strategy|technology|consulting

 

Regulatory

& compliance support


The legal, regulatory, and compliance information security landscape is confusing to navigate for all companies regardless of size.  S2R Execution Bridge assists small and medium business as they sort through the alphabet soup of standards and regulations that may impact their operations, and starts them on a path toward a security centric culture.   We offer assistance in recognizing and adhering to applicable data privacy laws and industry standards. From assisting Level 4 merchants with their PCI-DSS compliance efforts to providing high-level HIPAA guidance, S2R Execution Bridge works with your business to map efforts to the SANS Top 20 Critical Controls for a prioritized approach to security.


"never fool yourself into believing that Compliance  

equals 

security"


awareness training


People are a firm's strongest assets but they are also the weakest link in the layered security chain. S2R Execution Bridge customizes employee security awareness training to ensure visibility and to foster buy-in from the field.  

We also offer more in-depth technical liaison education & training for legal professionals and others who have been tasked with maintaining sufficient technical security competence to adequately advise their clients. (see "The ABA Cybersecurity Handbook" June 2014)

assess the risks


The lifeblood of today's digital marketplace is information.  S2R Execution Bridge supports business owners in building an information security program that spans the life cycle of critical business data from cradle to grave.  Starting with comprehensive data identification, classification and flow determination, we work with corporate leaders to prioritize data protection based on risk while balancing the goals of the business with the costs of regulatory and compliance requirements.

Program & Policy design


S2R Execution Bridge crafts risk based information security programs tailored toward the specific needs and challenges of your business environment while leveraging best practices from PCI DSS, NIST, SANS, COBIT, CSA, and other globally recognized information security standards and frameworks.  The output is a custom program with clear and simple policies that are consumable across the organization while enabling the business to compete effectively in their target markets.

advisory council member for interface atlanta 2016


INTERFACE helps organizations stay up to date with market trends and the technology that runs their businesses and secures their data and infrastructure environments.  Attend your local INTERFACE conference and participate in quality, vendor-neutral educational seminars, drawn from case studies and best practice examples from leaders in the field. INTERFACE events are by invitation only. INTERFACE Atlanta 2016 is scheduled for May 4, 2016 | Cobb Galleria Centre.  Learn more at www.interfacetour.com/tour/atl16

" YOUR cyber reality is binary.  you have either already been breached or you will be.

 make sure your house is in order to address both possible states.  somewhere between chicken little and the ostrich makes more sense to perch. "


gap analysis - remediate


Your gap analysis becomes your Call to Action Plan. S2R Execution Bridge develops a remediation plan based on gaps between your current state and desired future state security posture. By partnering with the business, IT, and your technology providers, we guide the implementation of a cost effective, optimal security program designed around your unique business needs and regulatory environment.

PRIVACY MATTERS! 

Expect it, Respect it, Protect it, Demand it.

Get involved on Data Privacy Day January 28th annually.


Know the data privacy laws and regulations in all countries and locales where your business is conducted. Be vocal in your personal and professional privacy expectations for all organizations that you interact with.


Get involved at www.staysafeonline.org/dpd  Supporting Data Privacy Day since 2014

Proud to be a NCSAM ChaMPION

Supporting the National Cyber Security Alliance 2014 - 2015 by promoting cyber hygiene and awareness during October and throughout the year.  Learn more at www.staysafeonline.org

"no business can be 100% secure in today's hyper-connected cyber world...

 but every business has the responsibility to maximize their data security and privacy protection efforts to be as locked down as their legal & regulatory environments dictate and their business risks and appetite warrant. "