Security can get complicated, working with a consultant doesn't have to be.
I've lead teams of highly skilled information security experts to assess and mitigate risk in every sector and industry. From the City of New York to the Federal Government. From the Ministry of Finance of a government in Eastern Europe to local banks, hospitals and universities.
I can advise on:
- HIPAA/HITECH/CMS/MARS, FISMA/SCA/ST&E, PCI, NIST 800-53, ISO-27001, FFIEC, NERC, COBIT, FERPA, and OWASP
- Security Program, Policy and Governance
- Risk Management, Threat Assessment
- Penetration Testing and Vulnerability Assessment
- Forensics and Data Breach Response
- Records management
- Business Impact Assessment, Disaster Recovery and Business Continuity
- Third Party Assessment and Vendor Management
- Identity Management
