Cyber security & COmpliance: Expert Analysis Straight Answers

Browse our wide array of cyber security and compliance consulting services

Cyber security & COmpliance: Expert Analysis Straight Answers

Browse our wide array of cyber security and compliance consulting services

Services

Compliance Advisory

In the cyber security space, Jim has assisted companies in achieving the following certifications: ISO27001:2022, SOC2, HIPAA, CMMC. In the privacy space: GDPR, CCPA/CPRA and in the AI Risk Management Space: ISO 42001:2023 and NIST AI RMF.

Fractional CISO

A Fractional CISO can deliver the value of a full-time CISO but without the same level of investment, especially for smaller organizations or for those security organizations in transition. Jim has extensive experience in strategic planning and development of security organizations, performing comprehensive risk assessments and prioritizing programs and investments accordingly. Jim has also been responsible for network engineering, security engineering, security operations, detection and response, end user computing, as well as security governance, risk management, compliance, and privacy

Risk Assessment & Management

Risk assessment is just the first step to effective risk management. Unfortunately, many companies stop at the risk assessment stage. Jim has extensive experience building comprehensive Cyber and Enterprise risk management systems that actually drive strategic planning and investment while tracking impact on risk reduction and increases in cyber security maturity.

NIST Cyber Security Framework (CSF) v2.0 and CIS v8.1

One of the challenges in answering questions such as “Are we secure enough?” and “How much more secure do we need to be?” is the need for a standardized scale against which to measure relative security maturity. The NIST Cyber Security Framework is such a scale but there is no program manual to help companies actually implement the NIST CSF in a comprehensive and meaningful way. Jim has implemented the NIST CSF for multi-billion dollar SaaS companies with integration to risk management programs.

Center for Internet Security (CIS) v8.1 is a comprehensive set of suggested security controls against which Jim has conducted numerous assessments as a basis for a Baseline Cyber Risk Assessment, Risk Register, and Risk Mitigation Roadmap.

Security Strategy

Why Security Strategy?

Creating and following an effective cyber security strategy is not easy. Every company and organization is different when it comes to cyber security requirements - One size does not fit all. With that said, an effective cyber security strategy is crucial in being able to answer the following questions for your C-Suite and Board of Directors:

Is my organization secure?
What (or who) are the greatest threats to our cyber security?
Are we investing the proper amount of money in the proper areas?
Are we getting a reasonable return on investment for our spending on cyber security?
How secure are we currently and is that secure enough?
How secure will we be/do we need to be in one year, two years from now?
What exactly is it that we are protecting?
Which security certifications should we attain?

Learn More

The creation, implementation, and ongoing management of a cyber security strategy program is one of our key competencies. Jim Goldman is highly experienced in providing strategic leadership of cyber security programs for companies of various sizes, from start-ups to multi-billion dollar organizations.

Goldman Security Group

Cyber security & COmpliance: Expert Analysis Straight Answers

Cyber security & COmpliance: Expert Analysis Straight Answers

About Jim Goldman

Technical Experience

Services

Compliance Advisory

Fractional CISO

Risk Assessment & Management

NIST Cyber Security Framework (CSF) v2.0 and CIS v8.1

Security Strategy

Why Security Strategy?

Learn More

Contact Us

Drop us a line!

Goldman Security Group