What is your process for determining and implementing preventative, detective, and corrective controls in your IT systems, networks and enterprise?

4Hire Values
Comply with Policy and Laws

The digital threat landscape is rapidly shifting as companies attempt to stay current on what is putting them at risk and how they can protect themselves. As this cyber terrain continually changes, so does the sophistication, technology and methods used by bad actors. In many, if not most cases, cybersecurity attacks and attackers are infiltrating defenses in ways companies lack insight into to anticipate and deploy countermeasures. And these attacks are not just impacting large enterprises. Small and medium-sized companies are also being targeted and compromised.

 

Thus, IT Security Governance that translates to manageable, effective regulatory compliance is crucial. We are experts in assisting companies in compliance practices that:

 

  • Coordinate the development and effective deployment of information security policies, standards and procedures. Working with key IT offices, government regulatory agencies, data custodians and governance groups in the development of such policies.

  • Ensure that organizational policies support compliance with external requirements. Overseeing the dissemination of policies, standards, procedures and guidelines to the primary stakeholders.

  • Coordinate the development and delivery of education and training programs on information security and privacy matters for employees, management, board members, other authorized users, and any relevant stakeholder.

  • Assist with investigations of misuse of computing resources by employees and outside users. When required, serve as the organization's compliance officer with respect to Local, State and Federal information security policies and regulations.

  • Apply access and privacy standards on compliance issues as necessary. Prepare and submit required reports to external agencies.

  • Develop and implement Incident Reporting and Response System to address security incidents (data leakages and breaches), responding to alleged policy violations, or complaints from external parties. Serve as the official contact point for information security, privacy and copyright infringement incidents, including relationships with law enforcement entities.

  • Develop and implement ongoing risk assessment programs targeting information security and privacy matters; recommend methods for vulnerability detection and remediation, and oversee vulnerability testing. Ensure alignment and integration with the institutional risk management programs.

  • When required, act as the CIO's designee representing the organization on Information Security matters; serve as the contact point for external auditors and agencies, survey requests, etc. on security/privacy matters.

  • Keep senior management abreast of latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities pertaining to the organization’s mission.

  • Lead, assist and participate in Disaster Recovery (DR), Business Continuity (BCP) and/or Continuity of Operations (COOP) planning in support of emergency preparedness.

  • Twitter Social Icon
  • LinkedIn Social Icon

© 2016 CyberSecurity For Hire, LLC.  All Rights Reserved. | Privacy Policy