1. Home
  2. Solutions
  3. Cybersecurity
  4. Strategic Cyber Consulting

Strategic Cyber Consulting

Don’t collect what you can’t secure.
SIG offers strategic and tactical expertise to protect your valuable data and reputation.

SIG Cyber offers experienced cybersecurity consultants who add value to your organization by developing and managing your information security strategy.

Configuration Reviews
and Audits

Identifying vulnerabilities or opportunities for improvement within applied configurations for network devices, security-related devices, or host operating systems.

Security Program Development/vCISO

Providing dedicated vCISO resources to help with reviewing/writing organizational security policies or guiding your security program with a roadmap for improvement.

Customized
On-Demand Services

Providing cybersecurity expertise when needed. This includes risk assessments, Incident Response Tabletops, customized information security policy development.

Strategic Cybersecurity Consulting Services

We provide knowledgeable cybersecurity consultants who deliver value to your organization by helping create and manage your information security strategy. Services include:

  • Information security planning and management
  • Development and enhancement of privacy and security policies, standards, procedures, and guidelines
  • Assistance with vendor negotiations on key cybersecurity hardware, software, and managed service solutions (SIG does not resell hardware or software)
  • Performing risk assessments to evaluate security gaps and spending needs
  • Managing key security controls such as vulnerability management, asset protection, and security awareness
  • Incident response planning and response activities
Our training avoids the pitfalls of normal, generic security awareness training that puts employees to sleep. We do this by incorporating details from our experience and previous assessments. It highlights the ramifications to personal privacy, and organizational exposure. Our security awareness training will educate your employees to:
  • Identify common indicators of an attack
  • Understand ways to protect themselves
  • Recognize the bypass of security controls
  • Report potential incidents
Developing a secure IoT solution depends on a number of security considerations. This assessment will evaluate the IoT device and its associated infrastructure against common attacks. It can include an evaluation of the edge device, the gateway, the cloud infrastructure, and/or any mobile applications. Our engineers will evaluate your IoT Device utilizing the OWASP IoT Framework Assessment methodology.
Have a need not mentioned? Contact us today to customize an assessment or package to meet your security needs. Our engineers have a wealth of experience performing a wide variety of assessments, and we’re confident they can meet your needs. Let us know how we can help.
Comprehensive security policies written by security professionals. Our policies are designed to meet your compliance needs. And to optimize your business requirements. Some of the policies we can help with include:
  • Access Control Policy
  • Acceptable Use
  • Disaster Recovery Plan
  • Password Policy
  • Incident Response Plan
A firewall audit is a manual inspection of your firewall using the Center for Internet Security (CIS) benchmark and device-specific best practices. Our engineers will review the firewall rules, searching for overly specific rules, proper rule sequencing, or other gaps in your security posture. After the audit we will scan the network to validate the firewall’s effectiveness.
A formal risk assessment evaluates the threats to your organization, the vulnerabilities of your network, and the security controls you have in place to protect your network. A risk assessment correlates information from your security assessments and helps drive strategic decisions.
This assessment is an evaluation of your organization’s cloud infrastructure for security vulnerabilities. Our engineers will assist you in evaluating the unique security responsibilities associated with cloud computing. Individual services can include cloud application assessments, cloud infrastructure penetration testing, host/OS configuration audits, and cloud architecture reviews.

Expertise

We understand that you are looking for a security expert.

SIG is a CREST-accredited penetration testing provider and is well versed in the specific student information systems that hold your institution’s most sensitive data. Our engineers are masters of their craft and achieve industry leading certifications including:

* Certified Red Team Operator (CRTO)

* Cisco Certified Network Associate (CCNA)

* CMMC Registered Practioner

* CompTIA A+

* CompTIA Network+

* CompTIA PenTest+

* CompTIA Project+

* CompTIA Security+

* CREST-Accredited Penetration Testing Provider

* CREST-Registered Penetration Tester (CRT)

* CyberLock Cyber Essentials Plus

* EC-Council Certified Ethical Hacker (C|EH)

* EC-Council Certified Incident Handler (E|CIH)

* GIAC Certified Incident Handler (GCIH)

* GIAC Foundational Cybersecurity Technologies (GFACT)

* GIAC Information Security Fundamentals (GISF)

* GIAC Penetration Tester (GPEN)

* GIAC Python Coder (GPYC)

* GIAC Security Essentials (GSEC)

* GIAC Web Application Penetration Tester (GWAPT)

* HTB Certified Bug Bounty Hunter (HTB CBBH)

* INE Security: Certified Prof Penetration Tester (eCPPT)

* INE Security: Junior Penetration Tester (eJPT)

* INE Security: Web Application Penetration Tester (eWPT)

* INE Security: Web Application Penetration Tester (eWPTX)

* ISACA: Certified Information Secuirty Manager (CISM)

* ISACA: Certified Information Security Auditor (CISA)

* ISC2: Certified Information Security Professional (CISSP)

* ISC2: Info Systems Security Architecture Professional (ISSAP)

* OffSec Certified Professional (OSCP)

* OffSec Web Expert (OSWE)

* OffSec Wireless Professional (OSWP)

* PCI Security: Qualified Security Assessor (QSA)

* PeopleCert: ITIL Foundation

* SOC 2 Type II (SIG Cyber)

* TCM Practical Network Penetration Tester (PNPT)


Have Questions?
We look forward to hearing from you.