New Certification Validates Cyber Security Program Readiness

The Information Shield Cyber Certification enables any business to effectively demonstrate cyber security readiness to third parties

Information Shield today announced the release of the Information Shield Cyber Certification ™. This new program dramatically simplifies the process of validating cyber security readiness to management and third parties. The certification allows authorized security professionals to validate that an organization is following established cybersecurity principles.

“Current methods of validating third party security are costly and inconsistent,” said David Lineman, President of Information Shield. “A typical SOC II report or ISO 27001 certification can cost from $25K to $100K and take many months, putting them out of reach for thousands of businesses, The Information Shield Cyber Certification is a streamlined approach that uses a common set of proven information security controls that can be tracked and validated by qualified security audit firms. This creates a more consistent set of results that can be used across the entire ecosystem”.

Supporting a “Standard of Due Care” for Cyber Security and Data Privacy

Businesses are facing a common problem across all industries: How can we demonstrate to partners, customers and regulators that we are a good “cyber risk”? Today there is no standard way for one company to demonstrate that they have a robust program in place and then share this information with their supply chain. The Information Shield Cyber Certification ™ can be used as a standard way for one organization to demonstrate cyber resilience to any third party.

They key is the Information Shield “Common Control Library (CCL)” that is culled from international data security and privacy frameworks. The CCL covers 10 essential domains of cyber security, including risk management, program management, access and identity management, security operations, and response and recovery.

Reducing Costs and Increasing Efficiency

The current “state of the art” of validating information security is the SSAE 18 SOC Audit. While the SOC II audit has a valid place in the industry, it is very complex and typically runs from $25K to $100K does not scale well for Small and medium sized businesses. In addition, the SOC II audit requires a Public Accounting Firm that has been certified by the IACPA, further increasing costs. Another option is an ISO 27001 certification. Again this process takes many months and many tens of thousands of dollars. The Information Shield Cyber Certification is designed to meet the needs of modern organizations that are more virtual and may not have the resources to support a full SOC II audit.

Cyber Security Advisory Board

The Information Shield Certification is reviewed by a team of qualified information security and data privacy professionals with many years of real-world audit experience. The Certification Advisory Board is made up of key leaders in the area of information security, risk management, data privacy, incident response and cyber insurance.

Affordable Software Support

Organizations that wish to certify can use the ComplianceShield software platform. ComplianceShield enables organizations to quickly define their information security program and prepare for validations. The Information Shield certification is based on industry best-practices that are culled from various frameworks including ISO 27002, NIST CSF and UK Cyber Essentials. Once defined, the security program can be quickly documented with the built-in library of information security policy templates and security job descriptions.

Managing Supplier Information Security Risk

The Information Shield Cyber Certification can dramatically reduce the costs of managing third party risk. Rather than creating ad-hoc security assessments and manually managing the assessment process, organization can leverage the Cyber Certification to validate third-party vendors.