Pratum Security Consulting

A risk-based approach to information security consulting.

Industry-leading Cybersecurity Guidance

Pratum's team of security experts and engineers guide organizations with general and technical security consulting services. Defend against cyber adversaries by proactively strengthening your cybersecurity posture.

We meet with our clients to gain an understanding of their organizational culture, risk tolerance level, regulatory environment, and industry pressures. This enables us to guide information security decisions utilizing a risk-based approach. From this vantage point we are able to help select appropriate administrative, physical and technical controls that lower risk without impeding business operations.

Information security consulting covers a wide range of client needs, including security policy development, business continuity and disaster recover, incident response planning, and security engineering.

Need help with cybersecurity?

Services

Policy Development

Proper policy development and implementation provides employees with the knowledge they need to protect your organization against cyber-attacks. Policies must be designed to support risk management goals while maintaining business operations.

Basic education and guidance go a long way. Understanding the difference between policies, standards, baselines, and other documentation is important as well. Our consultants understand the relationship between each documentation type and can help draft the policies and procedures that best fit your organization. We work with you to build a robust documentation portfolio that supports your tolerance for risk and meets any regulatory or audit requirement.

Policies
  • Information Security, Terms of Use, and Privacy
  • Information Technology Acceptable Use
Standards
  • User Account Administration
  • System Certification
Baselines
  • System Configurations
  • Partner Inter-Connections
Procedures
  • Software Installation
  • Daily Monitoring
Guidelines
  • User Access Levels Restrictions
  • Design Principles

Business Continuity and Disaster Recovery Planning

Keep your organization running in the event of a serious incident or disaster. Business continuity is the planning and preparation for an immediate response to incidents or disasters that would normally interrupt business function. This planning will ensure that your organization continues to function or recovers to an operational state within a short period of time.

Business resumption programs are a vital part of getting your business back on track after a disaster. Well-designed programs are comprised of policies, procedures and plans that will guide your every decision. Emotions run high in disaster situations, but business resumption programs allow you to make the decisions ahead of time, removing emotion altogether.

Some industries are required by the U.S. government to comply with rules, regulatory requirements (FFIEC, NASD, SOX, GLBA, and HIPAA) and/or fiduciary responsibilities for appropriate business practices (FCPA). Organizations that are held to these standards should pay close attention to their business resumption programs, as penalties may be enforced if standards are not met.

Pratum’s expert consultants can provide business resumption services designed to help your organization establish a business continuity program. In addition, we can assess your current program entirely, or each of the primary areas independently, to ensure your business objectives are being met.

Business Continuity and Disaster Recovery Services Include

  • Business Impact Assessment
  • Application Impact Analysis
  • Business Continuity Plans
  • Disaster Recovery Plans
  • Policy, Procedure and Plan Development
  • Staff Business Resumption Training
  • Plan Validation: Drills and Exercises

Technical Security Consulting and Security Engineering

Hands-on security consulting that helps organizations understand and address technical security challenges.

Cloud Security
  • Amazon Web Services (AWS)
  • Azure/Microsoft 365
Network security infrastructure
  • Firewalls
  • IPS
Application Security
  • SecDevOps
  • Database Security
  • Code Review

Interested in security consulting services?

Complete this form for more information
or to request a proposal.

The information we track while users are on our websites helps us analyze site traffic, optimize site performance, improve our services, and identify new products and services of interest to our users. To learn more please see our Privacy Policy.