BEFORE HACKERS DO
SPOHN CYBER SECURITY CONSULTING
We handle everything from basic penetration testing to performing holistic enterprise-level security assessments for complex organizations. Our expert certified consultants use common tools and methodologies to identify vulnerabilities that could be exploited by hackers to compromise data and systems critical to your success and profitability. Once identified, our team will provide documentation and recommendation on steps toward remediation that you can act on today to improve your security posture.
Find out where you stand with our holistic, in-depth enterprise security assessments. This provides you with an unbiased third party validation, an assessment of your security posture, and prioritization of your needs.
Primarily focused on your internal IT data security and technical vulnerabilities, the NSA is an unbiased, in-depth assessment of your security controls – this is what most people believe is where cyber security begins and ends.
A penetration (or "pen") test occurs when ethical or White Hat hackers simulate an attack on your applications, databases, websites, servers, network devices, and computers. A pen test determines the feasibility of an attack, the possible impact that attack would have, and the cost of a successful exploit.
Every business has risks to critical applications that could lead to potential downtime and lost productivity. Our team does the heavy lifting that is required for the creation of a comprehensive BCDR plan.
Firewall security reviews are important because they identify vulnerabilities that cannot normally be detected through network penetration tests and black box network assessments. In the rush to keep your users happy sometimes things get missed, forgotten or overlooked – a mistake in this section of cyber security could be disastrous.
Social engineering is a subset of penetration testing that focuses on identifying and validating vulnerabilities associated with your employees' ability to follow documented policies and procedures and security best practices.
Be prepared for security audits. Meet or exceed compliance and regulatory requirements of industry or government standards for data security. Spohn Consulting provides gap analysis, audits, and reports on compliance.
- NIST 800-53, FDCC
- SOX, GLBA, SAS-70
Formal Network or Data Security Policies are a part of most regulatory compliance audits including NERC, HIPAA, PCI and HITECH. These policies are frequently overlooked, simply inadequate or worse yet violate security best practices.
Our experts can help you evaluate or craft policies that will meet or exceed regulatory compliance for Security Training to HR Personnel to Change Management Policy.
This is one of our key strengths and core competencies. We are experts at evaluating your policies, procedures and security practices against HIPAA Security and Privacy Rules. Spohn delivers the results in a professional document package crafted by the same professional auditor that performed the scans, reviewed your policies, assessed your system configurations, and interviewed your personnel.
For any Health Care provider wanting to receive the incentives or avoid penalties, the only option is to increase compliance. To receive the incentive funds available through the provisions of the HITECH Act – you must meet all Meaningful Use provisions by specific dates.
- FFIEC – Handbooks
- GLBA Act
- Board of Governors of the FRS
- Office of the Comptroller – Currency
- NCUA Administration