Our information security expertise stems from more than 25 individual years of experience in service as CISO to two major global banks. This allows us to approach our clients from a practitioner's viewpoint, with the client's business interest foremost, which guides the development of custom tailored, professionally certified security solutions.
Sample accomplishments include:
Develop security incident response teams and processes.
Provide representation and participation in ANSI & ISO Standards working groups.
Evaluate network, data & physical security controls, systems, and applications.
Perform security reviews & audits, including vulnerability assessments and penetration testing.
Evaluate corporate policies and procedures for compliance with U.S. and E.U. security and privacy legislation, e.g., SOX, California SB1386 and ISO 17799.
Design enterprise-wide security architectures.
Design cryptographic architectures for appropriate use of encryption, digital signature and trusted time stamping.
Develop security policies, standards and procedures.
Conduct executive, marketing & client security briefings.
Design and conduct security awareness programs.
Develop and conduct staff training in security related issues, e.g., secure WEB application coding.
Develop information security programs from the bottom up, to include organizational structure, staff, budget and strategic plans.
Conduct business process redesign of security management structures.
Evaluate security products and create/implement pilot project plans for products selected.
PKI Certificate Policy & Practices Statements.