Citadel Information Group

  • Home
  • About Us
    • About Citadel
    • Who We Are
    • When To Call Citadel
  • Services
    • Overview: Delivering Information Peace of Mind ® to Business and the Nonprofit Community
    • Citadel’s Information Peace of Mind ® Program
    • Assessments and Reviews
    • Information Security Policies and Standards
    • Secure The Human
    • Phishing Defense Training
    • CCPA and Defendable Security Procedures and Practices
    • Privacy: Information Inventory / Data Mapping
    • Security Management of the IT Network / Infrastructure
    • Incident Response / Business Continuity
    • Secure Application Development — Learn By Doing
    • Litigation Support
    • Keynotes
    • Client Success Stories
  • Blog
  • Resources
    • Information Security Library
      • Citadel Guides
      • Awareness Posters
      • For Boards and the C Suite
      • Cybersecurity Law
      • Cybersecurity Surveys
      • HIPAA HITECH
      • Insurance and Risk Management
      • National Cybersecurity
      • Online Bank Security
      • Payment Card Industry Data Security Standard
      • Personal Cybersecurity
      • Securing the IT Network
      • Helpful Links
    • Blogs
      • Cybersecurity Blogs
      • Leadership and Culture Change Blogs
  • Contact
You are here: Home / Overview: Delivering Information Peace of Mind ® to Business and the Nonprofit Community

Overview: Delivering Information Peace of Mind ® to Business and the Nonprofit Community

Distrust and caution are the parents of security … Benjamin Franklin

From the Boardroom to the Firewall

Citadel Information Group is a full service integrated information security management and governance firm. We work either consultatively or as part of a client’s senior management team, assisting our clients cost-effectively manage the confidentiality, privacy, integrity and availability of their information.

We provide clients with CISO-for-Rent, Virtual-CISO, vCISO and other information security management services. We combine subject matter expertise, management proficiency, and, above all, skill in helping an organization make taking proper care of its sensitive and critical information a part of its culture.

We serve a wide variety of industries, including accounting, aerospace, broadcasting, business management, eCommerce, engineering, entertainment, finance, health care, insurance, law, manufacturing and distribution, market research, retail, and technology. We are especially proud of the work we do in support of the nonprofit community.

We are particularly adept at working with small and medium-sized organizations where we often provide a combination of management expertise, technology know-how, leadership, coaching and training.

As leaders in the Los Angeles information security community, we are experienced in security management best practices such as the NIST Framework, ISO 27001-02, CISSP, CISM, the Center for Internet Security, NIST 800-171, ITIL® and six-sigma as well as compliance requirements such as HIPAA HITECH, GLBA, PCI DSS and Breach Disclosure.

Assessments and Reviews

A targeted and effective cybersecurity strategy begins with an evaluation of your organization’s risks and vulnerabilities.

Assessments are vital tools in an organization’s ongoing need to improve its cybersecurity risk profile. We offer a full range of assessment services including:

  • Information Security Management and Compliance Reviews
  • Governance Reviews
  • Network Penetration Testing and Vulnerability Assessments
  • Web Application testing
  • 3rd Party Security Reviews
  • Incident Response Plan Review
  • Business Continuity Plan Review
  • Comprehensive IT Evaluations
  • IT Vendor Security

Policies and Standards

We help you navigate the legal requirements pertaining to information security and breach disclosure laws. We are experts in helping organizations comply with:

  • The NIST Cybersecurity Framework
  • ISO-27001, 27002
  • Payment Card Industry (PCI) Data Security Standard
  • HIPAA HITECH Information Security Regulations
  • Gramm-Leach-Bliley Information Security Regulations
  • FTC Safe Harbor
  • New York State Cybersecurity Requirements for Financial Services Companies
  • California Civil Code 1798.81.5
  • Other Compliance Requirements

Information Security Management / Governance Programs

A successful information security program requires an ongoing process of top-down risk management and response. We design and implement information security management programs to meet your specific needs.

  • Chief Information Security Officer (CISO)
  • Information Security Strategy
  • Board and C-Suite Education
  • Information Security Policies and Standards
  • Asset Classification and Control
  • Security of Online Banking
  • Awareness Training and Education Programs
  • Compliance Management
  • Support in Meeting Security Requirements of Customers, Including Negotiating Requirements
  • Security Support During Key Person Replacement

Security Management of the Technology Infrastructure

Citadel works with IT staff and vendors to make sure the IT infrastructure is designed, implemented and maintained in accordance with information security requirements. We work to make sure IT staff has the necessary information security skills while providing technology management guidance and coaching to IT management. And for clients without their own project management infrastructure, we are able to take the project management lead.

  • IT Security Management
  • Secure IT Network Design
  • Secure Cloud Usage
  • Securing BYOD (Bring Your Own Device)
  • Secure Maintenance of the IT Network
  • Security Tools and Solutions
  • Secure Software Engineering
  • Technology security management reviews and assessments
  • Application Security Test and Evaluation, incl Website
  • Security Skills Development
  • Technology & Security Management Coaching
  • Security Project Management

Security Education & Culture Change

Citadel offers a full-range of awareness training and education programs, both for non-technical and technical staff.

  • Staff Awareness Training
  • Security Management Training
  • Remote User Training
  • Phishing Defense Training
  • Staff Focus Groups
  • Security Training and Coaching Programs for IT Management and Staff

Incident Response and Business Continuity (IR/BCP)

As Failing to Plan is Often Planning to Fail, Citadel provides clients both Incident Response and Business Continuity Planning Services.

  • Incident Response Planning
  • Information Continuity / Business Continuity / Disaster Recovery Planning
  • Testing the Incident Response / Business Continuity Plan
  • Table-Top IR/BCP Executive Exercises
  • Incident Response / Business Continuity Plan Annual Executive Summaries
  • Incident/Breach Response Services, including Forensics

Background Information: Webinars & Additional Resources

SecureTheVillage: The Cybersecurity Threat Landscape

SecureTheVillage: Senior Leadership

SecureTheVillage: Information Security Management & Governance

SecureTheVillage: The Information Security Management & Leadership Team

SecureTheVillage: Information Security Policies and Standards

SecureTheVillage: Information Security Risk Assessment

SecureTheVillage: Information Classification and Control

SecureTheVillage: Securing the Human

SecureTheVillage: Third-Party Security Management

SecureTheVillage: Managing Security of the IT Infrastructure

SecureTheVillage: Getting Cyber-Prepared: Incident Response and Business Continuity

SecureTheVillage: Legal and Related

SecureTheVillage: Managing Cyber-Risk and Insurance

Call us for a free confidential consultation:
323-428-0441

Get our newsletter

A weekly report of critical security updates and the latest cybersecurity news delivered to your inbox from Secure The Village.

Sign Up

Overview: Delivering Information Peace of Mind ® to Business and the Nonprofit Community

  • Citadel’s Information Peace of Mind ® Program
  • Assessments and Reviews
  • Information Security Policies and Standards
  • Privacy: Information Inventory / Data Mapping
  • SecureTheHuman
  • Client Success Stories
  • Security Management of the IT Network / Infrastructure
  • Phishing Defense Training
  • Incident Response / Business Continuity
  • CCPA and Defendable Security Procedures and Practices
  • Litigation Support
  • Secure Application Development — Learn By Doing
  • Keynotes

Get in touch

323 428 0441
info@citadel-information.com

Citadel Information Group
Citadel on Linkedin
SecureTheVillage on Linkedin

About Us

Citadel Information Group is a full service integrated information security management / governance firm. We work either consultatively or as part of a client’s senior management team, assisting our clients cost-effectively manage the confidentiality, privacy, integrity and availability of their information. Learn more.

Key Resources

  • The Citadel Way to Information Security Management
  • Creating a Cybersecurity Aware Culture
  • Secure Application Development: The CISO’s Role – a webinar with WhiteHat Security
  • Information Security Library

Copyright © 2018 by Citadel Information Group  All Rights Reserved | Privacy Policy