The National Institute of Standards & Technology (NIST) defines "Information Security" as "the means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide integrity, confidentiality, and availability."
If that statement sounds confusing, you are not alone. Many business owners and managers have little understanding and exposure to the term "Information Security" but most are familiar with one of its sub-categories, "Cybersecurity".
Often times when business owners/managers are looking for Cybersecurity consulting and services, they are inadvertently miss the larger picture and focus on "Cyber" when the threat is much larger. This is why PDC takes a holistic approach to "Information Security" and where PDC sets itself apart from its competition.
We work with our clients to help educate them on the fundamentals of Information Security and explain why it is such a critical area of their business. We walk them thru the process of identifying the information that they have, help them to secure it, and provide solutions to maintain it in order to reduce risk.
For example, sometimes the Information Security risk may be in the configuration of a server, and in other situations it may be the physical documents on your desk or unlocked filing cabinet that contain your employee's or customer's social security number, DOB, driver's license, or other PII (Personal Identifiable Information). These risks are very real and the federal government and states across the nation are passing legislation to require business to respond in a specific manner in the event of a security breach, in some cases if there is a "suspected" security breach.
PDC Technology's certified staff follows the latest industry regulations, trends, and lawsuits in order to be in the best position possible to inform our clients of the changes happening in a world filled with data privacy concerns.
Here are some of the specific Information Security solutions PDC provides:
• Framework/Program Development
• Security Awareness Training
• Threat Hunting
• Risk Management
• Vulnerability Scanning
• Governance Risk and Compliance
• Threat Assessments
• Penetration Testing