From the Board Room to the Firewall
Citadel Information Group is a full service integrated information security management and governance firm. We work either consultatively or as part of a client’s senior management team, assisting our clients cost-effectively manage the confidentiality, privacy, integrity and availability of their information.
We serve a wide variety of industries, including accounting, aerospace, broadcasting, business management, eCommerce, engineering, entertainment, finance, health care, insurance, law, manufacturing and distribution, market research, retail, and technology. We are especially proud of the work we do in support of the not-for-profit community.
We are particularly adept at working with small and medium-sized organizations where we often provide a combination of management expertise, technology know-how, leadership, coaching and training.
As leaders in the Los Angeles information security community, we are experienced in security management best practices such as ISO 27001-02, CISSP, CISM, ITIL® and six-sigma as well as compliance requirements such as HIPAA HITECH, GLBA, PCI DSS and Breach Disclosure.
A targeted and effective cyber security strategy begins with an evaluation of your organization’s risks and vulnerabilities.
Assessments are vital tools in an organization’s ongoing need to improve its cyber security risk profile.
We offer a full range of assessment services including:
- Information Security Management and Compliance Reviews
- Network Penetration Testing and Vulnerability Assessments
- Web Application testing
- 3rd Party Security Reviews
- Comprehensive IT Evaluations
- IT Vendor Security
Policies and Standards
We help you navigate the legal requirements pertaining to information security and breach disclosure laws. We are experts in helping organizations comply with:
- ISO-27001, 27002
- Payment Card Industry (PCI) Data Security Standard
- HIPAA HITECH Information Security Regulations
- Gramm-Leach-Bliley Information Security Regulations
- FTC Safe Harbor
- California Civil Code 1798.81.5
- Other Compliance Requirements
Custom Designed Information Security Management / Governance Programs
A successful information security program requires an ongoing process of top-down risk management and response. We custom design and implement information security management programs to meet your specific needs.
- Information security policies and standards
- Asset classification and control
- Awareness training and education programs
- Compliance management
- Incident response
- Information continuity and disaster recovery
- Creating a security aware culture
- Security management of IT infrastructure
- Secure software and system development
- Security support during key person replacement
Citadel principles offer engaging presentations on meeting the challenges of cyber security. We are knowledgeable, articulate, high-energy speakers with the rare gift of being able to describe the complexities of information systems security in a way that makes sense to real-world non-technical business professionals. View an overview of our Executive Briefing.
- Boards of Directors
- Business and Professional Executives
- Professional, Civic and Philanthropic Associations
- Other security organizations