Information security

Today’s information security landscape

Threats to information security, from both internal and external sources, continue to challenge all industries. Add to this the ongoing pressure of regulatory requirements, and effective information security becomes a significant area of concern. Yet many organizations are trying to address these concerns while balancing operational and business needs—with more efficiency, but fewer resources.

We can help clients evaluate their organization's information security posture from technical, management and operational perspectives. We believe in the importance of effective business outcome-focused technology and information security practices, and help our clients find the right balance.

Our experienced professionals have extensive industry experience and do not rely on any vendor alliances or product sales.

Here are just some of the services that we can offer:

  • Information security advisory and program management
    We provide guidance and advisory services for existing or new security programs using the ISO 27000 framework and other generally accepted and recognized industry standards.
  • Operational and tactical assessments
    Our team can support security operation improvement efforts or can conduct tactical security assessments of applications, servers and networks.
  • New technology risk management
    As subject matter specialists, our team assists clients in assessing risks and developing strategies related to the successful implementation of new technologies.
  • Regulatory compliance
    We support clients in the development of compliance management programs to address security, data privacy and industry specific regulatory requirements, including PCI DSS, provincial and federal privacy legislation, NERC CIP and data leakage and loss prevention.
  • IT Forensics and eDiscovery
    Our team conducts forensic analyses on IT systems as part of legal proceedings, forensic accounting or for corporate security groups.
  • Information security threat risk assessments
  • Privacy assessments and consulting
  • Business continuity and disaster recovery
  • Vulernability assessment and penetration testing services