-class cyber security consultants serving as trusted advisors to organizations facing information security, data privacy, and cyber incident readiness needs, spanning industries across the Fortune 1000.

We deliver customized solutions that mature programs, achieve cyber and privacy compliance, and minimize risk. Whether it is advisory services for program enhancements or use of our Virtual CISO service, we have proven methodologies that deliver a comprehensive organizational security posture.

Cyber Risk Advisory Services
  • Creation & Review of Cyber Security Policies
  • Cyber Security Disaster Recovery Planning
  • Cyber Security Risk Assessments
  • Cyber Security Vulnerability Assessments
  • Incident Response Testing
  • Penetration Testing
  • Providing Regular Stakeholder-Ready Reports
  • Social Engineering Testing
  • Vendor Risk Management Services
Cyber Security Compliance Services
  • NIST Cyber Security Framework Readiness
  • ISO 27001 Readiness Assessments
  • PCI Readiness Assessments
  • CPRA / GDPR / State Privacy Regulation Readiness Assessments
  • HIPAA Readiness Assessments
  • SEC Readiness Assessments
Cyber Security Advisory, Assessment, & Consulting Services

Our experts analyze your organization’s cyber security program in order to identify vulnerabilities and recommend improvements in alignment with the industry leading standards (NIST CSF, ISO 27001/22301, OWASP, and more) to help you achieve best practices and improve your organization’s security program. Our assessments allow organizations to benchmark their current IT security posture and understand what steps are required to strengthen their network security infrastructure and business practices, avoid unexpected costs, and reduce compliance exposures.

Cyber Security Compliance Services

Our cyber security experts leverage in-depth IT security knowledge, familiarity with complex network environments, and our efficient and effective approach to meeting legislative requirements and mitigating the financial and reputational risks of noncompliance.

Our services include readiness assessments; recommendations for remediation; implementation; and strategic consulting before, during, and/or after a cyber security state and federal standards review.

NIST Cyber Security Framework Readiness Assessment

The NIST Cybersecurity Framework gathers existing global standards and best practices to help organizations manage their cyber risks. For organizations that do not know where to start, the NIST Cyber Security Framework provides a road map.

Our experts provide strategic guidance to organizations seeking to achieve compliance with the NIST Cyber Security Framework. We help organizations determine their current cyber security capabilities, set individual goals for a target state, and establish a plan for improving and maintaining cyber security programs.

ISO 27001 Readiness

We deliver strategic guidance to assist organizations as they prepare for ISO 27001 certification. Our assessment can help save valuable time and resources by identifying deficiencies in an organization’s Information Security Management System (ISMS) before seeking certification to the ISO 27001 Standard.

Our ISO 27001 readiness services include:

  • Defining a security policy
  • Defining the scope of the ISMS
  • Conducting a risk assessment
  • Managing identified risks
  • Selecting control objectives and controls to be implemented
  • Preparing a statement of applicability
SEC Cyber Security Readiness

We help clients prepare for cyber security examinations administered by The Office of Compliance Inspections and Examinations (OCIE) of The U.S. Securities and Exchange Commission (SEC).

As part of our SEC cyber security readiness services, we help clients test and enhance procedures and controls around cyber security in six priority areas:

  • Governance & Risk Assessment
  • Incident Response
  • Access Rights & Controls
  • Data Loss Prevention
  • Vendor Management
  • Training
Data Privacy & Governance

Our experts provide specialized expertise in data privacy and governance by combining technical expertise and investigative experience to protect the confidentiality, integrity, and availability of an organization’s data to minimize corporate risk, safeguard private information, and minimize exposure from non-compliance.

Working as either a full-service consultant, or as an adjunct to in-house teams, we execute our phased compliance readiness process to ensure organizations meet or exceed compliance requirements.

Our privacy compliance consulting services include readiness assessments, gap analysis, penetration testing, and ongoing compliance monitoring for:

  • California Consumer Privacy Act (CCPA)
  • European Union General Data Protection Regulation (EU GDPR)
  • HIPAA / HITRUST
  • Massachusetts’ Privacy Regulation 201 CMR 17.00
  • NY Cybersecurity Rule 23 NYCRR 500
  • The Commerce Department’s National Institute of Standards and Technology (NIST)
PCI Security Standards Consulting Services

Meeting PCI regulatory standards is a requirement for any organization that is processing, transferring, or storing credit card information. With extensive PCI expertise, we help our clients successfully navigate PCI security requirements, ensuring they meet their compliance goals the first time around.

Our PCI Consulting Services include:

  • PCI Compliance Readiness Assessments
  • PCI Penetration Testing
  • PCI SAQ Assistance
Related Insights

Our insights cover a variety of topics impacting businesses, society, the economy, and the environment. Check out our latest white papers, research reports, educational seminars, industry speaking engagements, and perspective articles.

 
INDUSTRY INSIGHTS
Keep up with the latest research and announcements from our team.
Our Experts