Security and Compliance

Our cyber security consulting and solutions ensure the proper control environment is implemented to protect your sensitive data.


We take an independent look at business operations and bench-mark your environment with comparable organizations and applicable frameworks (i.e. Cobit, NIST, CIS, ISO, etc.). From security program design to audit preparation, our clients benefit from our unique vantage point to data privacy.

With our cyber security and information security experience, we can step in to consult on vendor risk management, technical security controls, vulnerability management, web application security, network security, IT audits, data security and compliance matters. These items will reduce the likelihood of data breaches, data loss and your processes will be in compliance with applicable regulations and/or compliances.


Regulations and Standards:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • California Privacy Rights Act (CPRA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Federal Financial Institutions Examination Council (FFIEC)
  • Gramm–Leach–Bliley Act (GLBA)
  • Securities and Exchange Commission (SEC)
  • Code of Federal Regulations (12-CFR)
  • Payment Card Industry Data Security Standard (PCI-DSS)
  • Department of Defense (DOD) Compliance
  • International Organization for Standardization (ISO) Compliance
  • Federal Information Security Modernization Act of 2014 (FISMA)
  • The Federal Risk and Authorization Management Program (FedRAMP)
  • The Family Educational Rights and Privacy Act of 1974 (FERPA)
  • International Traffic in Arms Regulations (ITAR)
  • Children’s Online Privacy Protection Act (COPPA)
  • NERC Critical Infrastructure Protection Standards (NERC CIP Standards)
  • American Institute of Certified Public Accountants (AICPA)
  • Sarbanes-Oxley Act (SOX)

Our client engagements start with an initial assessment and evaluation. After we develop a strategy, our consultants provide end-to-end implementation of our agreed upon solution. We ensure post-engagement support is seamless and offer on-going maintenance to your solution.


Information Security / Cyber Security Solutions:

  • Firewall Support and Installation
  • Web Application Firewall
  • Virtual Private Network (VPN)
  • Web Content Filtering
  • Reverse Web Proxy
  • Gateway Anti-Virus
  • Secure Remote Access
  • Intrusion Prevention System (IDS)
  • Intrusion Detection System (IPS)
  • Email and Web Filtering
  • Antivirus Software
  • VoIP and Server Hardening (CIS Standards)
  • Remote Monitoring & Alerts

Consulting engagements may include the following:

  • Security and Awareness Training
  • Information Technology Audits
  • Third-Party Assessments
  • Control Environment Assessments
  • Vulnerability Assessments
  • Penetration Testing
  • SOC 1 and 2 (Type 1 and 2) Assessments
  • Security Consulting
  • Risk Assessments
  • Security Program Development
  • Incident Detection and Response Plan
  • Access Management Assessments

Types of security technologies utilized in client solutions:

  • Fortigate
  • Watchguard
  • Sonicwall
  • Cloudflare
  • Imperva
  • NGINX
  • Security Onion
  • Snort
  • Symantec (Norton)
  • Ironscales (Checkpoint)
  • Proofpoint
  • Forcepoint
  • Bitdefender
  • Microsoft Defender
  • McAfee
  • Kaspersky
  • Sophos
  • Veritas
  • CrowdStrike
  • SentinelOne
  • Trend Micro
  • Webroot

We can help in many ways, but below is a list of a few:

  • Your data is sensitive and needs to be secure to meet regulations.
  • You have a product to distribute and your company needs to be International Organization for Standardization (ISO) compliant.
  • You need to know if your company’s data is secure and would like a vulnerability assessment performed.
  • You need an audit of your IT environment to assess the current compliance with applicable laws and regulations.

Contact us at (918) 457-0101 or info.cuevista@gmail.com to get started!