Three security deployments scare me more than any other and would cause me to seek the services of seasoned professionals: SIEM, DLP, and Full Disk Encryption. The depth of knowledge the folks at Vigilant have can only come from smart people putting in long hours learning how to solve hard problems

Program and Planning Services

Security Program & Planning Services
 
Vigilant’s vendor-agnostic, trusted advisor services offer executives and managers outside expertise to build the foundation for a successful IT risk management program over time. Guidance for day-to-day security functions starts with well-developed policy, a clear vision of the ideal security architecture that is relevant to your business, and a clear, programmatic roadmap based on realistic assessment of the current security status of today’s environment against that vision. Vigilant’s Security and Program Planning Services ensure that the rest of your security budget is well-spent.

Interim CISO

Vigilant has on its staff executive consultants who have sat in the chair of the Chief Information Security Officer for large enterprises who have been responsible for security policy and assessment, budgeting, day-to-day security operations, security metrics and reporting, and decision-making interface with IT risk managers, CFOs and auditors. These executives are available to augment your leadership teams, either on a temporary basis during a hiring gap, or on an ongoing basis for smaller organizations that need, but cannot afford fulltime, top-level talent.

Security Policy Development

Vigilant senior consultants review your existing security policy against IT risk management, compliance, and other business requirements to assess, update and document your corporate security policy.

Enterprise Security Architecture Services

M&A activity or business restructuring, significant IT infrastructure changes, launches of critical business applications, business continuity concerns, and major security breaches are all examples of events that can lead to a need to re-design basic security tools, and processes. Vigilant reviews existing IT tools, components and configurations from a security perspective against security policy and current business and technology requirements, and develops design and phasing recommendations.

Assessment Services

Using our Target Capabilities Assessment methodology, we measure current security capabilities against various broad or targeted requirements, and return a set of documented recommendations. Vigilant assessment services include:

  • ISO 27002 Standards Achievement Assessments identify gaps in meeting the ISO standard, the most common reference point for security excellence.
  • Regulatory Assessments for NERC/FERC, Sarbanes-Oxley, HIPAA, and other major industry standards.
  • Application Security Assessment includes code review, and a security assessment of the integration between application components, all points of egress into the application, and surrounding IT infrastructure.
  • Vulnerability Assessments for one or more critical business applications.
  • Security Operations Capability Assessment, an ITIL-driven project that reviews tools and runbook processes for availability, incident, problem and change management to evaluate security operations effectiveness.
  • SIEM Assessments evaluate the performance of an existing SIEM configuration against the organization's requirements/objectives and identify opportunities to quickly unlock additional value.