Services Summary

CyberEnsure provides a full range of information security management services to Fortune 1000 companies, government agencies, and regulated entities. These services include:

• Information Security Assessments
• Risk Assessments
• Policies Development

• Awareness & Education Programs
• Metrics
• PCI DSS Compliance

• ISO 27001 Registration Assistance
• Systems Development
• Research

Please contact us for a full presentation of our services.

The CyberEnsure Team
866-CYBER11 (866-292-3711) Toll-Free

PCI DSS Compliance & ISO 27001 Registration Assistance

PCI DSS Compliance. As a Qualified Security Assessor (QSA) for the Payment Card Industry (PCI), CyberEnsure will help you comply with the Data Security Standard (PCI-DSS). CyberEnsure will validate compliance and prepare all required reports, including the Report of Compliance, Compensating Controls Worksheet, and the Self-Assessment Questionnaire. CyberEnsure staff will work with you to reduce risks and compliance costs by eliminating unnecessary storage of credit card data where possible, strengthening existing controls, and implementing additional, required controls in a cost-effective manner. CyberEnsure employs the following seven-step process: (1) Identify registration requirements; (2) Credit Card inventory & flow analysis; (3) PCI controls applicability analysis; (4) Gap analysis (required vs. existing controls); (5) Mitigation Controls Plan & implementation; (6) Registration documentation & submission; and (7) Monitoring.

ISO 27001 Registration Assistance. To prepare you for ISO 27001 registration, CyberEnsure offers the following services: (1) the classification of information; (2) risk assessment; (3) establishment of the Information Security Management System; (4) creation of policies, Statements of Applicability and Controls, and other documentation required for registration; (5) a pre-assessment and gap closure; and (6) a pre-registration audit.

Please contact us for more information about how we can assist you.

The CyberEnsure Team

Security Metrics

Security professionals often use metrics to substantiate value to the organization, justify requests for additional funding, or demonstrate meeting certain objectives, like completing projects on time or applying security patches in a timely manner.

While having a plethora of data, many staff lack the time and expertise in representing data and utilizing appropriate benchmarks in ways that can be understood and accepted by audiences outside of their organizations.

CyberEnsure staff has the experience and methodologies to give meaning and "life" to your metrics program. We enhance a NIST-based approach to help our clients focus on elements that have been shown to be effective in organizations with successful metrics programs, including those supporting various ISO registrations.

Please contact us for more information about how we can assist you.

The CyberEnsure Team
866-CYBER11 (866-292-3711) Toll-Free

Information Security Assessment

Our core service is to assist our clients in developing defensible Information Security Programs that address legal and commercial requirements and are structured according to an international standard. Our assessment is a four-step process that results in an Information Security Plan:

Program coverage and effectiveness are measured against ISO standards 27001 and 17799. Legal and commercial requirements help determine the criticality of controls.
Opportunities for improvement are identified and grouped into project recommendations.
Project recommendations are prioritized in terms of increasing coverage and effectiveness, and addressing critical controls.
Projects are reviewed with management, and comprise the Information Security Plan, the implementation of which increases Program coverage and effectiveness.

Please contact us for more information about how we can assist you.

The CyberEnsure Team
866-CYBER11 (866-292-3711) Toll-Free