Identifying and prioritizing your IT Security initiatives to align with your key business strategies

DO YOU HAVE A PROACTIVE SECURITY PROGRAM?

In our pursuit of helping our customers make qualified risk based decisions, the primary goal of our security consulting practice is the development of proactive security programs. Using tried and true techniques, security best practices, cyber security frameworks, and proprietary risk management models, we can help you develop an Information Security Program custom tailored to your specific business needs.

With LATUS by your side, you will be able to better ASSESS your existing security environment, PLAN based on risk management principles, and IMPROVE your security posture through process and policy maturity.

ASSESS

LATUS provides a variety of assessment services that help you gain valuable insight to your current security posture. Whether you want to start with a high level review or a comprehensive enterprise analysis, we have an assessment framework that can map to your business and industry requirements.

Architecture Review

Reviews your security controls throughout your IT landscape against leading industry threats, identifies gaps and risk mitigation opportunities

Compromise Test

We will use detection tools and the malware killchain to identify if your company is compromised by monitoring internal and egress traffic, and confirm if you need better malware prevention solutions.

Vulnerability Assessment

Identifies your potential weaknesses from an attacker perspective, can be performed externally and internally, often required for compliance requirements.

Process Maturity Assessment

Identifies your process capability against a selected control framework, provides objectives for addressing maturity gaps

Penetration Test

Confirms your weaknesses and validates your controls from an attacker perspective, provides an action plan to address findings, required annually for regulatory compliance

Enterprise Security Assessment

Identifies your security organization’s strengths and weaknesses using a risk framework and methodology

PLAN

Whether you start with one of our assessments or bring us your existing findings, we can help transform those findings from a list of static results into a living Security Roadmap. This Roadmap becomes a communication tool between the business and IT to facilitate strong executive driven decision making and cost justification.

IMPROVE

Now that you’re ready to improve your security capabilities, LATUS can help you with advisory consulting, technology integration, and operational support.

RISK MITIGATION

With the intent of strengthening your security strategies, LATUS can address your immediate gaps and enrich your existing security capabilities through our focus on your Programs, Policies and Processes.

Information Security Program
  • Security Roadmap: showing the path from current state to a future state to support the business and measure the security ROI.
  • Vision, Mission and Values: specific to security and aligned to the business.
  • Risk and Control Matrix: technology aligned with security processes and prioritized to business benefit/impact.
  • Security Roles & Responsibilities: RACI chart with identified qualification requirements per role.
  • Information Security Processes
  • Vulnerability Management, Incident Management, Threat Management, Patch Management, Asset Management, Configuration Management, Endpoint Security, etc.
  • Re-engineered and documented to match policies and security functions.
  • Aligned to standards (NIST) and best practices.
  • Defined workflows reflected by a customer’s real-world performance.
  • Custom workbooks tailored to your business needs.
  • Information Security Policies
  • Supporting business objectives, enforceable and measurable for compliance Framework-based (ISO-27002,COBIT)
  • Critical Asset Inventory: map of Critical Assets across the IT Landscape
  •  

    LET’S CONSULT.

    Contact Us

    InformationSecurity Standards

    ISO-27002, COBIT, NERC/FERC, FISMA, PCI-DSS, HIPAA, Meaningful Use, NIST Cyber Security Framework, SANS Top20 Cyber Security Controls, HITECH, FDA, GLBA, Red Flags, FINRA, SEC, SOX, SSAE16 SOC 2