Strategic Consulting

Trusted security advice from the experts at Foundstone

Effective information security management is more than just putting out fires. Organizations must identify how they use information to meet their strategic business goals and then determine the best ways to protect those assets throughout the information security lifecycle.

Many business leaders escalate information security from an IT responsibility to a business requirement. While the priority is higher, IT budgets haven’t grown proportionately. Meanwhile, the number of vulnerabilities increases, threats are more sophisticated, and greater regulatory oversight is a fact of life.

McAfee Foundstone is a trusted information security advisor to hundreds of organizations across a wide spectrum of industries. Tight budgets can force some organizations to implement a disjointed security strategy that doesn’t include all the criteria of an effective information security program. Foundstone’s strategic services help fill those gaps. Our Compliance services help enterprises meet increasingly complicated regulatory requirements. Comprehensive Foundstone Health Checks evaluate network security to assess current risks and vulnerabilities, so companies maintain strong, enforceable security policies. With our Incident Response and Forensics services, enterprises can secure immediate crisis response and proactively prepare for a security emergency, while our series of Program Development services strengthen the foundation of any information security program.

Compliance

Critical Infrastructure Security Assessment

Identify and prioritize risks to Supervisory Control and Data Acquisition (SCADA) systems, analyze threats, and resolve vulnerabilities in your critical infrastructure. Foundstone experts evaluate your security posture and develop actionable recommendations to mitigate risks from external attackers, insider threats, and automated worms.

Experian’s Independent Third-Party Assessment (EI3PA)

Meet Experian’s Independent Third-Party Assessment (EI3PA) requirements. Foundstone experts apply PCI standards to ensure you meet this compliance goal.

FISMA Security Controls Assessment

The FISMA Security Controls Assessment helps fulfill your organization’s Certification and Accreditation responsibilities under the Federal Information Security Management Act (FISMA) and allows you to achieve Authority to Operate with minimal residual risk.

Identity Theft Red Flags Rule Service

Meet compliance requirements and improve your organization’s overall security posture. Foundstone experts help you implement an identity theft prevention program, analyzing data flow and risk, as well as developing policies for detecting, preventing, and mitigating identity theft.

Payment Card Industry (PCI) Security Solutions

Meet PCI DSS requirements. Foundstone’s PCI Security Solutions strengthen data security, ensuring you meet industry requirements.

Health Checks

Data Loss Prevention Assessment

Detect and prevent the unauthorized transmission or disclosure of sensitive information. McAfee Foundstone reduces your risk of exposure by identifying sensitive data copied or currently in transit from its original intended container.

Incident Management Check

Build a better, more effective incident response and management program. McAfee Foundstone analyzes the gaps in your incident management program and offers recommendations to improve your emergency response protocol.

Outsourcing & Third-Party Check

Ensure that partners, outsourced providers, and other third-party companies enforce information security policies that are consistent with your own rules. Prevent data loss, network attacks, and threat outbreaks with this Foundstone analysis.

Policy & Process Check

Establish and maintain well-defined, comprehensive, and enforceable information security policies that support business goals and objectives.

Regulatory & Compliance Check

Meet information security compliance requirements. McAfee Foundstone assesses gaps in your organization’s regulatory and compliance status and makes next-step recommendations.

Risk Assessment

Discover the threats that are likely to have the greatest impact on your organization, and learn strategies to mitigate risk while meeting compliance goals. McAfee Foundstone’s Risk Assessment identifies and analyzes the convergence of assets, threats, and vulnerabilities to present a comprehensive evaluation of your current risk profile.

Software & Application Security Check

Assess the security of your applications against hackers. Foundstone evaluates your application security posture, prioritizes risks, and fortifies your defenses.

Vulnerability Management Check

Assess your vulnerability management program. McAfee Foundstone analyzes the gaps in your program to ensure you have the right balance of people, process, and technology.

Incident Response & Forensics

Emergency Incident Response Services

Get immediate crisis response. Foundstone’s Emergency Incident Response (IR) Team investigates, assesses, and contains security breaches.

Forensic & Incident Response Education (FIRE)

Understand the techniques to identify, respond to, and recover from both insider and outsider attacks in this in-depth computer forensics course.

Forensic Investigative Services

Get immediate crisis response. Foundstone’s Forensic Investigation Team hunts down digital data and provides the investigative expertise and tools to answer your data breach questions.

Incident Response Partner Program

Handle your toughest security issues before they occur. Lock in incident response and forensic services at a discounted rate to ensure quick, cost-effective remediation.

Incident Response Program Development

Get expert guidance in building your incident response (IR) program. Foundstone’s cross-functional approach creates a custom plan for your organization that is easy to update.

SCADA Emergency Incident Response

Get immediate response to security breaches on your SCADA network. Foundstone first responders identify and contain the incident, offering instant remediation.

Program Development

Application & Software Development Lifecycle

Integrate security early into the application development lifecycle to produce more secure and robust applications — at a lower cost.

Data Loss Prevention Program Development

Detect and prevent the unauthorized transmission or disclosure of sensitive corporate information with a comprehensive Data Loss Prevention program.

Incident Response Program Development

Get expert guidance in building your incident response (IR) program. Foundstone’s cross-functional approach creates a custom plan for your organization that is easy to update.

Policies & Process Development

Define enterprise-wide security policies and build processes to bridge the gap between security policies and technologies. Foundstone creates and implements effective security processes so your company maintains a solid security posture.

Software Policies, Procedures & Standards

Define and set the security bar for applications. Foundstone delivers appropriate policies, procedures, and rules, allowing an organization to adhere to security standards, investigate violations, and ensure ongoing compliance.

Strategic Security Road Map Planning

Prioritize risks and create a strategy to address the vulnerabilities that really matter.

Vulnerability Management Program Development

Manage network vulnerabilities. Foundstone develops a network vulnerability management lifecycle to ensure new security weaknesses are quickly discovered and mitigated.

“We especially appreciate McAfee Foundstone's professionalism and concern for quality, as well as the vendor neutrality it consistently displays.”

Todd Berman, Director of Security and Information Protection, PMI Mortgage Insurance Co.
Next Steps
  • Frequently Asked Questions
  • RFP Template
    Foundstone has developed this Request for Proposal ("RFP") template to help organizations identify and select a quality security vendor to perform professional services work.