• Where Do I begin to create a security program?

    Who keeps track of the federal laws, regulations, and industry standard practices that apply to your business? Creating and maintaining a security program can seem daunting, if not impossible, once you start reading the mountains of documentation surrounding the various security standards. (NIST, NSA, HIPAA, PCI, ISO, etc.)

  • An Effective Security Program

    According to SANS and GAO there are 5 main elements that make up an effective security program, you must:

    1. Periodically Assess Risk
    2. Document an entity-wide security program plan
    3. Establish a security management structure and clearly assign security responsibilities
    4. Implement effective security-related personnel policies
    5. Monitor the security program’s effectiveness and make changes as necessary

    In addition, to be truly effective, we believe that any security plan should also meet these three goals:

    1. Security must be simple, or users won’t follow it
    2. Security awareness training for non-IT staff is essential
    3. Security must become second nature to IT staff

    Source

  • How We Can Help

    Securit360 will help you measure your current security programs, advise you on best practices, standards and regulations, and train you and your employees with what they need to know in order to implement and maintain an effective security program.  We have analysts with years of security and IT related experience.  We know security really well, but we know more than just security.  We have years of experience dealing with a number of industries including healthcare, technology, professional services, utilities, finance, and more.  This means we have detailed knowledge of the various regulations that come with each of these: HIPAA, SOX, GLBA, PCI, and much more.