Our service line was specifically developed to increase cybersecurity maturity and resilience among family offices and small and midsize businesses:
- Cybersecurity Auditing
- Comprehensive Cybersecurity Program Development
- Virtual Chief Information Security Officer Service
- Executive Cybersecurity Communiqué
We perform threat assessments focusing on an organization’s assets and technology infrastructure covering the following areas:
- Inventory and Control of Enterprise Assets
- Inventory and Control of Software Assets
- Data Protection
- Secure Configuration of Enterprise Assets and Software
- Account Management
- Access Control Management
- Continuous Vulnerability Management
- Audit Log Management
- Email and Web Browser Protections
- Malware Defenses
- Data Recovery
- Network Infrastructure Management
- Network Monitoring and Defense
- Service Provider Management
- Applications Software Security
- Incident Response Management
- Penetration Testing
The output of the assessment is an evaluation of risks across the enterprise. For those risks that we determine to be unacceptable, recommended safeguards will be provided.
A Comprehensive Cybersecurity Program serves as a work plan and roadmap that lays out in clear, actionable language: initiatives, new processes, changes to existing processes, suggested vendors, new technologies, suggested written policies, recommended insurance policies, and education programs that when properly implemented will help ensure the continuity of the organization amid cyber risk.
We will evaluate the current governance structure from a cybersecurity perspective and make suggestions to ensure that the Cybersecurity Program has the proper levels of oversight and visibility within the organization.
- Education & Awareness
We will evaluate current education and awareness practices and make suggestions for improvements. If no education program exists, we will make suggestions on vendors, training frequency and types of training sessions that should be conducted for the organization.
We will evaluate any existing cybersecurity insurance policies and suggest providers and policies if none exist.
We will suggest partners to fulfill areas of the Cybersecurity Program as necessary.
- Policies, Procedures & Processes
We will review existing policies, procedures and processes that have an impact on the organization’s cybersecurity posture. We will also suggest amendments and additions as necessary.
Once we've laid out a Comprehensive Cybersecurity Program for your enterprise, we're happy to help you plan and implement the various pieces of it. We provide the following suite of services for a simple monthly fee to bring your plan to life:
- Implementation Management
We've identified what needs to be done to enhance your cyberseurity posture, now let us oversee the implementation of our reccomendations.
- 1:1 Advisory & Coaching
These advisory conversations will be tailored to the business leaders' understanding of the concepts, depending on where they currently stand on the cyber maturity and hygiene continuum. If needed, coaching will be provided to IT staff.
- Vendor Selection & Management
We will help you select vendors for penetration testing, incident response, cybersecurity insurance, identity protection, etc. Know that we're on your side of the table and will help you find the right partners to implement the different elements of your Cybersecurity Program.
- Custom Education
Larger group presentations and/or custom video modules on specific topics may be developed with the goal of increasing business-wide cyber maturity. These presentations or modules will be tailored to the group’s understanding of cyber maturity and hygiene concepts.
The Executive Cybersecurity Communiqué is a free quarterly email communication that provides distilled, relevant talking points and educational snippets for your business team and actionable mitigation steps for your technology team.
Ongoing, timely information is one of the most important keys to maintaining cybersecurity resilience, yet it is often one of the most easily-overlooked pieces of a comprehensive cybersecurity plan.
CEO Tony Gebely’s interest in cybersecurity began when he took a university course on cryptography in 2003. Since then, he has had a focused career in the information technology field.
Tony currently holds the position of Chief Technology Officer for Family Office Exchange, a 30+ year-old membership organization for ultra-high-net-worth families and their advisors.
During his tenure at Family Office Exchange, he:
- Served as a subject matter expert on cybersecurity for the firm's 500 members.
- Routinely advised families on cybersecurity best practices.
- Published multiple papers on cybersecurity that were made available to members.
- Ran the firm's first Global Family Security Workshop.
- Launched the organization's Technology Operations and Data Security Network which is made up of over 325 family office executives responsible for technology and cybersecurity.
- Ran the annual meetings for the Technology Operations and Data Security Network in Chicago.