INFORMATION RISK MANAGEMENT

Spotswood Consulting has the information you need to keep your data 100% secure.

We are committed to helping our customers identify and mitigate the risks inherent in today’s interconnected environments and business processes. Spotswood Consulting realizes that when it comes to helping businesses protect their critical information assets, the stakes could not be higher.

Aimed exclusively toward the real-world information risk management requirements of small, midmarket and divisions of Global 1000 companies, Spotswood Consulting provides key consulting services and expertise in information security risk analysis, business continuity and disaster recovery planning, security compliance, incident response and data forensics, eDiscovery, and security event management services.

Spotswood Consulting is staffed with subject matter experts that have between 15 and 25 years’ experience to their credit and possess a list of certifications that include: CISSP (Certified Information Systems Security Professional); CISM (Certified Information Security Manager); CISA (Certified Information Systems Auditor); CSSA (Certified SCADA Security Architect); INFOSEC; and many other technical certifications, as well as Fellow of the Business Continuity Institute.

Spotswood Consulting’s team emphasizes the transfer of knowledge during each engagement. Spotswood Consulting welcomes your staff to observe our activities first hand as we discover root cause problems that may be exposing your critical data. We always employ methods that best address your primary business goals and objectives. This enables your staff to perpetuate an ongoing information security due diligence program based on our findings that are specific to your needs.

Spotswood Consulting will help you comply with existing and emerging regulatory requirements while advising you on how to maintain an ongoing security program that goes beyond basic compliance mandates. We know that although federal and state regulations provide a fundamental component of information security, by no means do they include all the requirements necessary to protect data. We will ensure you meet your compliance obligations and help you develop the privacy, audit, and risk management functions to secure your critical data.

Spotswood Consulting’s security experts will identify your organization’s potential areas of vulnerability and risk and address the following standards and regulations:

HIPAA – Health Insurance Portability and Accountability Act of 1996
HITECH Act – Health Information Tech­nology for Economic and Clinical Health Act
GLBA – Gramm-Leach-Bliley Act of 1999
FISMA – Federal Information Security Management Act of 2002
PCI DSS – Payment Card Industry Data Security Standards
SOX – Sarbanes-Oxley Act of 2002
FERPA – Family Educational Rights and Privacy Act of 1974
CA SB 1386 – California SB 1386 Security Breach Notification Act of 2003
And More

Contact us today to utilize our information risk management solutions and move your business forward.

WHAT WE OFFER

Information Security

From Web Application and Network Penetration Testing to a full Comprehensive Security Review, Spotswood Consulting will help strengthen the security of your network and operational infrastructure. We identify security exposures and define the actions needed to minimize threats.

Business Continuity

Business Continuity and resiliency are vital to the success of your business. Spotswood Consulting’s Business Continuity Services center on understanding your business processes in order to create and implement a strategy that ensures your assets are protected and your business will be able to continue in the event of a major disruption.

Incident Response

If you’ve been breached, time is of the essence. Your compromised data requires immediate response, analysis and recovery. Spotswood Consulting’s Incident Response and Computer Forensics team will identify point of entry, establish what information was compromised, and assist with the complication of your investigation.

MyCSO Services

MyCSO offers executives outsourced risk management service options that will reduce operating expenses while providing the resources they need to manage the company’s information risk more proactively, rather than reactively.