Information Shield ™ Cyber Certification

A cost effective, streamlined program for demonstrating cyber security readiness to customers, regulators and business partners.

The Challenge:  Cyber Security Program Validation

Information Shield Cyber Certification
Information Shield Cyber Certification

How do your demonstrate to customers, business partners and regulators that your organization is a good cyber risk?   The most common method – the SSAE 18 SOC II report – is time consuming, expensive and requires a CPA firm to validate.  Inconsistent formats make sharing of SOC II reports with third parties a complex process that does not scale across hundreds or even thousands of organizations.  ISO 27001 certifications take many months and tens of thousands of dollars, making them out of reach for many businesses.

The Solution: The Information Shield™ Cyber Certification

The Information Shield ™ Cyber Certification is a program to dramatically simplify the validation of your cyber security program while producing more robust and consistent results.   The key is our Common Control Library (CCL), a rationalized set of information security and data privacy controls that apply to any business. Unlike an SSAE 18 SOC II, which requires a Certified Public Accounting (CPA) firm to validate your program, the Information Shield Cyber Certification relies on a network of Certified Information Security Auditors that have years of experience validating information security programs.

Learn More


What is the Cyber Security Certification?

The Information Shield Cyber Certification is an external validation of an organization’s information security program against a core set of cyber security controls.   It is designed as a cost-effective alternative to an ISO 27001 Certification or an SSAE 18 SOC II audit.   

The Cyber Certification is supported by an Advisory Board of leading cyber security experts.   In today’s interconnected business world, businesses need ensure that their sensitive data is secure as it passes between organizational boundaries.   This requires that one business “demonstrate” the robustness of their cyber security program to others.  Existing solutions are not effective for smaller organizations with limited resources and budgets.

Who can use the Cyber Security Certification?

Any business that wants to demonstrate their cyber security program maturity to another organization.   Unlike other programs, the Information Shield Cyber Certification easily scales to different business types and is especially affordable to firms that don’t have a large budget and technical staff.  Examples include:

SaaS Product Providers – Many Software-as-a-Service providers collect data from many customers.  However, unlike traditional firms most of their technical infrastructure is hosted in “the cloud.”  SaaS providers can use the Cyber Certification to demonstrate their cyber maturity to customers and business partners.

Professional Services Firms –  Professional service firms such as accountants, law offices and consulting firms often collect sensitive personal data as part of their work.   These firms are often small offices with a limited technical staff but large amounts of cyber exposure.

Healthcare Providers – Thousands of healthcare providers or Business Associates must comply with HIPAA and the HiTECH Act.  The Cyber Certification is a cost-effective way for an organization to demonstrate a sound cyber security program that meets HIPAA requirements.

Financial Services – The Cyber Certification can be an attractive alternative to a SOC II Type 2 audit.  This is especially important for firms that do not have the internal resources to manage a complex cyber security program.  For example, firms can use the Cyber Certification to demonstrate compliance with NYS-DFS.

Get Started - Contact Us