We have developed a system of implementing an Information Security Program that will allow a company
of any size the opportunity to have the absolute best information security available at a reasonable,
predictable cost. The system's key feature is that it provides
real-time threat alerts
to information security
engineers who can immediately block, contain, track and/or thwart any attempt to steal, destroy or peep into
a company's network. Our system security program includes everything necessary to establish an effective
information security program:
-
Secure Network Segmentation Design
The network design is the primary defense against attacks, because it allows security engineers to
place monitoring devices all over the network to accurately monitor and analyze network activities.
Most organizations will need to implement an updated, segmented network design overhaul. We
provide the design, planning, testing, implementation and maintenance of this network overhaul. This
process can take approximately three to twelve months, depending on the size of the organization and
business operations will not be interrupted. We also provide training and consulting to support the
current IT staff which allows them to run day-to-day network operations.
-
Real-Time Network Analysis, Threat Detection and Containment
We are the only firm that can analyze network activities and detect possible threats in real time. This
feature utilizes complex data analysis tools developed by our Chief Technical Officer, Daniel Owens.
Similar to using sonar to scan the ocean floor, our tools constantly scan networks for variations and
anomalies. These anomalies are immediately forwarded to a security engineer who can investigate
whether it is a normal network activity or an active threat. These tools replace the job of up to 50
highly-trained network security engineers (for a fortune 500 company).
-
Evolving Threat Intelligence
Our team has their thumb on the pulse of cyber security. Using international channels and extensive
experience, our engineers are on the forefront of locating, identifying and defending against new and
emerging threats. These threats are analyzed and defenses are adjusted to keep every client protected.
-
Penetration Testing
We conduct monthly penetration testing for each client's network. This proactive testing mimics
current and evolving threats in order to detect vulnerabilities before someone else does.
-
Compliance Auditing
Corporations need annual audits to determine if their information security complies with government
and/or industry regulations. We are fluent all such regulations including PCI, HIPPA, NIST and
others.
-
Continuous Security Training for Employees
We have developed information security curriculum for general employees, software developers and
system administrators. Classes are updated constantly to educate employees about new threats and
tactics utilized by criminal hackers. Curriculum summaries are attached to this plan.
-
Secure Code Review for New Software and Website Development
Most companies utilize their own internal software, web sites or mobile applications without properly
testing for vulnerabilities. Checking new software code for vulnerabilities must be completed by
developers with information security experience and training. We offer software design planning,
code review and security recommendations to protect the investment made for development.
-
Physical Security Survey
Not all information is compromised via computers and networks. A breakdown in physical security
can equally put a company's information at risk. Our team includes a former FBI Special Agent
who can expose flaws in physical security and provide the remediation of same.