• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Trom ltd consulting & interim ciso

Trom ltd consulting & interim ciso






Total Views
Views on SlideShare
Embed Views



2 Embeds 17

http://www.linkedin.com 15
https://www.linkedin.com 2



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Trom ltd consulting & interim ciso Trom ltd consulting & interim ciso Document Transcript

    • Trom Ltd - Information Security Consulting ServicesInformation Consulting ServicesTo meet complex and fast growing business requirements, organizations have to protectmission critical data including sales data, profitability data, client details, clients personalinformation; have to meet a number of legal & regulatory compliances; have to assessorganization’s information security infrastructure in order to keep ahead from competitors.Trom Ltd – Information Security Consulting Services has designed its security consultingservices which can meet organization’s compliance, security design and assessmentrequirements.Trom Ltd. - Information Security Consulting Service OfferingsTrom Ltd’s decade old Information Security Consulting practice offers a full range of SecurityConsulting Services which helps you across the globe to identify, evaluate, and improve overallsecurity posture of your enterprise. Trom Ltd. - Information Security Consulting services isbased on widely accepted recognized standards and best practices, and is oriented to yourorganizations unique needs and industry regulations you follow.A security consultant who has rich experience in security domain helps organizations inbuilding a strong security posture that helps reduce costs, improve service, and manage risk. Information Security Consulting and Assessment ServicesSecurity Compliance & Consulting Security Design and Services Security Audit and Assessment Services ServicesPCI – DSS Consulting & Certification Security Roadmap Consulting Wireless Security Assessment Services ISO 27001/2:2005 Consulting Firewall Reviews and Assessments Information Security Audit and Gap Services AnalysisInformation Security Policy & Process Event Management and Logging Vulnerability & Intrusion Detection Consulting Reviews and Assessments System Assessments and Reviews DLP Consulting Encryption Assessments Incident Response and Recovery Services Application Security Consulting Disaster Recovery and Business Continuation Assessments HIPAA, Hi-Tech, 5010 Consulting Security Training and Awareness Services Data Classification and Intellectual Change Management, Risk Property Assessment Management, Vendor ManagementCore Strengths of Information Security Consulting Practice  Experience gathered from various Information Security Consulting Projects.  Recognized by customers for domain experience & delivery efficiency.  Empanelled by multiple enterprises as consulting service partner.  Accolades and appreciations from partners, customers and analysts on overall maturity. 1
    • Benefits to Customer:  Improved enterprise security posture.  Efficient and streamlined security process.  Security alignment with business goals.  Secure access to business critical data.  Significant reduction in security incidents.For more details on the above services and to have Steve Trom contact you, please write tosptrom@comcast.netCompany ServicesA proven methodology combines information security lifecycle best practices with a client-specific engagement model to clearly define and document your information securityneeds, and design a process for building a successful, productive relationship based onshared expectations. Throughout our process an Education and Awareness Program isinstituted to ensure program success by achieving the necessary understanding and buy-inthroughout your organization. Trom Ltd’s Strategic and Tactical Services together makeup a comprehensive approach to an Information Security Program for your business.Strategic ServicesConduct a review of your business processes and the associatedinformation flow in order to establish the risk to the business representedby current and anticipated threats to the security of your information...More  Information Flow Analysis  Information Classification  Information Security Threat  Training and Awareness Analysis  Usage Policy, Procedures,  Regulatory Requirements Standards and Guidelines Review  Incident Response Procedure  Policy Gap AnalysisTactical ServicesConsultants effectively evaluate your current technology environment –ensuring to ‘harden’ existing systems to further mitigate vulnerabilities...More  Firewall Review  Content Management  Intrusion Detection and Solutions Prevention Systems  Encryption Solutions Evaluations  Event Management and 2
    •  Endpoint Security Logging Review Solutions  Authentication and Identity Assessment of Solutions Vulnerability Scanning and Intrusion Detection ToolsInformation Security ProgramTrom Ltd. uses a phased approach to instituting an Information SecurityProgram. Specifically:Risk Assessment and Policy Development  identify and document your business-specific Information Security requirements  identify and clarify Information Security-related regulations that apply to your businessAudit and Vulnerability Analysis  identify gaps in current processes and technology implementations with regard to corporate policies and regulatory requirements  identify existing vulnerabilities to internal and external threatsArchitecture, Remediation, and Certification  assess the necessary processes and technologies to fill identified gaps  verify policy/regulatory compliance and vulnerability mitigationInformation Security Management Assessment  evaluate your technology environment and processes in compliance with corporate policies and regulatory requirements  evaluate your technology environment for policy violations as well as immediate and developing threats 3
    • Interim CISO and Security Management Consultancy ServicesIntroductionThe role of the Chief Information Security Officer (CISO) of Security Manager in manyorganizations is now seen as a crucial appointment and one that carries a great deal ofresponsibility.Coupled with ensuring the safety and security of information systems the CISO needs to firmlyunderstand the business in which they work and how they can ensure systems deliver the rightinformation to the right people, at the right time in a sensible and secure way.The departure of a CISO or security manager can leave a significant hole in the safe running of abusiness and replacing that key individual should be seen as a priority. In the meantime it makessense to work with a trusted party to fill the vacancy on an interim basis. This ensures the smoothrunning of security systems and an easier transition to a new full-time head.ChallengeFinding the suitable candidate to fill a vacancy can be a challenge. The best fit person will need arange of technical and business skills as well as the maturity to take on significant responsibilityfrom day one. In many cases using a third party consultant that understands the role of theCISO/Security Manager and has experience in running a business will ensure this vacancy isfilled quickly and efficiently.Steven Trom has significant experience with information security, providing a deep knowledgeof its functions, trends, issues and capable of promoting security and information riskmanagement within your organization. Services are customized to meet your needs whether itrequires a temporary CISO or CSO while you search for a permanent candidate or fill the role ona part-time basis to oversee and direct your security program.Services are:  Define the Information Organization / CISO function / roles and responsibilities  Revisit new or broken security, risk management and regulatory initiatives  Educate existing security staff  Maintains existing security program  Provide an external perspective with existing business objectives  Security Strategy Review  Administrative, Technical, Physical, Operational and Logical Security Review  Security System Health checks  Other assessment services mentioned on pages (1-3) 4
    • Interim CISO and Security Management Consultancy ServicesHow it works?The engagement may be as short as few days/weeks or as long as a year, full-time or part-timedepending on business requirements. By adopting a flexible engagement model you can be sureyou are spending your fees wisely and engaging the services you need.For more details on the above services and to have Steve Trom contact you, please write tosptrom@comcast.net 5