As cybersecurity advisors it’s imperative we separate privacy (individual data collection, permissible use, sharing of data, retention of information) from security (access control & data protection).

Herjavec Group’s Advisory Services team keeps these definitions top of mind as we review your organization’s security infrastructure against three principles to understand the existing information technology control framework; identifying where you are most vulnerable to cyber threats and attacks.

Security Architecture

People, Policy, Process

Detective Controls

Management, Monitoring and Review

Preventative Controls

Technology, Tools and Techniques

As the cornerstone of our Advisory Services practice, our Privacy Consulting Team partners with you to prioritize applicable legislative requirements and industry directives when performing our advisory evaluations. Our Privacy Consultants have expertise in turning your privacy & compliance initiatives into an information advantage.

  • Prioritize your privacy & compliance initiatives in alignment with your business needs
  • Assess your privacy programs, policies and detective measures on a regular basis to ensure consistent improvement
  • Improve your understanding of business & security risk to augment your overall security planning

Herjavec Group’s Privacy Consultants Specialize In:

Payment Card Industry (PCI) Compliance

  • Qualified Security Assessor (QSA) and Authorized Scanning Vendor (ASV)
  • PCI Cardholder Data Environment Scoping, Gap Analysis & implementation or remediation of PCI initiatives
  • Annual Penetration Testing, Quarterly Vulnerability Assessments, On Site QSA Report Audits

General Data Protection Regulation (GDPR) Readiness

  • GDPR Readiness Assessments as well as Data Protection & Privacy Impact Assessment evaluations
  • Data Identification & Inventory Discovery Workshops to drive business scoping and system testing

Healthcare Assessments

  • Control & policy assessments tied to industry frameworks including HIPAA
  • Compliance consulting, roadmap development & risk analysis

Security Framework Consulting

  • Expertise in NIST, ISO, SANS & COBIT frameworks to validate weaknesses that may be exploited
  • Benchmark security controls against appropriate security standards

Compliance Audits tied to Industry & Regional Legislative Requirements

  • Privacy Guidance, Policy Development, Privacy Impact Assessment and/or Data Protection Impact Assessments
  • Data processing inventories, data lifecycle implementation projects & reviews

Many of our Privacy Services involve stakeholder interviews, process assessments and the development of an executive report with prioritized recommendations for remediation. Herjavec Group is well equipped to support your remediation measures as your organization moves towards continuous compliance. Our comprehensive range of Cybersecurity Services includes:

  • Vulnerability Scanning Services
  • Technical Architecture & Implementation
  • Identity Governance, Solution Deployment and Identity Managed Services
  • Managed Security Services
  • Incident Response
  • Threat Management including Threat Advisory & Hunting Services
Tech Image

Accelerate Your Advisory Services with HG

Download the Service Brief






I subscribe to Herjavec Group News which includes Threat Advisories, Thought Leadership and information about products, services and events that may be of interest.