Establishing and maintaining a compliance program is a challenge for every organization. Every day anew rule or regulation is published, and by the time a company is up and running the landscape may have changed. Once organizations have achieved a certification, maintaining those controls can be equally challenging. Click on a service below to learn more about how we can improve your organization’s cybersecurity profile.
Every day a new rule or regulation is published, and by the time a company is up and running the landscape may have changed. Once organizations have achieved a certification, maintaining those controls can be equally challenging. We support clients with several standards and regulatory requirements including:
Our organization breaks these services into four primary areas:
ProCircular’s virtual Chief Information Security Officer (vCISO) service is a broad set of services to support a Client’s security and privacy program. ProCircular provides formality and organization of processes and practices to improve a Client’s security resilience. The principle purpose of vCISO is for ProCircular to assist in the overall security strategy, advice, and oversight for the Client.
This service is available as a yearly subscription and can help an organization make rapid improvements to their cybersecurity maturity. The vCISO categories are constructed to offer varying levels of service depending on the Client’s needs. The versions of the vCISO service are listed below:
We scan your repositories of information, whether database, infile systems or on the cloud, and help you to identify cyber, legal and regulatory risks. We work with you to classify the various types of data. At the end of the day your organization will understand their data, define its owners, determine the importance of the information, and reveal retention and regulatory requirements that may be necessary to safeguard and delimit its storage.
Our experts have a deep knowledge of a variety of the more pressing compliance and regulatory needs,and we’re able to help employees understand the expectations that these standards pose. A training course is typically three to five days onsite and can be tailored to a variety of audiences. ISO 27001, SOC2, PCI DSS, HIPAA, HITRUST, NISTEU and International Privacy, Privacy Shield, FISMA, GLBA, FERPA, COBIT, SSAE16 are all standards that we support both for audits and implementation.
This subscription based model ensures that once you organized yourcybersecurity efforts, you’re able to continue to protect your investment and adapt with the changingthreat landscape.
If these requirements aren’t met, insurance organizations may decide not to pay in the event of a breach, leaving the client with a significant bill. With this evaluation, we read through the policy with the client and establish both strengths and potential risks. After completing there mediation, a company can confidently purchase a cybersecurity policy knowing that they have a much higher likelihood of collecting in the event of a breach.
Our Security in a Box solution provides the core pieces of a security program to help IT departments get started. ProCircular performs a vulnerability assessment and uses those results to inform five hours of consulting on the direction that the program should take.
We’ve also assembled a core set of policy and strategy documents needed to stand up the most important components of any security program – overall security strategic guidance, incident response,mobile device management, document retention, etc. Each has been built from best practices at SANS and NIST and is written in a human readable and actionable format.