Helping protect your digital assets with comprehensive cybersecurity services
In today’s increasingly connected world, your organization faces a number of threats and risks. Our cybersecurity professionals can help you develop a holistic plan to protect against unforeseen attacks.
Services
Cyber Compliance
FORVIS has experience with the following cybersecurity standards, frameworks, and regulations.
- Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM)
- Cybersecurity Maturity Model Certification (CMMC)
- FISMA/NIST 800-51
- ISO 27001
- FFIEC – Information Technology (IT) General Control Testing
- GLBA/FFIEC/InTREx – Financial Institutions
- NY Dept. of Financial Services (NYDFS)
- GLBA – Higher Education
- HIPAA – Healthcare
- Payment Card Industry (PCI)
- SOX
Cyber Technical
As cybercriminals grow more sophisticated in their tactics, it is more important than ever to keep defending your systems a top priority.
- IT General Controls Testing
- Ransomware Risk Assessments
- FORVIS Red Team
- Penetration Testing
IT Consulting
Data breaches can happen to anyone at any time. In fact, 82% of breaches involve a human element.1 Detect and respond to these issues with the following solutions:
- Virtual Chief Information Officer (vCIO) Advisor Services
- Virtual Chief Information Security Officer (vCISO) Advisor Services
- Business Continuity Planning
- Cybersecurity Awareness Training
- Overwatch – FORVIS 24/7 Managed Security Services
- Breach Incident Response Plan Development
- Response Plan Training Services
- Post-Data Breach Assessment
Source
- 2022 Data Breach Investigations Report | Verizon
Breadth of Knowledge, Industry Specialization
Cybercriminals know no boundaries. Every industry is susceptible to a cyberattack—and our FORVIS team has the capabilities and resources to help.
The nature of some industries means that they are often high-profile targets for cybercriminals, and often have additional regulations to which they must adhere. Read below to check out our tailored suite of offerings we suggest the following industries have in place as a base defense against cybercrimes.
Financial Services
Financial institutions must work to make compliant accounting, tax, and business decisions, balancing the need to increase profitability with more complex and burdensome regulations. The nature of a financial institution also brings with it the increased risk of being the target of a cyberattack. Our cyber team has deep financial services industry knowledge and resources that can help you manage change, bolster the bottom line, make wise decisions, and stay compliant.
- Risk Assessment
- Social Engineering
- IT General Controls Reviews
- FORVIS Red Team and Penetration Testing
- Business Continuity Planning
- FedLine Assessment Services
Government Contracting
The IT Risk & Compliance and Government Contracting teams maintain a forward-thinking and credentialed cybersecurity team with significant experience assessing and advising on cybersecurity controls. The CMMC 2.0 framework will require businesses seeking DOD contracts to demonstrate a minimum set of practices for protecting Controlled Unclassified Information. As the sixth authorized CMMC 3rd Party Assessment Organization (C3PAO), we are well positioned to assist contractors, anticipate potential compliance issues, and prioritize resources to meet compliance requirements. Services include:
- NIST 800-171 Joint Surveillance Assessments
- Readiness Assessments & Gap Analyses Against the CMMC Framework
- Mock Assessments
- System Security Plan (SSP) Documentation Development
- Network Security Assessments & Penetration Testing
- Security Awareness Training Program Assessment
- vCISO & Project Management
Healthcare
Healthcare organizations and providers face significant challenges and complex regulations in today’s market. Your healthcare organization has copious amounts of private patient information that must be protected. Our advisors are dedicated personnel who are passionate about serving and supporting hospitals, health systems, senior living centers, long-term care facilities, community health centers, home health providers, and hospice providers. We can leverage our deep industry knowledge and breadth of resources to help you manage change, safeguard electronic protected healthcare information (ePHI) and financial resources, and remain HIPAA compliant.
As one of the nation’s largest healthcare management consulting firms, we invite you to experience how our industry and information security professionals can help you achieve your goals.
- Risk Assessment
- IT General Controls Testing
- Business Continuity Planning
- Ransomware Risk Assessment
- Threat & Vulnerability Testing
- Incident Response
- FORVIS Red Team & Penetration Testing
- Sensitive Data (ePHI) Scanning
- Social Engineering
- Third-Party Risk Management
Featured FORsights
HCCA’s Cyber Attacks on a Rise – Effects of Ransomware on the Healthcare Industry
Join us for HCCA’s webinar, “Cyber Attacks on a Rise – Effects of Ransomware on the Healthcare Industry,” presented by FORVIS’ Director Ray…
Is Your Organization Ready for the Upcoming Updates to GLBA?
With a June 9 compliance date, the Safeguards Rule updates data security requirements for many organizations. Read on for tips for…
Safeguard Your Data! Avoid Public Charging Ports
The FBI says travelers should avoid using public charging stations because of potential cyberthreats. Read on for tips to help protect your…
NIST 800-171 Revision 3 Draft Has Significant Changes for Government Contractors
A new draft of Revision 3 for SP 800-171 will require organizations to consider modifications to their CUI protection programs. Read on for…
Update – Dealerships to Comply With FTC Data Breach Safeguards Rules
The updated Federal Trade Commission’s (FTC) Safeguards Rule deadline for compliance is June 9, 2023. Read on for details.
Digital Assets & Divorce: Your Fresh Start
During a contentious divorce, be aware of cyberthreats that can come from those who used to know you best. Read on for tips to consider.