Business Consulting
The Information Security Management Challenge
Effective information security management is more than just putting out fires. Organizations must identify how they use information to meet their business goals; then determine the best ways to protect their information assets throughout the information security life cycle.
Many business leaders have recognized this need by escalating information security from an IT responsibility to a business requirement. Yet while the priority is higher, IT budgets haven’t grown proportionately. Meanwhile, the number of vulnerabilities has increased, threats have become more sophisticated, and greater regulatory oversight has become a fact of life.
Foundstone Professional Services has been a trusted information security advisor to hundreds of organizations across a wide spectrum of industries. Through our many engagements we have observed that tight budgets have sometimes forced organizations to implement a disjointed information security strategy that doesn't include all of the criteria of an effective information security program. Foundstone has designed strategic services to help you fill the gaps in your information security program.
Foundstone Business Consulting Services
Foundstone offers a wide range of strategic network security business services that can be customized to meet your business needs. Available as enterprise-wide programs or individual core services, no other professional services organization can match the breadth and depth of Foundstone's offering.
Foundstone employs a proven engagement methodology to meet your business and risk management goals. Comprehensive and time-tested, Foundstone's methodology identifies where your organization is vulnerable, not just where your network is weak.
Foundstone Enterprise Level Consulting Services
The Comprehensive Security Health Check is intended as a quick review of your Information Security Program, which includes both technical and non-technical components. The health checks provide a point-in-time view of both your internal and external security posture based upon the BS/ISO17799 security standard.. Foundstone will provide next step recommendations that can be used to design a strategic information security roadmap or simply identify point solutions that can easily resolve you business security weaknesses. However you decide to use the results, a Comprehensive Security Health Check will provide you with insight and visibility into your organization's security posture so that you can make informed decisions. A Comprehensive Security Health Check provides visibility into your organization's current security posture so that executives and managers can make informed business decisions regarding security. Foundstone's Information Security Health Check offerings are listed below:
ISO17799 Check
GLBA Check
SB1386 Check
Information Security Program Development
The Information Security Program Development is intended for a growing organization or executive tasked with the responsibility of developing an information security program. This program provides an organization with everything they need to structure an information security program so it will successfully guard data against loss of confidentiality, integrity, or availability. This program will determine the state of the information security program, and establish the framework upon which a successful program can be built. Foundstone’s Information Security Program Development offerings are listed below:
Process Development
Risk Assessments
Risk Assessments are a critical foundation of any information security program and a regulatory requirement of the Gramm-Leach-Bliley Act, HIPAA, NIST, and other security standards and guidelines. Foundstone’s detailed methodology identifies the confluence of assets, threats, and vulnerabilities that introduce risk. Foundstone prioritizes the risks to your organization and recommends risk management strategies to mitigate, transfer, accept, or avoid the risk.
Foundstone Information Security Management Service Programs
Foundstone Information Security Management Service Programs are one way to increase the organization’s security while achieving greater return on its investment. Many security services utilize common methodologies and procedures including employee interviews, policy and procedure reviews, and vulnerability scanning. By combining security services which utilize these common methodologies, Foundstone Information Security Management Service Programs address meet your business requirements, not just your security needs.
Contact us to learn how our security services can help you protect your most important assets today.
