Services to Fit Your Team

We address all aspects of your Information Security and Privacy program by supporting your staff and management. We offer services hourly, monthly and under projects with predetermined milestones.

Services Matrix

Virtual CISO Services

“Cyber security resources continue to be in high demand in the U.S., with Chief Information Security Officer (CISO) and engineering positions left vacant. Smaller firms with only part-time information security needs have an even tougher time finding experienced resources that fit their culture.”

Working Security CISO On-Demand Services allow you to respond to cyber security, audit/compliance and incident response needs now. If your needs are less than full time or you are searching for a permanent hire, our services keep your projects and operations moving.

Delivered at your offices or remotely, our services are tailored to fit your needs and complement the skills you already have in-house.

We support corporate boards, executives, and owners, as well as CIOs and CTOs who need an experienced strategic resource on specific projects. Our CISOs have deep business backgrounds to support strategic planning as well as the technical knowledge required to work directly with I/T leadership on implementation strategies.

Our vCISOs:

  • Support your technology project teams to manage security risks;
  • Work with regulators and partners to complete Compliance and Certification processes;
  • Respond to questionnaires from Business Associates, Partners and Vendors;
  • Train your staff and business partners to minimize risk to the business;
  • Implement and deliver Incident Response and Risk Management services, and
  • Develop security operations capabilities for your existing Helpdesk or NOC

Working Security protects Data and Computer Networks

“Working Security is located in St. Louis, Missouri and provides CISO, Computer Forensics, Penetration Testing and other Computer Security services for commercial, government, and non-profit clients.”

Meet Compliance and Assurance goals through:
  • Penetration Testing to meet business partner or key customer requirements
  • Technology audit, risk assessment and mitigation services
  • Pre-audit remediation for PCI, HIPAA, SSAE-16, FISMA, SOX
  • CISO On-Demand services
Proactively Test I/T Security Infrastructure and Contingency Plans:
  • Our Certified Ethical Hackers find vulnerabilities before attackers do
  • Scanning servers, workstations and mobile devices for security vulnerabilities
  • Performing penetration tests on public web servers, firewalls, and VPNs
  • Web and Mobile application testing including source code reviews
  • Social Engineering tests validate Security Awareness Training
  • Testing disaster recovery processes in table-top and live recovery exercises
Respond to Suspected and Confirmed Cyber Security Incidents where:

Your website has been defaced
An outside party has embedded aggressive malware or a virus that keeps coming back
Network devices are exhibiting strange behavior and the source can’t be found
Legally defensible forensic examinations or investigations are required
insiders are suspected of violating policies and evidence is required before taking action.

We support your business, unbiased by a desire to sell hardware or software. We help you balance I/T risk management with day-to-day I/T priorities, react to unplanned cyber-security events, and position yourself to minimize the potential impact of future incidents.

Manage your Security and Privacy Program

A Security Program isn’t just a firewall or anti-virus software. It’s not just having an I/T guru. A Security Program is a “comprehensive set of policies, processes, and technology” that enable an organization to reduce risk, manage day-to-day secure operations, and respond effectively when incidents occur.

In case after case, organizations suffering breaches are fined for not having a “Security and Privacy Program” in place before the breach occurred.

Protecting the privacy of your customers and securing intellectual property means managing the computing assets and data at the center of your business.

If you’re protecting a single office or twenty, the Working Security and Privacy Program helps you manage and maintain the information security of your organization.

You don’t need to be security expert.

You don’t need to be a computer expert.

We guide you through the landscape of information security, learn about your business and your priorities to build an information security program tailored for you.

We take complex security standards, policies and technology and translate them into guidelines and reminders that enable you to manage risk, maintain policies, train employees, monitor security, and respond to incidents effectively.

Contact us today to learn more about how you can take control of your Security Program.

Digital Forensics

Working Security performs forensically sound acquisitions of machine images for use in state and federal cases. We perform forensic analysis of Microsoft Windows, Apple OS X, Linux, Apple iOS, Android and other mobile devices. Our formal reports are suitable for litigation, are supported by expert witness testimony and deposition support. We recover data and document timelines on computer use.

Whether your goal is just to recover access to your system or pursue legal actions, we can help.

Our GIAC certified staff meet standards required by the U.S. Department of Defense (DoDD 8570) under the Computer Network Defense Service Provider (CNDSP) Incident Responder program.

Our methods ensure the recovery of data when possible, the preservation of evidence and proper chain of custody including generation of Checksums and Hashes.

Services include:

  • Capture Evidence from Phones, Tablets, PCs Servers, USB
  • Computer, Storage, Cloud Forensics
  • Court Admissible Forensic Timelines with Checksums and Hashes
  • Data Privacy Investigations Data Recovery / Deleted File Recovery
  • e-Discovery and Litigation Support
  • Expert witness testimony
  • Intellectual Property Theft Investigations
  • Network Intrusion Investigation
  • Phone and Tablet Forensics
  • Privacy Breach Investigations
  • Risk Assessments and Audit
  • Trade Secret Theft Investigations
  • Unlock Tablets, Smart Phones, Servers, and Network Devices
  • Virus and Malware Removal and Analysis