The rise of information security risk is an irreversible trend becoming more pervasive every day, leading enterprises to scramble for stronger cybersecurity defenses. Our information technology experts understand how to navigate complex cyber threats. We work with clients to mitigate security incidents by following established frameworks to assess cybersecurity risks, develop cybersecurity risk management programs, remediate vulnerabilities, and report on security posture.
Each one of your clients deserves assurance that the private and sensitive data they entrust to you is secure. At Mauldin & Jenkins,we are committed to providing you with tangible and comprehensive Information Technology (IT) Security Services to help ensure your security measures are in place.
We have been at the forefront of IT services, providing compliance since 1994, while remaining up- to- date on the constantly evolving regulations and legislation surrounding data security.
We know that what makes every organization unique means there is no "one size fits all" guide for navigating the rapidly changing world of cybersecurity. Each solution is tailored to fit your specific needs and unique operating environment.
For 25 years, we have provided IT security services, predominantly in the Southeast. Because of our team’s extensive experience, clients look to Mauldin & Jenkins for IT solutions they can count on.
The scope of our IT engagements is designed to be comprehensive and meet more than the minimum requirements. Our information technology services are conducted under the consulting standards established by the American Institute of Certified Public Accountants (AICPA).
Our IT engagements can be expanded to include attest services such as System and Organization Controls (SOC) Reports or compliance with Sarbanes-Oxley (SOX 404) requirements to ensure that the information technology general controls specific to financial reporting function properly during the year.
Our IT/ Cybersecurity Solutions include:
- Information Security, Incident Response, Business Continuity Plan, Disaster Recovery Policy, and other IT/Cybersecurity Framework Reviews
- Firewall Configuration Reviews
- Social Engineering Assessments We use a pre-determined combination of spear-phishing, e-mails or websites with “malicious payloads”, documents with embedded “malicious code”, vishing and/or other client-side exploits.
- Security Incident Response Program, Disaster Recovery, and Business Continuity Plan Testing
- Readiness Assessments for SOC Reporting (SOC 1, 2, 3, or for Cybersecurity) Identifies gaps in our client’s controls before their service period begins.
- SOC 1, 2, or 3 Report Audit - Type I or II
- SOC for Cybersecurity The SOC for Cybersecurity uses 19 different description criteria (based from the AICPA’s Trust Service Principles) and is specific to reporting on an entities efforts and operating effectiveness of its controls over its Cybersecurity Risk Management Program.
- GLBA Compliance Extensive review of Financial Institution’s Information Security Program and compliance with the Gramm-Leach-Bliley Act.
- NACHA Audits Required by Appendix Eight of the NACHA Operating Rules.
- SOX 404 IT General Controls
- Penetration Testing Can include internal and/or external penetration testing.
- Cyber Security Awareness Training
Hackers Double up their ransomware game
Written by Jameson Miller, M&J Cybersecurity Practice Leader, in partnership with Jerry Jones of Advisory IT (AdIT), a division of Mauldin & Jenkins, LLC.