Whether you are required to comply with the FTC Safeguards Rule, PCI DSS, HIPAA, State Privacy Laws, NIST, or other requirements, SIG Cyber will partner with you to accurately scope your environment, determine the applicability of controls, and validate your compliance efforts.
Having a certified third-party organization attest to your security posture, demonstrates that you take security seriously and are meeting the applicable standards. This adds credibility to your compliance efforts and shows due diligence.
If your organization stores, processes, or transmits credit card information, you are required to adhere to the Payment Card Industry (PCI) Data Security Standard (DSS). SIG is certified by the PCI Security Standards Council (SSC) as a Qualified Security Assessor (QSA), allowing us to certify your PCI compliance efforts.
Education Institutes that collect or manage electronic protected health information (ePHI) are required to meet Health Insurance Portability and Accountability Act (HIPAA) requirements. SIG Cyber can help you determine whether you are meeting the requirements laid out in the Security Rule and prove to outside organizations that you are maintaining compliance.
The Cybersecurity Maturity Model Certification (CMMC) was developed to safeguard sensitive unclassified information handled by all contractors and subcontractors to the United States government. SIG Cyber can partner with you to assess your scope, ensure applicable requirements are met, and complete your required annual self-attestation.
The Federal Trade Commission’s (FTC) standards for safeguarding customer information, better known as the FTC Safeguards Rule, requires covered financial institutions to comply with a minimum set of security standards. This includes higher education institutions that accept financial aid, and non-compliance can result in steep fines for your school.
If your organization wants to demonstrate compliance with an industry-recognized standard, but does not fall into any of the above categories, the Center for Internet Security’s (CIS) Critical Security Controls may be a good fit. This internationally-recognized list of the most important security controls can be applied to your organization to demonstrate your adherence to information security best practices.
We understand that you are looking for a security expert.
SIG is a CREST-accredited penetration testing provider and is well versed in the specific student information systems that hold your institution’s most sensitive data. Our engineers are masters of their craft and hold industry leading certifications including:
* Certified Red Team Operator (CRTO)
* Cisco Certified Network Associate (CCNA)
* CMMC Registered Practioner
* CompTIA A+
* CompTIA Network+
* CompTIA PenTest+
* CompTIA Project+
* CompTIA Security+
* CREST-Accredited Penetration Testing Provider
* CREST-Registered Penetration Tester (CRT)
* CyberLock Cyber Essentials Plus
* EC-Council Certified Ethical Hacker (C|EH)
* EC-Council Certified Incident Handler (E|CIH)
* GIAC Certified Incident Handler (GCIH)
* GIAC Foundational Cybersecurity Technologies (GFACT)
* GIAC Information Security Fundamentals (GISF)
* GIAC Penetration Tester (GPEN)
* GIAC Python Coder (GPYC)
* GIAC Security Essentials (GSEC)
* GIAC Web Application Penetration Tester (GWAPT)
* HTB Certified Bug Bounty Hunter (HTB CBBH)
* INE Security: Certified Prof Penetration Tester (eCPPT)
* INE Security: Junior Penetration Tester (eJPT)
* INE Security: Web Application Penetration Tester (eWPT)
* INE Security: Web Application Penetration Tester (eWPTX)
* ISACA: Certified Information Secuirty Manager (CISM)
* ISACA: Certified Information Security Auditor (CISA)
* ISC2: Certified Information Security Professional (CISSP)
* ISC2: Info Systems Security Architecture Professional (ISSAP)
* OffSec Certified Professional (OSCP)
* OffSec Web Expert (OSWE)
* OffSec Wireless Professional (OSWP)
* PCI Security: Qualified Security Assessor (QSA)
* PeopleCert: ITIL Foundation
* SOC 2 Type II (SIG Cyber)
* TCM Partical Network Penetration Tester (PNPT)
