Security & Privacy
What We Do
NYSTEC’s s cybersecurity and privacy professionals can help you keep your data, applications, and enterprise safe. Our security and privacy services include:
Business Continuity, Disaster Recovery & Incident Response Readiness. Prepare for disruption and take preventative action to minimize loss and recover data. Focus areas include:
- Business Continuity & Disaster Recovery.
- Business Impact Assessments (BIA).
- Incident Response Planning & Recovery.
- Tabletop Exercises.
- Threat Hunting.
Election Security & Technology. Understand threats to voting and build security controls and processes to help keep elections safe and secure. Focus areas include:
- Election System Security.
- System Certification Testing Oversight.
- Assistance with Election Technology Adoption.
Security Assurance & Testing. Discover and identify device, operating system, and software vulnerabilities. Focus areas include:
- Vulnerability Testing.
- Web Application Testing.
- Penetration Testing.
- Vulnerability & Threat Management.
- Security Architecture Design.
- Secure Application Design.
- Cloud Security Design.
Security & Privacy Compliance. Provide administrative, technical, and physical security and privacy safeguards to protect data confidentiality, integrity, and availability. Focus areas include:
- Review & Development of Data-Sharing Agreements.
- Security Subject Matter Expertise in Standards & Best Practices (Private, State, Federal).
Security & Privacy Governance. Measure, improve, and track governance, risk, and compliance objectives and incorporate them into organizational processes. Focus areas include:
- Data Classification.
- Information Security & Privacy Policy Development.
- Risk Management.
- Identity & Access Management.
- Security Awareness Training.
- Security Policy & Procedure Development.
- Vendor Management & Oversight.
- Virtual Chief Information Security Officer (vCISO).
- Independent Verification & Validation.
Security & Privacy Risk Assessment. Understand, measure, and mitigate organization- and system-level security and privacy risks. Focus areas include:
- Cloud Security Assessments.
- Application Security Assessments.
- Mobile Device Security Assessments.
- Organizational Risk Assessments.
- Risk Assessments (NIST 800-30). · Privacy Compliance.
- Privacy Compliance Assessments.
- Privacy Impact Assessments.
- Open-Source Assessments.
Transformative Security & Privacy Governance. Find the right balance between regulatory compliance and risk mitigation with supporting critical business needs. Focus areas include:
- Governance Strategy Development & Execution.
- Security & Privacy Policy & Procedure Development.
- Security & Privacy Program Development.
- Policy Analysis.
- Security & Privacy Gap Analysis.