Services Offered
Effective security is layered, therefore, each part of our services are meant to build on the others and together they give your organization the greatest ability to protect your data.
INFORMATION SECURITY AUDIT
Red Thorn Security Group provides in-depth information security audits based on the NIST Cybersecurity Framework (CSF) and FFIEC IT Examination Handbooks. Red Thorn’s goal is to help organizations identify information system shortcomings so that the organization can effectively mitigate the risk of attack from the many nefarious individuals who seek to exploit vulnerable information systems.
Information Security RISK ASSESSMENT
Red Thorn performs information security risk assessments based on the NIST Cybersecurity Framework (CSF) or FFIEC IT examination handbooks. After an information security audit, an accompanying risk assessment can help an organization build a plan to protect the organization based on a process of implementing the most important controls with the most significant threat first.
SOCIAL ENGINEERING PENETRATION TESTING
Often the most vulnerable aspect of an organization’s information security program is the people responsible for its implementation. Red Thorn’s social engineering engagement tests the implementation and followthrough of your policies and procedures through subversive techniques aimed at evaluating your personnel’s response to attacks.
Virtual CISO (vciso)
A vCISO, or Virtual Chief Information Security Officer, provides strategic cybersecurity leadership on a flexible, outsourced basis. This service helps organizations strengthen their security program by identifying risks, guiding security priorities, improving policies and controls, supporting compliance efforts, and advising leadership on how to protect the business. Red Thorn Security Group offers this practical option for companies that need experienced security oversight but are not ready to hire a full-time CISO..
Incident Response Tabletop Testing
Strengthen your organization’s defenses with expert-led tabletop testing! Our tailored simulations help you uncover vulnerabilities, enhance your team’s response capabilities, and ensure compliance with industry standards. We guide your key stakeholders through realistic scenarios, offering actionable insights to improve your incident response plans and build resilience against cyber threats. Protect your business, boost preparedness, and ensure peace of mind—partner with us for your next tabletop exercise!
SOCIAL MEDIA EVALUATION
Social media is an important aspect of the life of most people as well as most organizations. However, social media posts can divulge sensitive information about an organization that can then be used to extract data from the organization. Red Thorn’s social media evaluation service assesses the organization’s social media accounts as well as the accounts of the organization’s employees accounts.
SECURITY PROGRAM Policy Templates
Developing comprehensive policies and procedures is typically a heavy lift for small and large organizations. Red Thorn offers policy templates which helps to ensure compliance with the most important aspects of your information security program. Red Thorn offers templates aligned to NIST and FFIEC frameworks. We are one of the only organizations to offer FFIEC specific policy templates that are closely aligned to FFIEC requirements.
WIRELESS NETWORK AUDIT | PENETRATION TESTING
Wireless networks (Wi-Fi) are becoming more and more common in business environments. Although wireless connectivity offers convenience and flexibility, it also offers a potential vector of attack from nefarious individuals who can attack your network from outside the confines of your controlled building. Red Thorn will test the effectiveness of your wireless network security through penetration testing and a policy and configuration audit.