Our consultants support GRC efforts with regulatory requirements and frameworks. Become better than compliant and reduce your risk.
In most industries, cybersecurity compliance is not required by federal law, yet. Cybersecurity regulation in the United States, popularized by the General Data Protection Regulation (GDPR) in Europe, is on the horizon and should be closely monitored. However, specific organizations must comply with industry and government standards. If you do business in California, you must comply with the California Consumer Privacy Act (CCPA) as of January 1st, 2020. There are other compliance requirements for specific industries that must be adhered to.
Governance, Risk, and Compliance Assessments
The Penn Group supports compliance with regulatory requirements in the commercial sector such as GLBA, HIPAA, PCI-DSS. Our consultants have experience as a provider of federal assessment and authorization (A&A) services to the Federal Government, and the Department of Defense. If you’re a defense contractor, we can help you with CMMI and CUI. We are dedicated to ensuring that your organization not only meets the requirements of compliance, but exceeds them where necessary to enhance the safety of your customers.
Audit Your Systems and Improve Your Security
Step one in the implementation of a strong information security assurance program is understanding your security posture. The Penn Group offers security assessment and compliance services to help secure your organization. The implementation of security is only as good as its weakest link. The Penn Group understands the complex nature of information system security, and is ready to uncover the next generation of vulnerabilities.
All of our cybersecurity consultants have an extensive information technology background with a foundation in information system architecture, networking, and policy. We understand the fundamental weaknesses of information systems, and the steps required to secure them. Using a deep understanding of applied information assurance, our consultants use commercial and open source tooling to conduct penetration testing on your systems without causing damage. After performing testing, our consultants prepare a detailed reporting, including a Plan of Action & Milestones (POA&M) to give your organization a road map to a robust security posture.
- Consultant Qualifications
- CISSP (Certified Information Systems Security Professional)
- CompTIA Security+
- Certified Ethical Hacker (CEH)
- Offensive Security Certified Practitioner (OSCP)
- Industry Experience
- Federal Government
- For-Profit Enterprise
- For-Profit Small-Medium Business
Our Commitment To You
You are not a number, but a partner
One of The Penn Group’s core values is Excellence. Our customers deserve our best, and nothing short. We are on a mission to secure our nation’s information systems, and protect our customers. We don’t take the responsibility lightly. We know that all it takes for one wrong click and reputations and lives can be ruined. We bring out best. We develop the best people, and we deliver the best results, anything less is unacceptable.
Austin Harman, President & CEO, CISSP, CAP