Strategic Security Programs

SMP recommends that organizations employ an ongoing approach to information security, reviewing data and systems multiple times a year. As such, SMP offers comprehensive, strategic programs that account for evolving regulations and other critical security considerations, developed to meet three primary needs.

Strategic Security Programs for Report on Compliance (RoC) & Annual Assessments can be used to review all new Payment Card Industry (PCI) regulations including documents, policies and procedures, processes, controls, and so on. With PCI regulations changing every year, it is imperative that organizations stay abreast of updates and assess systems to ensure compliance. To accomplish this, SMP offers multiple review options that account for PCI as well as non-Approved Scanning Vendor (ASV) testing. With this option, SMP also offers assistance with the RoC and Self-Assessment Questionnaire, as well as:

  • External/Internal Penetration Tests

  • Internal Vulnerability Assessments

  • Wireless Testing

  • Firewall Testing

  • Skimming

Strategic Security Programs, including non-PCI work for Banks & Financial Organizations, are designed based on the company’s existing assets. Depending on the size and scale, SMP will complete a number of External, Internal, and Firewall tests along with Infrastructure Assessments throughout the year. In addition, SMP will review information security systems to manage compliance for:

  • California Consumer Privacy Act of 2018 (CCPA)

  • Massachusetts 201 CMR 17

  • New York Cybersecurity Regulation (23 NYCRR 500)

  • General Data Protection Regulation (GDPR)

  • Gramm-Leach-Bliley Act (GLBA)

  • Health Insurance Portability and Accountability Act of 1996 (HIPPA)

Strategic Security Programs, including non-PCI work for Commercial, Legal & Healthcare Organizations, emphasize industry standards and best practices for changes taking place within the company. These programs involve testing and monitoring information security systems in tandem with the purchase of new hardware, software, or firewall, operating system upgrades or any network or facility update. In doing so, SMP accounts for regulations such as CCPA, MA 201 CMR 17, 23 NYCRR 500, GDPR, GLBA, and HIPPA.

In a hyper-connected, continually evolving tech landscape, Strategic Security Programs help organizations across industries shore up their existing information security systems and protect their data assets on an ongoing basis. Rather than merely reacting when an incident occurs, Strategic Security Programs take information security to the next level through frequent monitoring, adapting, and evolving as legislation changes and providing the level of support that today’s organizations need to mitigate risk.