Cybersecurity

Proactively protect and address your cybersecurity and information technology (IT) risks.

Related:

  1. Webinar

    Protecting you and your family business against cyber risks

  2. Conference

    2019 Association for Collaborative Leadership Conference

  3. Conference

    NYCFE 2019 Conference: Fraud investigation trends

Organizations need an accurate and objective view of their cybersecurity profile to safeguard information assets from theft, compromise and destruction and protect the organization's value.

    Proactively protect and address your cybersecurity and information technology (IT) risks.

    Over the past few years, the cyber-risk landscape has changed dramatically. Information assets have become a key business resource that fuels growth and provides competitive advantage. Organizations face a host of ever-evolving internal and external cybersecurity and information technology (IT) risks and threats that can reduce an organization’s ability to meet its objectives.

    Information assets and technology investments left ungoverned and unprotected leave organizations vulnerable to compromise and loss of reputation, revenue/value, customers and intellectual property. Couple these risks with the increasing demands for transparency, accountability and compliance by regulators, government entities, shareholders and others, and you have a perfect storm of risks.

    Today’s leading organizations proactively address these risks through well-governed and protected cybersecurity and IT management programs to ensure the secure and efficient exchange of sensitive and critical information.

    Baker Tilly’s cybersecurity specialists work with organizations to achieve measurable security enhancements and performance improvements, and reduce administrative costs. We will assess your organization’s risks, design controls and implement effective security and IT governance processes, all with the goal of improving technology use.

    Cybersecurity services

    Advisory

    • Strategic cyber advisory
    • Cybersecurity program design
    • Cybersecurity risk assessments and cyber health checks
    • Business continuity and disaster recovery planning and management
    • Breach response recovery preparedness planning
    • Technology risk services | Technology due diligence | IT project risk reviews and risk assessments | IT effectiveness assessments
    • Cyber insurance services | Pre-loss risk assessment | Cyber risk insurance analysis | Crisis claims consulting | Business interruption risk advisory | Supplier risk interruption (external risk)

    Assurance

    Operations

    • Virtual Chief Information Security Officer (VCISO)
    • Virtual Chief Technology Officer (VCTO)
    • Cybersecurity program implementation and management
    • Cybersecurity testing services | Integrated security testing | Vulnerability scanning | Penetration testing | Phishing testing | Business continuity and disaster recovery testing
    • Incident response services
    • Cybersecurity remediation services
    • Cybersecurity monitoring services | Managed SIEM service | Cyber hunting service | SIEM content/tuning service

    Education

    • Security education and awareness programs | Board security education | Cyber hygiene | Social engineering | Phishing | Ransomware
    • Simulation, exercises and war games | Board crisis exercises | Breach management | Tabletop exercises | Red team

    We address all of the following regulatory programs, customizing services to the client’s required needs: 

    • Defense Federal Acquisition Regulation Supplement (DFARS) for Cybersecurity
    • Family Education Rights and Privacy Act (FERPA)
    • Federal Information Security Modernization Act (FISMA)
    • General Data Protection Regulation (GDPR)
    • Gramm-Leach Bliley Act (GLBA)
    • Health Insurance Portability and Accountability Act (HIPAA)
    • International Organization for Standardization (ISO) 27001
    • Model Audit Rule
    • NAIC Insurance Data Security Model Act
    • National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)
    • New York Department of Financial Services (NY DFS) Cybersecurity Regulation
    • Payment Card Industry Data Security Standard (PCI DSS)
    We are making great headway on security policies, procedures and it’s measurable. Our exposed surface area for cyber-attack is smaller than it’s ever been.
    Director of Information Systems for a large insurance company