Security & Privacy

What We Do

NYSTEC’s s cybersecurity and privacy professionals can help you keep your data, applications, and enterprise safe. Our security and privacy services include:

Business Continuity, Disaster Recovery & Incident Response Readiness. Prepare for disruption and take preventative action to minimize loss and recover data. Focus areas include:

  • Business Continuity & Disaster Recovery.
  • Business Impact Assessments (BIA).
  • Incident Response Planning & Recovery.
  • Tabletop Exercises.
  • Threat Hunting.

Election Security & Technology. Understand threats to voting and build security controls and processes to help keep elections safe and secure. Focus areas include:

  • Election System Security.
  • System Certification Testing Oversight.
  • Assistance with Election Technology Adoption.

Security Assurance & Testing. Discover and identify device, operating system, and software vulnerabilities. Focus areas include:

  • Vulnerability Testing.
  • Web Application Testing.
  • Penetration Testing.
  • Vulnerability & Threat Management.
  • Security Architecture Design.
  • Secure Application Design.
  • Cloud Security Design.

Security & Privacy Compliance. Provide administrative, technical, and physical security and privacy safeguards to protect data confidentiality, integrity, and availability. Focus areas include:

  • Review & Development of Data-Sharing Agreements.
  • Security Subject Matter Expertise in Standards & Best Practices (Private, State, Federal).

Security & Privacy Governance. Measure, improve, and track governance, risk, and compliance objectives and incorporate them into organizational processes. Focus areas include:

  • Data Classification.
  • Information Security & Privacy Policy Development.
  • Risk Management.
  • Identity & Access Management.
  • Security Awareness Training.
  • Security Policy & Procedure Development.
  • Vendor Management & Oversight.
  • Virtual Chief Information Security Officer (vCISO).
  • Independent Verification & Validation.

Security & Privacy Risk Assessment. Understand, measure, and mitigate organization- and system-level security and privacy risks. Focus areas include:

  • Cloud Security Assessments.
  • Application Security Assessments.
  • Mobile Device Security Assessments.
  • Organizational Risk Assessments.
  • Risk Assessments (NIST 800-30). · Privacy Compliance.
  • Privacy Compliance Assessments.
  • Privacy Impact Assessments.
  • Open-Source Assessments.

Transformative Security & Privacy Governance. Find the right balance between regulatory compliance and risk mitigation with supporting critical business needs. Focus areas include:

  • Governance Strategy Development & Execution.
  • Security & Privacy Policy & Procedure Development.
  • Security & Privacy Program Development.
  • Policy Analysis.
  • Security & Privacy Gap Analysis.


This site uses cookies. By accepting cookies, you optimize your viewing experience. For more information, see our Privacy Policy.