About | My Site

01

OUR COMPANY

"Balancing the intersection between cybersecurity, enterprise compliance and business profit expectations."

CounterMeasure is a team of seasoned, senior executives from the commercial and Federal sectors that have led organizations balancing the tight rope between cyber security and enterprise compliance while accomplishing mission requirements and meeting profit expectations.

Taken as a whole, our executive team provides you with unique visibility and capabilities difficult to find elsewhere.

Experience on all sides -- our executive team has experience on all sides of the equation – we have been professional solution providers, buyers, implementers, and sellers in the both the commercial and Federal space for more than two and half decades.

We have experienced your pain – we have held some of the highest security and compliance executive leadership positions and led diverse teams to success; we understand the pressure that comes with ensuring organizations are both secure and compliant while fulfilling their mission and being profitable. We have walked in your shoes.

Proven commercial and Federal security and compliance success that scales -- we have delivered security and risk management solutions across the public and private sector, including challenging environments of regulated industries and classified programs. This gives us the unique ability to translate and transition between commercial security compliance requirements and Federal frameworks allowing for considerable scale efficiencies for our clients – happy customers and a faster demonstration of value.

The right balance of the right resources – our leadership and implementation teams have the right balance of technical, legal, and business acumen to effectively consider all aspects of today’s cybersecurity and compliance landscape and the ability to translate those needs into cost effective risk reduction solutions.

the film

The facts

02

OUR SERVICES

SECURITY and PRIVACY

Cyber / Physical / Compliance / Legal

Whether your company already has an advanced security program or just starting out, CounterMeasure can help your organization reach its potential by aligning business goals and objectives with security and compliance strategy. CounterMeasures offers full project lifecycle services from strategic planning and assessment, to testing and execution, to executive leadership and advisory services. We provide services to private and public sectors, from small to medium sized businesses to Fortune 100 Enterprises, Federal departments and agencies, state and local critical infrastructure and utilities.

-----------------

PROJECT LIFECYCLE

Discover and Assess

Test, Design and Plan

Build, Implement and Remediate

Transition, Advise and Support

CYBERSECURITY / COMPLIANCE /

PHYSICAL SECURITY / LEGAL

DISCOVERY and ASSESSMENT SERVICES

Asset and Business Objectives Discovery

Security Program Analysis and Assessment

Application Security Assessment

Network Infrastructure and Cloud Assesment

Threat Analysis

Policy and Procedure Assessments

Mergers & Acquisition Security Assessment

Incident Response Readiness Evaluation

Security Risk Analysis

Secure Code Review

Phishing Assessment

Data Flow Analysis

Cloud Security Architecture Assessment

Compliance Gap Assessments

Cyber Insurance Evaluation

FedRAMP Assessment

Social Engineering Evaluation

3rd Party Supply Chain Security Assessments

Cyber Legal Advisory Services

TESTING, DESIGN and PLANNING SERVICES

Testing

Security Program Design

Red / Blue / Purple Teaming

Network Penetration Testing

Web Application Penetration Testing

Mobile Application Security Testing

Vulnerability Scanning

Data Breach Legal Advisory Services

Vulnerability Detection / Threat Hunting / Monitoring Evaluation

Service Level Agreement (SLA) Review

Licensing Review

Design and Planing

Cybersecurity Strategic Plan and Roadmap

Control Cost, Licensing and SLA Savings Evaluation

Cross Compliance Control Prioritization and Consolidation

Security Program Build Project Plan and Schedule

Cloud Migration Strategy

Asset Segmentation

Zero Trust Design

Package Selection and Pricing

SIEM, SOC Design and Planning

BUILD, IMPLEMENTATION and REMEDIATION SERVICES

CyberSecurity Program Buildout

Policy and Procedure Development

Asset Hardening and Secure Configuration

Vendor Security Management

Identity and Access Management (IAM)

Mulit-Factor Authentication (MFA)

Security Information Event Management (SIEM) Implementation

Data Loss Prevention (DLP)

Security Operations Center (SOC) Build

Enterprise Detection and Response (EDR)

Training and User Awareness

Secure Code Developer Training

FedRAMP Readiness

EXECUTIVE LEADERSHIP, ADVISORY and SUPPORT SERVICES

Virtual / Fractional Executive and Practitioner Roles

CISO / CSO

Chief Security Compliance Officer

HIPAA Security Officer

GDPR Data Protection Officer (DPO)

Privacy and Compliance Attorney

Senior Security Architect

Senior Security Engineer

Senior Security Analyst

Specialist Roles

Privacy and Security Compliance Specialist

CyberSecurity and Privacy Attorney

Cloud Security Engineer

Applications Security Engineer

Security Source Code Auditor

Forensics Specialist

Security Incident Responder

Security Vulnerability Assessor

Cybersecurity Pen Tester

CyberInsurance Specialist

Assessment Types

FedRAMP

HIPAA, HiTech, HiTrust

ISO 27001,2

CMMC, NIST 800-171, 800-53 , CSF

GDPR, NYDFS, CCPA

SOC 1, SOC 2, SOC 3

PCI-DSS

GLBA, FACTA, SOX

Customer and Vendor Compliance

The mission

03

OUR MISSION

"Managing and remediating Enterprise Risk - the intersection of their cyber security vulnerabilities and compliance requirements."

We assist our clients in managing and remediating enterprise risk - the intersection of their cyber security vulnerabilities and compliance requirements. Our cybersecurity, remediation, and compliance programs help both our customers who have immature risk management programs as well those with growing compliance and regulatory requirements.

What Do We Do?

Help companies build, enhance, or evolve an effective security program

Create or integrate compliance and risk management programs based on security and compliance requirements

Create a benchmarks (current and future state) of security programs

Develop customized strategic plans (roadmaps and remediation plans) to address identified gaps

What is our Value Proposition?

Establish enterprise risk critical path - at the intersection of security vulnerabilities and compliance requirements

Remediate underserved security functions

Reduce the likelihood and/or impact of security incidents

Build external team to assist the execution of security plans

Prioritize budget, resources, and investments for security and compliance

Validate complexity of security and compliance dependencies

Support investment decisions

Communication security and compliance benchmarks to corporate board, executives, and/or stakeholders

How Do We Do It?

Understand your true risk critical path - map unique compliance requirements (e.g., regulatory, statutory, contractual, customer based) to vulnerability results

We take the time to understand your business and critical assets – we prevent our clients from spending thousands of dollars protecting assets with little to no value

We recommend controls that are reasonable, appropriate and cost effective

Combine assessment and risk management services with consolidated toolset for data gathering, analysis, and reporting

Ensure your risk frameworks are mapped to latest security requirements

Update your framework when compliance and/or security requirements change leveraging past data

Outsource your unique compliance requirement reporting schedule