Cornerstone Information Security was founded to help companies like yours navigate the worlds of cybersecurity and compliance. With nearly 30 years of experience, at Cornerstone we know that one size does not fit all when it comes to developing and managing an Information Security program. You need to have a program to meets the unique needs of your organization and helps you to achieve your goals and objectives. Whether it’s simply reviewing your existing security policies to guide your company’s programs, assessing the effectiveness of your security, or helping you develop a cybersecurity program from scratch, we can help.
Cornerstone’s virtual CISO (Chief Information Security Officer) service gives you access to a CISO when your business may not be ready to commit to a full time role. We will customize the service level to meet your needs. This is usually preceded by a Security Assessment or IT/Information Security Strategic Plan.
Information Security Strategy and Planning
Information Security has become a complex effort requiring a strategic approach. Cornerstone can help your company create an information security strategy and a plan for successful implementation. Cornerstone can help you identify your needs for Prevention, Protection, and Detection & Response. We will work with you to create a plan that is proactive, clear, and aligned to your business goals.
IT Security Compliance and Audit
Preparing for a regulatory audit can be daunting task. Whether you need help organizing the work, performing a pre-audit self-assessment, or you need someone to help you throughout the process, Cornerstone can help. We will work with you to determine the scope of the work you need and develop a statement of work based on specific deliverables so you know what you will be getting and how much it will cost.
Security Program Assessments
Whether you need to start an information security program from scratch, or you would like to make sure the program you have is working on the right things, Cornerstone can help develop or improve a program that will work for your organization. We can help you to align your program to well known security framework, such as NIST, to ensure that your security activities follow best practices and provide you with a common frame of reference to view your program.
Policy Review and Development
The foundation of your information security program is a set of security policies that fit your organization’s needs. They are the drivers of security activities that are necessary to protect your organization’s critical systems and information. Strong security policies also provide a fundamental component of any compliance program. At Cornerstone, we will help you develop security policies from scratch that make sense for your organization, or review and update your existing policies.
Incident Response Plan Development
Systems are under attack every day by malicious actors from criminals to state sponsored cyber attacks. To minimize the impact of an information security incident to your organization and allow you to get back to work as quickly as possible, Cornerstone can help develop a plan to respond to, and if needed, recover from an incident.
Security Awareness Program Development
A workforce that is trained to protect your systems and information is your organization’s best defense against a cyber attack. From understanding how to detect a phishing attack to safely browsing the web to understanding your security policies, Cornerstone can help develop security awareness training to make sure your workforce is prepared to protect your information assets.
Whether you need help establishing a compliance roadmap, or developing remediation plans for you most recent audit, or a security assessment focused on a particular areas of your organization or technology, custom information security services can be tailored to meet your organization’s needs.