#
Talon Cyber Tec, LLC.
#
#
#
About Us#
#
Services
#
Partners
#
Contact Us
 
#
 #
#   #
#
Government mandated legislation, industry-specific compliance requirements, and homeland defense initiatives have forced organizations to embrace risk management and clearly defined information security controls to safeguard the confidentiality, integrity, and availability of sensitive electronic information. Talon Cyber Tec works with public and private organizations, as well as government entities, to pinpoint, comprehend, and meet compliance regulations to ensure that organizations do not violate regulatory requirements and face legal actions or fines.

Talon Cyber Tec is committed to working with organizations to help achieve their compliance goals and possesses a wealth of expertise in the following regulatory areas:

Sarbanes-Oxley Act (SOX)

Publicly traded companies are now mandated by section 404 of the Sarbanes-Oxley Act to implement robust internal controls to safeguard the processing of financial records, which includes information security controls related to financial reporting, as part of an organization's comprehensive compliance strategy.

Talon Cyber Tec works closely with organizations listed on the US stock exchanges, as well as firms that may go public or that might be acquired by a public company, to provide compliance assessments focused on core financial reporting systems regulated by Sarbanes Oxley. In doing so, policies, procedures, management governance, and technical systems are evaluated against IT control frameworks, such as COSO and COBIT, and a recommendation roadmap is developed to ensure information assets are protected and the IT Control portion of a SOX audit is easily passed.

Health Insurance Portability and Accountability Act (HIPAA)

Healthcare organizations must now address the externally imposed requirement of the federal government to ensure the confidentiality, integrity, and availability of all electronic protected health information (EPHI) that a covered entity creates, receives, maintains, or transmits, as communicated through the Privacy Rule and Security Rule of the Health Insurance Portability and Accountability Act (HIPAA).

Talon Cyber Tec works with health insurance plans, clearinghouses, healthcare providers, Medicare/Medicaid agencies, and other healthcare organizations to review and/or implement the administrative, technical and physical safeguards necessary to appropriately protect the privacy and data integrity of patient information.

Gramm-Leach-Bliley Act (GLBA)

Also known as the Financial Modernization Act, the Gramm-Leach-Bliley Act mandates that financial institutions establish reasonable security standards to protect customer data from unauthorized disclosure and maintain the confidentiality and integrity of personal consumer information.

Talon Cyber Tec supports banks, insurance companies, brokerages, credit card companies, credit unions, and other financial institutions in the establishment of technical and non-technical safeguards to ensure the confidentiality and integrity of customer information is not compromised and that a comprehensive security program is in place to demonstrate an organization's ongoing commitment to compliance.

California Senate Bill (SB) 1386

As the first law of its kind, California Senate Bill 1386 requires any agency, business, or person conducting business in California that owns or licenses a computerized database of personal information to immediately disclose any security breach if unencrypted personal information has been or may have been accessed by an unauthorized person.

As California Senate Bill 1386 authorizes lawsuits and injunctions if security breaches are not reported in a timely manner, Talon Cyber Tec helps organizations develop and implement measures for detecting, assessing, and reporting security incidents of unauthorized access to personal information. In addition, Talon Cyber Tec provides written and electronic notice to customers in the event of a security breach, satisfying reporting obligations and minimizing potential damage to their reputation.

Title 21 of the Federal Regulations Part 11 (21 CFR Part 11)

Outlining the US Food and Drug Administration's requirements to prevent fraud, while facilitating the adoption of information technology within the pharmaceutical industry, FDA 21 CFR Part 11 is a specific regulation addressing the use of electronic records and signatures in manufacturing processes.

Talon Cyber Tec provides organizations regulated by the FDA, such as pharmaceutical, biotech, medical device, food, and cosmetic companies with the assistance necessary to ensure compliance with access control, authentication, encryption, and digital signature requirements by assessing and implementing controls to ensure authenticity, integrity, confidentiality, and non-repudiation of electronic records.

North American Electric Reliability Council (NERC) Cyber Security Standard

Mandatory for all electric utilities in North America, compliance with the NERC Cyber Security Standard is designed to ensure that bulk electric systems are "reliable, adequate, and secure." Compliance dictates that technology resources, including software, electronic data, computers, and communications networks that support, operate, or otherwise interact with bulk electric system operations must be addressed to minimize the risk of compromise.

As NERC will be auditing corporate policies, procedures, and mechanisms related to security to verify that operations are as protected as possible, Talon Cyber Tec guides power related companies with their infrastructure protection efforts to ensure compliance with NERC Cyber Security standards.

Federal Information Security Management Act (FISMA)

Replacing the Government Information Security Reform Act (GISRA), the Federal Information Security Management Act (FISMA) impacts Federal agencies, state, local, and tribal governments, as well as private sector organizations composing the critical infrastructure of the United States, establishing a well defined structure for reporting security incidents and instituting a process-oriented approach to managing information security risk. Under FISMA, federal agencies must develop, document, and implement agency-wide risk management efforts to secure data, network resources, and information systems supporting infrastructure operations and assets.

As FISMA contains stronger permanent provisions than GISRA, including requirements for minimum mandatory information security standards as part of an agency-wide risk-based information security program, Talon Cyber Tec works with organizations to reach compliance by adopting the solid framework outlined by FISMA for building a successful security program.

Information Security Standard ISO 17799 / BS 7799

An internationally recognized and highly structured methodology, the International Standards Organization (ISO) specification 17799 provides a baseline for information security management, offering a benchmark against which to build an enterprise-wide information security program and manage the information security process. As a clearly defined set of tailored policies, standards, procedures, and guidelines, ISO 17799 has become the framework many regulations use as a basis to construct their compliance standards.

Demonstrating a high degree of due diligence and assurance, Talon Cyber Tec certifies organizations in their adherence to ISO 17799. In the event organizations require assistance in reaching compliance with ISO 17799, actions are undertaken to assess and neutralize risks and threats that negatively impact the security of information assets and network resources and to establish deficient elements of an information security risk management governance program.

#
Home  # |   About Us ## Services # |  # Partners  # |  # Contacts # |  # Privacy policy
Talon Cyber Tec, LLC. © 2005