Proactively protect and address your cybersecurity and information technology (IT) risks.


  1. Conference

    NYCFE 2019 Conference: Fraud investigation trends

Organizations need an accurate and objective view of their cybersecurity profile to safeguard information assets from theft, compromise and destruction and protect the organization's value.

    Proactively protect and address your cybersecurity and information technology (IT) risks.

    Over the past few years, the cyber-risk landscape has changed dramatically. Information assets have become a key business resource that fuels growth and provides competitive advantage. Organizations face a host of ever-evolving internal and external cybersecurity and information technology (IT) risks and threats that can reduce an organization’s ability to meet its objectives.

    Information assets and technology investments left ungoverned and unprotected leave organizations vulnerable to compromise and loss of reputation, revenue/value, customers and intellectual property. Couple these risks with the increasing demands for transparency, accountability and compliance by regulators, government entities, shareholders and others, and you have a perfect storm of risks.

    Today’s leading organizations proactively address these risks through well-governed and protected cybersecurity and IT management programs to ensure the secure and efficient exchange of sensitive and critical information.

    Baker Tilly’s cybersecurity specialists work with organizations to achieve measurable security enhancements and performance improvements, and reduce administrative costs. We will assess your organization’s risks, design controls and implement effective security and IT governance processes, all with the goal of improving technology use.

    Cybersecurity services


    • Strategic cyber advisory | Board of directors, C-suite
    • General Data Protection Regulation (GDPR) readiness and implementation
    • Cybersecurity policy and program development
    • Cybersecurity risk assessment
    • Breach response preparedness planning
    • Cybersecurity/privacy compliance readiness, including: PCI DSS, HIPAA, NIST, FERPA, GLBA
    • Pre-loss risk assessment
    • Cybersecurity risk insurance analysis
    • Crisis claims consulting
    • Business interruption risk advisory


    • Virtual CISO
    • Cybersecurity program design and implementation
    • Security operations staffing services
    • Integrated security testing services
    • Penetration testing and vulnerability scanning
    • Cyber hunting services
    • SIEM content/tuning services
    • Incident response service | Retained and on-demand


    • Security education and awareness programs: board security education, cyber hygiene, social engineering, phishing, ransomware
    • Simulation, exercises and war games: board crisis exercises, breach management, tabletop exercises, red team


    • IT project risk review
    • IT risk and effectiveness assessment
    • Business continuity planning, management and testing
    • Disaster recovery programs
    • Supplier risk interruption (external risk)
    • Compliance program assessment


    We are making great headway on security policies, procedures and it’s measurable. Our exposed surface area for cyber-attack is smaller than it’s ever been.
    Director of Information Systems for a large insurance company