Cybersecurity Consulting

Our Managed Security Services are scalable, contractual services which provides for a reduction in complexity and increased access to deeply skilled resources, while being delivered at a significantly reduced and predictable annual fee.

Protiviti uses market leading analytics, metrics and techniques to embed risk and compliance controls with business objectives allowing for better response to dynamic business process changes, which are continually monitored assuring correct controls exists to mitigate risks. Protiviti helps our clients respond to dynamic compliance and business process changes, as well as optimize their compliance activities to successfully achieve their business strategies and objectives.

• Managed Detect and Respond
• Threat Exposure Management
• Data Protection Management
• Third-Party Risk Management
• Cloud Security Sustainment
• Digital Identity Management
• Managed Privacy Services
• Supply Chain Security Management
• Security Operations

To learn more, contact Shinoy George, Managing Director, Dallas

Designed to assist clients with understanding the information security and privacy risks they face and determining their readiness to address them. Our offerings help companies take a holistic business and technology view of their risk environment, use industry-accepted information security frameworks to evaluate their control environment, and develop/refine information security and privacy strategies, practices and technology architectures to reduce their exposures. In addition, we assist clients in designing metrics of merit for security and privacy, and develop effective communication to their stakeholders — from operational management to C-suite leadership and boards of directors.

• Risk Assessment and Analysis
• Program Design, Benchmarking and Metrics
• Policy Design and Development
• Security Strategy and Governance
• Board/C-Suite Cybersecurity Communication and Reporting

• Cybersecurity Program Office

To learn more, contact Andrew Retrum, Managing Director, Chicago

Our team understands the inherent risks clients face and the challenges they encounter in developing and maintaining effective privacy programs. Drawing on our skills and experience in regulatory compliance, business processes, technology, information security and communications, we assist our clients in building and sustaining privacy programs that address both regulatory requirements and industry best practices.

• Privacy Program Assessments
• Privacy Program Development
• Protiviti Saas(TM) - Privacy as a Service

To learn more, contact Manisha Shah, Managing Director, New York

Preserve business value by protecting sensitive data and ensuring compliance with respective regulations. Our offerings address the design, implementation and assessment of technical and procedural controls focused on identification, classification, protection and compliance for sensitive data. We bring expertise in security and privacy regulations as well as innovative approaches for reducing compliance obligations and risk.

• Data Classification, Protection and Governance
• Cyber Defense
• Compliance — PCI, HITRUST, FFIEC
• Vendor/Third-Party Risk Management

To learn more, contact Jeffrey Sanchez, Managing Director, Los Angeles

Cloud security is about designing and implementing a collection of deterrent, preventive, detective and corrective security controls that help to protect the cloud ecosystems and its services (SaaS, PaaS and IaaS) from being exploited by attackers. Our Cloud Security services help clients understand, address and actively manage the risks they face to successfully operate their business in a secure cloud. We assess, design, and implement security solutions to reduce exposure and communicate effectiveness to stakeholders at the management and executive levels.

• Strategy, Architecture and Implementation
• Cloud Security Assessment
• DevSecOps
• Cloud Vulnerability Management

To learn more, contact John Stevenson, Managing Director, Dallas

Protiviti helps companies protect their critical assets and data by identifying vulnerabilities and providing actionable remediation guidance. Applications, services, databases, Internet of Things (IoT), mobile devices, whether on-premise or in the cloud, are safer with Protiviti.

• Application Security Testing
• Network Security Testing
• Red Team
• Social Engineering
• DevSecOps / SSDLC​
• Source Code Review
• Hardware, IoT and Medical Device Testing
• Vulnerability Management

To learn more, contact Krissy Safi, Managing Director, Chicago

Solutions include best practices, frameworks and tools to maintain identity, privileges and assets that are essential to protecting sensitive data and secure information in a compliant and cost-effective manner while providing adequate protection and an optimal user experience on a variety of applications and tools, whether on premise, in the cloud, via mobile and on their own devices.

• IAM Program and Strategy
• Role-Based Access Control
• Identity Governance and Administration
• Privileged Access Management
• Access Management
• Directory Services

To learn more, contact Ashraf Motiwala, Managing Director, Dallas

Protiviti helps companies prepare for, respond to and recover from security incidents. When bad things happen, a trusted partner like Protiviti guides organizations through the process to help avoid costly pitfalls and recover as quickly as possible.

• Strategy and Planning
• Tabletop Exercises
• Emergency Breach Response
• Cyber Forensics and Litigation Support
• Compromise Assessments
• Cyber Threat Hunting
• Business Continuity / Business Resiliency
• Post-Event Review

To learn more, contact David Taylor, Managing Director, Orlando

Facing a complex, dynamic system, our Operational Resilience services help leaders confidently prepare for and respond to known and unknown futures through an iterative process that improves an organization’s ability to proactively withstand adverse change.

• Enterprise Resilience Programs
• Formalizing Business Services
• Cyber Resilience
• Technology Resilience
• Business Resilience
• Third Party Resilience
• Resilience Testing & Assurance

To learn more, contact Andrew Retrum, Managing Director, Chicago