Cybersecurity, Privacy, & Data Ethics

Treliant’s Cybersecurity, Privacy, & Data Ethics team of experienced, certified professionals supports organizations in their efforts to comply with data protection obligations and mitigate potential cyber risks.

We help organizations develop appropriate and sustainable cyber, information security, and privacy programs that perpetually improve and mature. We support clients’ compliance with expanding cybersecurity, privacy, and data breach notification regulations. Our goal is to assist in identifying and driving business value, by helping companies manage risks while meeting strategic objectives. 

SUBMIT AN RFP

Performed the role of Chief Information Security Officer (CISO) for foreign banking organizations

Treliant managed the cyber and information security programs for several foreign banking organizations.  In doing so, Treliant addressed daily Matters Requiring Attention (MRAs) related to cyber and information security, and helped satisfy the requirements established by the New York State Department of Financial Services (NYDFS) and the Federal Reserve Bank of New York.  Business continuity program development also included planning, testing, reporting, training, and broad operational support of the companies’ regulatory requirements and business objectives.

Our Services

Treliant has a proven track record of consulting in the following areas:

Our Services

Governance and Risk Management (including CCPA, GDPR, and NYDFS compliance)

  • Cyber, Privacy, and IT risk assessments, including but not limited to compliance with:
    • European Union’s General Data Protection Regulation (GDPR)
    • California’s Consumer Privacy Act (CCPA)
    • New York State Department of Financial Services (NYDFS) Part 500
    • Brazil’s Lei Geral de Proteção de Dados (LGPD)
    • Securities and Exchange Commission (SEC) information security requirements
    • Gramm Leach Bliley Act (GLBA) Safeguards and Privacy Rule
    • Health Insurance Portability and Accountability Act (HIPAA) Safeguards and Privacy Rule
    • As well as leading industry frameworks from the National Institute of Standards and Technology (NIST) Cybersecurity Framework, International Standards Organization (ISO), and Information Systems Audit and Control Association (ISACA’s COBIT 5)
  • Policies and procedures update/development, implementation, and testing
  • Penetration testing and vulnerability scanning
  • Data Mapping and Personal Data Inventories
  • Board reporting
  • Strategic planning
  • Data driven operational support for marketing, human resources, business operations, information security, and internal finance efforts

Our Services

Vendor and Third-Party Risk Management Program Development

  • Privacy and cybersecurity vendor assessments
  • Framework development
  • Policies and procedures
  • Vendor risk ratings criteria
  • Contract review and execution
  • Due diligence reviews, baselining for mergers and acquisitions
  • Ongoing monitoring

Our Services

Training Program Development

  • Table-top exercises
  • End-user awareness classes, videos, and workshops
  • Executive leadership cyber business risk, threat, and impact awareness
  • Email phishing exercises and incident response testing
  • Policies and procedures and role-based training
  • Stakeholder incident response training

 

Our Services

Cyber Insurance Data Breach Remediation Support (Incident Response and Recovery)

  • Forensic Technology:
    • Attempt to identify entry-point of breach, and size and scope of data that has been compromised.
    • Pursue data recovery efforts to attempt to retrieve data controller’s data.
  • Cybersecurity:
    • Provide incident response, business continuity, and disaster recovery preparation and support.
    • Provide third-party CISO support to manage the patching of remaining cyber vulnerabilities.
    • Provide ongoing threat intelligent support
  • Data Privacy:
    • Ensure applicable breach notification obligations are satisfied under 50 U.S. State laws, CCPA, GDPR, LGPD, NYDFS, HIPAA, COPPA, etc.
    • Leverage technology to identify specific individuals who must be notified of a breach.

Our Experts

Ready to Talk?

Treliant works closely with its clients to understand their needs and design an appropriate work plan and approach to each engagement. Learn more when you connect with our team.

Reach an Expert

Related Articles

The latest in Cybersecurity & Privacy