The Information Shield ™ Certification is a cost-effective, streamlined program for demonstrating cyber security readiness to customers, regulators and business partners. South by Southwest (SXSW) show attendees get 50% off!
The Challenge: Cyber Program Validation
How do your demonstrate to customers, business partners and regulators that your organization is a good cyber risk? The most common method – the SSAE 18 SOC II report – is time consuming, inconsistent and expensive. ISO 27001 certifications take many months and tens of thousands of dollars, making them out of reach for many businesses.
The Solution: Information Shield ™ Cyber Certification
The Information Shield ™ Cyber Certification dramatically simplifies the validation of your cyber security program while producing more robust and consistent results. Save thousands of dollars and months of effort compared to SSAE 18 SOC II report while getting better, more consistent results.
It takes less than 5 minutes to get started!
Watch Bob’s story: Passing Cyber Security Assessments (90 sec video)
Three Steps to Cyber Security Certification
Define your Information Security Program
Use our Compliance Wizard to quickly build a robust information security program with all of the essential elements. Within minutes you have a custom security program based on our best-practices security library.
Track Control Compliance
Once your program is defined, use ComplianceShield to measure and track results. Simple dashboards and automation lead you through the tracking and reporting against your key controls. Easily prepare and store evidence in preparation for your external audit.
Contact one of our audit partners and validate your program. Create, manage and share evidence all within our secure platform.
What is the Information Shield Cyber Certification?
The Information Shield Cyber Certification is an external validation of an organization’s information security program against a core set of cyber security controls. It is designed as a cost-effective alternative to an ISO 27001 Certification or an SSAE 18 SOC II audit.
Unlike an SSAE 18 SOC II, which requires a Certified Public Accounting (CPA) firm to validate your program, the Information Shield Cyber Certification relies on a network of Certified Information Security Auditors that have years of experience validating information security programs.
The Cyber Certification is supported by an Advisory Board of leading cyber security experts.
Who can use the Cyber Security Certification?
Any business that wants to demonstrate their cyber security program maturity to another organization. Unlike other programs, the Information Shield Cyber Certification easily scales to different business types and is especially affordable to firms that don’t have a large budget and technical staff. Examples include:
SaaS Product Providers – Many Software-as-a-Service providers collect data from many customers. However, unlike traditional firms most of their technical infrastructure is hosted in “the cloud.” SaaS providers can use the Cyber Certification to demonstrate their cyber maturity to customers and business partners.
Professional Services Firms – Professional service firms such as accountants, law offices and consulting firms often collect sensitive personal data as part of their work. These firms are often small offices with a limited technical staff but large amounts of cyber exposure.
Healthcare Providers – Thousands of healthcare providers or Business Associates must comply with HIPAA and the HiTECH Act. The Cyber Certification is a cost-effective way for an organization to demonstrate a sound cyber security program that meets HIPAA requirements.
Financial Services – The Cyber Certification can be an attractive alternative to a SOC II Type 2 audit. This is especially important for firms that do not have the internal resources to manage a complex cyber security program. For example, firms can use the Cyber Certification to demonstrate compliance with NYS-DFS.
Cyber Certification Board of Advisors
The Information Shield Certification is maintained by a group of leading information security experts with many decades of experience.
Mark Greisiger is a pioneer in the area of cyber insurance and risk management. As the President of NetDiligence, Mark has lead the development of software solutions and programs to manage and reduce cyber risk within the insurance industry. Prior to joining NetDiligence, Mark spent 12 years in the insurance industry, primarily with CIGNA P&C, where he created the first generation of cyber risk insurance.
Steve Martinson has over 30 years’ experience in cyber security and specializes in cyber security assessments and program validation. He has multiple information security certifications and specializes in cyber security audits. Steve is a major contributor to the Cyber Certification and leads the development of the information security audit protocols.
Dr. Herb Mattord
Dr. Herb Mattord is a Professor at Kennesaw State University. He is currently Associate Professor of Information Security and Assurance, Department of Information Systems, Coles College of Business. Dr. Mattord has over 40 years of both industry and academic experience.