FAIL (the browser should render some flash content, not this).

Information Risk & Gap Analysis
Risks and mitigation simply cannot be ignored in today’s business climate. Stakeholders, customers, legislators, and even the general public demand corporate accountability and effective controls of assets. Risk assessment and management, based on regulatory gap analysis and other discovery tools, ensures the accountability that our clients need.

Policy Consulting
This NISS service is a client-specific security policy consulting, which assists enterprises in developing usable policies and standards to protect critical assets.   NISS consultants and clients work together to ensure that security policies are both effective and operational.

Security Strategy
NISS develops client-based security strategies that reflect the growth, changes, core business needs and business patterns unique to each enterprise. This comprehensive approach ensures that variances or fragmentation in our clients’ information security posture are minimized and that opportunities for a breach are reduced.

Penetration Testing
NISS tests clients’ enterprise technologies for security weaknesses. Various levels of penetration testing help ensure appropriate levels of safety and responsiveness.  By identifying intrusion paths and setting up safeguards, the possibility of a successful breach is diminished.

Forensics & Document Recovery
NISS has certified computer forensics professionals who have reviewed the contents of electronic media on behalf of the Department of Defense and Fortune 500 companies.  We have acquired and viewed data from hundreds of systems and can conduct the most detailed analysis of the existent data, while recovering deleted data in many circumstances.   NISS can work as an extension of your legal team with e-Discovery requests, providing the technical ability to quickly identify and collect information from computer systems. 

Virtual CSO and Training
Not all organizations have a dedicated Information Security Staff or IT Audit Staff.  That does not mean your organization is immune to compliance.  NISS can help by assisting on a short or long term, and advisory basis. NISS can conduct awareness, vendor specific, industry specific and regulatory or forensic training at one of our locations or onsite at your organization

Too many times an organization does not communicate effectively between the different business units. We find this especially true between the Executive units and the Information units. CIO's are constantly fighting an uphill battle between satisfying the business and keeping the organization moving in a strategic direction. CEO's and CFO's on the other hand are busy with everything else and may a have a false sense of security believing that since IT risk management has "IT" in the title, then the technology group is taking care of it. 67% of the data breaches that came in from the outside were due to significant errors within the organization.