Treadstone 71 provides information security leadership service that is designed to assess and benchmark your organization's information security and network security posture. The Interim CISO Service is customized and scaled based on the size of your organization and industry type. Treadstone 71 provides a structured approach used to measure security and develop the strategic security direction for organizations using internationally recognized information security standards. The Treadstone 71 Interim CISO service focuses on prevention by proactively examining your security infrastructure prior to remediation efforts. In addition, Treadstone 71 measures compliance with the ISO27001/2/5, the CISSP Common Body of Knowledge, Common Criteria, and NIST Security Standards non-inclusively. Treadstone 71 utilizes standards for gap analysis and risk assessment such as the National Security Agency’s Information Assurance Methodology non-inclusively, while incorporating best practices from BITS & FFIEC (for financial services) and FISMA/NIST RMF for asset intensive requirements.
Our risk-based, holistic approach ensures rapid review of your current posture while setting the building blocks for increase maturity and risk optimization.
* Security Policy, Program and Strategy Development - Organizational Maturity.
* Plan for an build out your risk assessment strategy - GRC RFP and implementation planning.
* Penetration Testing Services* used to perform ethical hacking at your approval in hardening your external infrastructure to malicious attacks.
* Security Metrics Development.
* Security Operations Organization and Setup
* Security Awareness Training and specific training solutions tailored to your environment.
* Continuous, focused processes ensuring discovery of vulnerabilities and identification of threats.
* Building Security into the SDLC
* Physical Security review.
* Emergency and Crisis Management.
* Security organization roles, responsibilities and job descriptions.
* Access to IT Governance Standards that ensure the building or enhancing or your security focused organization.
* Comparison to multiple internationally recognized and accepted information security standards.
* Full reporting of all findings including a ScoreCard and RoadMap for prioritized recommendations.
* Comparison of security posture to similar sized organizations and industry-specific metrics and best practices.
* Complete documentation, definition and recommendations of technical and non-technical vulnerabilities.
* Business Continuity and Disaster Recovery Planning review and recommendations.
* T71 provides any and all required security and risk services defined within this website and beyond.
*Due to the labor intensive nature of Penetration Testing, this is an optional service.