ADVISORY SERVICES
Our Advisory capabilities help create programs that minimize risk and heighten preparedness.
Strategic Cyber Program Support
With decades of cumulative experience in security consulting, Lodestone’s Advisory team gives you the advantage of deep process, planning and regulatory support – when and where you need it. Whether pursuing key certifications or meeting regulatory requirements such as Health Information Portability and Accessibility Act (HIPAA), Protected Health Information (PHI) requirements, or those set by the Payment Card Industry Security Standards Council (PCI-SSC), our experts can help you be proactive about your security in a world where the risks are higher than ever. This includes customized assessments and professional guidance to identify your attack surface, strengthen your security policies, test your readiness, and provide training to your personnel to create layers of defense that protect your business and its critical resources long before a threat actor targets you.
CIS-18 Gap Analysis
Looking to reduce risk, become eligible for insurance coverage, or adhere to the latest security standards? Lodestone professionals are prepared to help set your organization up for success. We perform our CIS-18 Gap Analysis based on security controls you specify, such as Center for Internet Security 18 (CIS-18) Critical Security Controls (CSCs) or the Beazley Breach Response Questionnaire.
Through either remote or in-person interviews of subject matter experts and a limited review of documentation, technologies, and process across your environment, we get to know your environment and share our knowledge of insurance requirements and compliance standards with you. Any areas where controls are missing or could be enhanced are captured in a detailed report that can be used to remediate deficiencies and demonstrate a commitment to insurance or regulatory requirements.
Incident Response Plan Development
Lodestone’s Incident Response Plan Reviews and Plan Development services are designed to help organizations create a comprehensive incident response plan that addresses all aspects of incident response, from identification and containment to recovery and post-incident analysis. We work closely with our clients to ensure that their IR plans are easy to understand, easy to implement, and aligned with industry best practices and compliance requirements.
Lodestone leverages direct experience in handling all types of recent cyber-attacks, including ransomware, to ensure that your incident response plan is effective for today and tomorrows cyber-attacks.
SECURITY POLICY REVIEW AND DEVELOPMENT
A strong security posture begins with strong foundations. Whether your company already has a mature set of security policies in place, is just getting started, or possibly looking to acquire or merge with another entity, a detailed security review provides a clear understanding of your current state. Through a structured engagement we review your existing documentation, interview relevant stakeholders, and determine what changes can be made to enhance organizational governance.
Our experts support you throughout this process with a combination of bolstering existing documentation and creating new material from the ground up. Our experts will provide you with a robust portfolio of security policies and procedures and guidance on what changes we have recommended and why.
TABLETOP EXERCISES
Lodestone’s tabletop exercises combine realistic threat scenarios with our years of experience to test the strength of your company’s incident response plan. We partner with your key stakeholders to identify the exercises that best address the unique challenges your company might face in the wild. We examine your organization’s security infrastructure, including your staff’s ability to execute the incident response plan in place.
The engagement concludes with the presentation of a detailed report that details your company’s strengths and weaknesses, along with recommendations to improve your readiness for a real-world event.
VIRTUAL CISO
Is your company ready to step into the future with powerful cybersecurity initiatives? Lodestone’s virtual Chief Information Security Officer (CISO) service equips you with a direct line to a security expert who can remotely answer all your security questions, help define plans and programs, and can manage staff or priorities to supplement your existing organization.
Our virtual CISO will show you the optimal steps towards creating a security foundation that protects the keys to your kingdom and helps you retain the trust of your customers.
SECURITY AWARENESS TRAINING
The “human factor” is one of any organization’s least addressed, yet most significant security risks. With training and information we can empower your employees to identify and report suspicious activity in your environment and integrate best practices into their everyday work with minimal disruption.
Our training can be provided in person, virtually, or in a recorded format. We will also tailor our content and can incorporate customized exercises to cover all of the security topics that best suit your company’s interests and needs.
RANSOMWARE READINESS ASSESSMENT
Lodestone’s Ransomware Readiness Assessment is a focused assessment designed to help your organization detect, defend against, and recover from a ransomware attack. The Lodestone team has developed an assessment that includes a consultation to evaluate the critical controls that are essential in a ransomware scenario, and an external scan of your open systems. Detailed and realistic Table Top exercises can help convey the full extent of the risk, illustrate potential damages, and help prepare leaders for faster response.
Connect With Us
320 East Main Street
Lewisville, TX 75057
203.307.4984