top of page

Business Cyber Security Solutions

Are you in compliance for
your Cyber Security needs?

We can get you into compliance and keep you safe! 

Did you know?

Your IT people cannot protect your corporate information, even if they do their jobs perfectly.

Here’s what can.

Protecting your corporate information is not just an IT matter. It goes beyond firewalls and anti-virus software. After your IT people do everything they should to protect your data, thieves can still steal it. To really protect it, you have to add company-wide security policies and physical security precautions.

shutterstock_2149236663.jpg
shutterstock_2136788117 (1).jpg

Here are the steps you need to take to make your data truly secure.

BCSS can help you take any or all of them.

Choose the proper security framework

First, you have to decide what “secure” really means for your company. Your security framework is your roadmap. It shows you where you are now, where you need to be, and how to get there. If you don’t have the framework, you can’t really answer the question, “Is our information secure?” BCSS can help you choose the right security framework based on the widely-used framework written by the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST). (NIST standards are vendor-neutral; they aren’t trying to sell you a single thing.) Some businesses don’t need to choose a framework because they have a security framework imposed upon them; either by an industry association, PCI, regulations like HIPAA, or by customers who are increasingly demanding tighter data security from their vendors. If that’s the case, we can help you navigate that framework, understand exactly which parts apply to you and show you the easiest, most efficient ways to comply with them. Part of choosing a good security framework is a decision about your risk tolerance. Some companies need to be absolutely as tight as possible. For others, that doesn’t make economic sense. We can help you decide where to set the bar. Once you have a security framework and you know your risk tolerance, the next question is: Who’s going to be responsible for this?

Decide who will “own” security

Protecting your information requires decisions at a level higher than IT—decisions by people with the authority and the spending power to back them up. You need to appoint a Security Officer. It need not be a technically-trained person. Working with a team that includes HR, Finance and IT, your Security Officer’s job is to understand the security framework and make sure everyone is living by it. The Security Officer can’t be a consultant. It has to be someone inside the company and high enough up to give direction to all departments. If your company’s systems grow to a certain size and complexity, you will also need a Chief Information Security Officer (CISO) who is trained in both security and IT management. This job can be filled by a consultant, and because the mean salary for CISO’s is over $200,000,1 many companies use part-time consultants as “virtual” CISO’s. BCSS can provide someone with long experience as a CISO to do it for you. Never stop working on security Security isn’t a solution you boot up and leave alone. Your people, your customers, your technology, laws, and the power and sophistication of cybercriminals are changing all the time, so your way of protecting your data has to change with them. Security is not an end-point, it’s a process with three different phases that must be continually repeated: Assessment, Remediation, and Monitoring. BCSS can handle any one or all three of them for you.

shutterstock_1590824917.jpg

Phase One

Assessment

The assessment answers the questions,

“Are we living up to our security framework? And if not, what needs to change?”

Physical security:

We’ll physically search for ways that someone, anyone, could get the information they should not be allowed to have.

Virtual security:

We’ll search your network with vulnerability scanning software tools. 

Security policies and procedures:

We’ll search for risks by asking questions about how things are done. 

A security assessment needs to be done every year (or perhaps more often) because the risks are always changing and because people get complacent.

shutterstock_1930752182 (1).jpg

Phase Two

Remediation

To begin the remediation phase, we’ll make a basic plan for neutralizing the risks that were uncovered in the assessment.

We’ll discuss the remediation plan with your Security Officer, and you’ll need to decide who will tackle each remediation task. If your internal team has the time and expertise, they can do it all. If not, we can do it all or we can collaborate with your people and divide up the tasks. In any case, we can serve as your project manager to make sure the work gets done right.

Remember that remediation isn’t just fixing the technology; you need to get the business practices right, too — security awareness training, procedures for on-boarding and terminating, checks and balances to make sure your people are walking the walk, and many others.

Security Room

Phase Three

Monitoring

Monitoring is needed because security is a moving target. What kept you safe last month, may not work this month.

Different companies need different levels of security monitoring. The most basic level would be to refresh the security assessment each year. Beyond that, you might need to add more advanced firewalls, security monitoring systems, login systems, intrusion prevention systems or other proactive scanning systems. If your organization is subject to compliance rules like HIPAA or PCI, or you hold very sensitive data, you may need to outsource monitoring to a Security Operations Center (SOC) with full-time security people who have more training than most IT people.

BCSS can set up any level of monitoring for you, from basic to maximum. And we can connect you with top-level SOC’s and manage their service to you.

Get Expert Help

Because your safety matters to us.

Vector Image

Highly Trained Security Experts

Ron Searle, President, and founder of BCSS has masters degrees in project management and business and 30 years in IT work. He has served dozens of companies as Virtual Chief Information Officer.

Vector Image

Good Security Saves Money

You may never suffer the disastrous kind of data breach that puts you out of business, but even a “little” breach can cost hundreds of IT man-hours cleaning up the mess — many times the cost having BCSS prevent the mess in the first place. Note that in a study of 419 companies that experienced a breach, the average cost was $3.62 million.

Vector Image

Family of Companies

Our sister companies do IT management, cloud computing solutions and cost reduction studies. BCSS could save you a lot of time and money if you need those services because we would already be familiar with your IT systems and your company’s ways of working. And there’s no obligation to use our sister companies.

Vector Image

FREE Consult

Tell us your security worries, and we’ll give you a proposal on how we might be able to help. It’s free.

Call us at (847) 430-4900 to discuss

your CyberSecurity needs.

shutterstock_1419975833 (1).jpg
Contact

Call Us Today
Hackers work from every time zone.

(847) 430-4900

shutterstock_613463996.jpg
shutterstock_1007427868.jpg

We look forward to serving your CyberSecurity needs

Thanks for submitting!

bottom of page