844-95-SECURE
Login
New-Website-Logo-ShadowNew-Website-Logo-Shadow
  • About ProCircular
    • Careers
    • Our Core Values
    • Our Partners
  • Where’s Your Risk?
    • People
    • Technical
    • Compliance & Governance
    • View All Solutions
  • What’s Your Role?
    • Executive Management
    • Legal Counsel
    • IT Professional
    • Security Professional
    • Financial Professional
    • View All Solutions
  • Blog
  • Contact

View All Solutions

Solutions

Here you can find an expansive list of ProCircular’s cybersecurity solutions. You can click on any specific service option below to learn more about how ProCircular can improve your organization’s cybersecurity profile and speak to an expert if you have any questions.

Jump to: Consulting, Education, Assessments, Cybersecurity Products, or Cybersecurity Packages

Consulting

null
Virtual CISO

ProCircular’s virtual Chief Information Security Officer (vCISO) service is a broad set of services to support a Client’s security and privacy program. ProCircular provides formality and organization of processes and practices to improve a Client’s security resilience. The principle purpose of vCISO is for ProCircular to assist in the overall security strategy, advice, and oversight for the Client.  This service is available as a yearly subscription and can help an organization make rapid improvements to their cybersecurity maturity.The vCISO categories are constructed to offer varying levels of service depending on the Client’s needs.The versions of the vCISO service are listed below:

Partner – The “all-in” approach. ProCircular acts as a complete CISO for the duration of the subscription.
Transitional – The “interim” approach. ProCircular assumes temporary continuation of anexisting security program while a new CISO is integrated.
Supplemental – Our “support” option. ProCircular provides expert assistance to support an existing CISO, adding to the CISO’s operational reach and capabilities without adding staff.
Advisory – Security advisor for the CEO or the expert partner to the organization. ProCircular delivers security-related insight directly to executives, providing expert advice and guidance to inform strategic business decisions.
Learn More
The reduction of risk is a transformation process and requires measurement and monitoring.
null
Data Scanning & Classification

We scan your repositories of information, whether database, in file systems or on the cloud, and help you to identify cyber, legal and regulatory risks. We work with you to classify the various types of data. At the end of the day your organization will understand their data, define its owners, determine the importance of the information, and reveal retention and regulatory requirements that may be necessary to safeguard and delimit its storage.

Learn More
Take an inventory of your organization’s data, understand its value, and categorize how it should be protected.
null
M&A Due Diligence Support

ProCircular’s leadership has been involved in transactions large and small. We’ve seen the benefits from well prepared organizations and the downside from inheriting companies with major cybersecurity and IT risks. Our team has a standardized approach to analyzing an organization’s cybersecurity, IT, and privacy risks and can use the outcome to inform a valuation or M&A integration sizing project.

A relatively short, intense engagement with our consultants will shed light on those parts of due diligence that might only surface after a transaction is completed.

Learn More
Shed light on those parts of due diligence that might only surface after a transaction is completed.
null
Compliance & Regulatory

Every day a new rule or regulation is published, and by the time a company is up and running the landscape may have changed. Once organizations have achieved a certification, maintaining those controls can be equally challenging. We support clients with several standards and regulatory requirements including:

Our organization breaks these services into four primary areas:

Benchmarking
ProCircular evaluates an organization’s maturity by comparing current business processes and the existing business state to industry best practices. ProCircular documents the current landscape and builds a clear picture of an organization’s compliance capabilities and gaps.
Strategy
ProCircular can help create a strategy that moves an organization beyond their current level of maturity and up to the level required by regulatory bodies or customers. We can also aid in successfully implementing any changes to ensure that employees are all helping to achieve the goals of the project.
Preparation
Organizations that have already received a pre-audit and need help understanding the results can use this set of services to establish the next logical steps. We interpret the findings, prioritize critical next steps, and establish well-documented controls to clear the path towards certification.
Remediation
Once we’ve established where an organization needs to go, we provide solutions to help make rapid progress, either directly or recommend capable partners to help make rapid progress. Whether gaps are in controls, policy, process or technology, we’ll coordinate with the team to clear the way towards compliance.
Learn More
Establishing and maintaining a compliance program is a challenge for every organization.
null
Incident Response

We prepare an incident response plan with each client ahead of time, and our engineers are ready to travel onsite and manage the situation. We work closely with our partners at Vestige to ensure that chain of custody and data integrity is maintained, and the process of remediation addresses both short term and long term needs.

Once a breach has been contained, we work with the client to address root causes and ensure that the problem can’t arise again. This may include working with the client’s insurance providers, law enforcement, and other third parties on behalf of the client.

Learn More or Get Immediate Assistance
ProCircular offers 24/7 IR to ensure that organizations we protect are prepared in the event of a breach.
null
Custom Consulting Services

If your organization needs to cherry pick from our broad range of cybersecurity or privacy services, we will build custom programs to deliver what you need to make progress. Our team has a diverse set of industry and technology experience that we can blend to meet your needs. These custom consulting services are available in a variety of forms:

  • Staff Augmentation
  • Hourly or fixed-bid (on a case by case basis)
  • Knowledge transfer and education
  • Integration into larger team projects (ERP, CRM, etc.)  
Learn More
We attempt to bundle our expert services to fit all of your cybersecurity needs, but we understand that your requirements may be unique.
Back to Top

Education

null
Security Awareness Training

While it’s important to have IT, InfoSec, and management keenly aware of the latest threats, many of the major challenges share themes that employees can spot and avoid if properly trained. ProCircular’s employee awareness training enables those closest to the problem to identify and prevent threats. Our program is different in that it’s paired with a vulnerability assessment. It’s conducted in person with the employees who need the training most, allowing them to share their experiences and hear how to best defend against your unique risks from an expert.

The results of this assessment inform the content, shaping the training around the unique risks to the organization. We draw from a common body of materials developed in house, work with management to pick out the top regulatory or business needs, and craft an interactive training session that truly engages the employees.

Learn More
Bringing employees to the defense of an organization is one of the most effective means of protecting it.
null
Ongoing Security Training

The package consists of an ongoing subscription to consistently remind employees of the importance of security. We send a monthly newsletter and employees receive online training on a new subject each month. We also offer a subscription based program that tests a client’s employees on an ongoing basis to make sure that they continue to apply what they’ve learned.

Instead of being made to feel foolish, employees that inadvertently fall victim to these attacks are automatically enrolled in training, ensuring that they’ve been provided the tools to better protect the organization.

Learn More
This online solution is a perfect follow-up for our Onsite Security Awareness Training.
null
Compliance Training

Our experts have a deep knowledge of a variety of the more pressing compliance and regulatory needs,and we’re able to help employees understand the expectations that these standards pose. A training course is typically three to five days onsite and can be tailored to a variety of audiences. ISO 27001, SOC2, PCI DSS, HIPAA, HITRUST, NISTEU and International Privacy, Privacy Shield, FISMA, GLBA, FERPA, COBIT, SSAE16 are all standards that we support both for audits and implementation.  

Learn More
Help employees understand the expectations of compliance and regulatory standards.
Back to Top

Assessments

null
Vulnerability Assessment

This is an excellent first step in establishing the relative risks that an organization may have for a modest investment, and often precedes a penetration test or an IT risk assessment.

  • Online Presence – We’ll take a close look at the company’s website and sites that we can associate with the organization. We scan those systems using modern tools for thousands of vulnerabilities and weaknesses.
  • Network Security – We’ll apply similar tools to the border security to deduce what the organization looks like to the Internet. This often uncovers Internet-facing devices, out-of-date hardware and software, and frequently a few other surprises.
  • Social Presence – This step analyzes a few of the places where the organization is visible online and what sort of data can be easily assembled from what they’ve posted.
Automated Quarterly:

We’ve combined the power of a variety of different tools and automated the execution of the test and delivery of the reporting so that all you need to do is to check your email. Every quarter you’ll receive a complete scan of the computer system you’re required to monitor and a report that fits your specific regulatory requirements.

Learn More
Enumerate an organization’s external risks and ensure quarterly tests are done on time and meet your needs.
null
Social Engineering

It is much easier to compromise an organization’s individual accounts to steal information in the target’s name rather than to breach a complex border defense or website. ProCircular takes on the role of the hacker and uses a variety of methods to gain access to information. This includes phishing via email, impersonation and manipulation over the phone and in-person social engineering.

Learn More
A common method of gaining access to an organization’s information, and typically a hacker’s first steps.
null
Application Security

Our testing methodology is consistent, reproducible, rigorous, and performed under quality control to ensure an actionable outcome. We can translate standards like OWASP into a prioritized list of remediation steps that your development team can follow. Our team has decades of software development experience,and can improve not only your applications but your SDLC and Agile software development process to include security as a part of your regular development.

Using a combination of tools and experience we’re able to test all aspects of an application’s security, whether it’s on the web, an SaaS service, or a client based system. ProCircular combines penetration testing, code review and discussions with your development teams to build a plan that helps you to deal with existing challenges and reduce future weaknesses in your applications in a way that fits your unique budget, resources and timeline.  
Learn More
Our software security team can help you test any number of application types to improve their security.
null
Penetration Testing

IT Security Compliance regulations and guidelines (GLBA, NCUA, FFIEC, HIPAA, etc.) require an organization to conduct independent testing of the Information Security Program to identify vulnerabilities that could result in unauthorized disclosure, misuse, alteration or destruction of confidential information, including Non-Public Personal Information (NPPI).

An External Penetration (pen) test simulates the actions of an attacker and usually employs all means necessary to compromise a system from outside of the network. It actively exploits vulnerabilities turned up in an assessment, and validates their severity. It may also include an attempt to access other data or computer systems once the target has been compromised, bringing to light the potential data or systems that could be attacked once the hacker is inside of the company. 

An Internal Penetration test works from inside of the organization it helps you to understand the internal systems that may be at risk from a hacker or a rogue employee.

These tests can help to identify data that’s left out in the open, systems that may have dropped off of the radar of the IT department, or inter-company weaknesses that allow remote offices to gain access to systems they may not need. It often incorporates both the physical network and the wireless network, and presents a more complete picture of an organizations overall cybersecurity risks. Both tests result in a deliverable with extensive information that allows you to take action. This report includes a list of recommended next steps and organizes the findings by likelihood and impact. Together with the client we evaluate relative priority and act to resolve issues, transfer the risk or bring in the requisite third party.

Learn More
Help identify data that is left out in the open with internal & external penetration tests.
null
IT Risk and Maturity

This program works well for management that has just joined an organization, taken over a new department, or for the group that needs to get a handle on their existing commitments. The primary goal of the risk assessment is to document the existing state of the IT organization and its risks. This program collects the relevant documents around strategy, builds an inventory of existing systems, applications, hardware, software, processes and procedures. This program includes analysis of the following areas:

  • IT strategy plan and roadmap
  • Cloud guidance and strategy
  • Asset management review
  • IT skills assessment
  • IT budget and cost savings
  • 3rd party & vendor risk management
  • Backup configuration and preparedness
Learn More
Help baseline existing status for new management or groups that need to get a handle on their commitments.
Back to Top

Cybersecurity Products

null
Security Information & Event Management (SIEM)

ProCircular has partnered with AlienVault (AV)  to provide a mid-market solution to Security Information and Event Management (SIEM) to our customers. This AlienVault product is an excellent fit for our mid-market organizations at a fraction of the cost of its competitors. They provide asset discovery and inventory, vulnerability assessment, intrusion detection, behavioral monitoring and log management for integration with other systems.

This infrastructure is hosted on ProCircular’s systems at Involta and can automatically notify customers and our engineering team of issues.

Learn More
Proactively detecting security threats before they’re able to do harm is a cornerstone of a quality security program.
null
Data Loss Prevention (DLP)

Using a variety of tools, including both commercial and off-the-shelf applications, ProCircular can help you to implement an all in one DLP solution.

These will enable you to monitor, discover, and prevent data leakage from within your organization. You can block any data flow containing credit card numbers, Social Security numbers, or any sensitive information and tailor it to your organization. Secure the flow of traffic to the web, email, printers, removable devices, or cloud storage systems.
Learn More
Using a variety of tools, we can help you to implement an all-in-one DLP solution.
null
Device Threat Detection

A single piece of hardware is placed at each location and can begin collecting data. An asset list is built of devices using wireless, Bluetooth, and physical networks. Once the collection is complete, the company can white-list the‘known devices’ and alerts are sent through the Pulse monitoring service identifying rogue devices, access points, and computers. It’s a perfect tool both for monitoring and assessment and ProCircular will also use the tool in our reconnaissance for internal penetration testing.

Learn More
An excellent tool for organizations with distributed systems or a wide variety of devices.
null
Password Management

ProCircular has partnered with LastPass for personal and enterprise password management. From safely storing passwords to manage employee permissions, LastPass removes standard password obstacles. It provides a method of securely managing and sharing passwords and audits password strength and duplication. It’s easy to use, and while the margins and price point are all very low, the solution is a major part of securing any organization.

Learn More
Easily and securely manage and audit password strength and duplication.
Back to Top

Cybersecurity Packages

null
Cybersecurity Wellness Package

This subscription based model ensures that once you organized your cybersecurity efforts, you’re able to continue to protect your investment and adapt with the changing threat landscape.

  • Enterprise Password Management – Secure the weakest link, your employees’ access
  • Quarterly Vulnerability Assessment – Keep abreast of new threats
  • Pwnie Express SIEM Monitoring – Prevent rogue devices from entering the network
  • Online Security Awareness Training – Bring employees to the defense to protect the organization
  • Incident Response Planning – Secure your access to experts and be ready to respond
Learn More
ProCircular has bundled the most critical elements of a continuing cybersecurity program to simplify the ongoing needs of any organization.
 
null
Security in a Box

Our Security in a Box solution provides the core pieces of a security program to help IT departments get started. ProCircular performs a vulnerability assessment and uses those results to inform five hours of consulting on the direction that the program should take.

We’ve also assembled a core set of policy and strategy documents needed to stand up the most important components of any security program – overall security strategic guidance, incident response, mobile device management, document retention, etc. Each has been built from best practices at SANS and NIST and is written in a human readable and actionable format.

Learn More
Get expert strategic guidance taking the first steps setting up your organization’s security program.
 
null
Cyber Insurance Readiness

Much like an audit against a fixed standard, understanding the requirements of a cybersecurity policy can be a daunting challenge. If these requirements aren’t met, insurance organizations may decide not to pay in the event of a breach, leaving the client with a significant bill.

With this evaluation, we read through the policy with the client and establish both strengths and potential risks. After completing their mediation, a company can confidently purchase a cybersecurity policy, knowing that they have a much higher likelihood of collecting in the event of a breach.

Learn More
Clearly understand and fulfill the requirements of a cybersecurity policy.
 
Back to Top

Want to chat more with us about cybersecurity for your organization? An expert will gladly talk details about any of our cybersecurity solutions.

Contact us
Leave no stone unturned. Protecting your company’s most valuable assets.

What’s Your Role?

  • Executive Management
  • Legal Counsel
  • IT Professional
  • Security Professional
  • Financial Professional

Find us on:

Facebook
Twitter
Google+
LinkedIn
About ProCircularWhere’s Your Risk?What’s Your Role?BlogContact
Copyright 2017 ProCircular
This site uses cookies: Find out more.