Technology Transformation

For CISOs

Threats to cybersecurity and business continuity are rising across the globe. Regulators are stiffening privacy policies and requiring companies to certify their compliance. This puts enormous pressure on the role of Chief Information Security Officers (CISOs). It falls to the Chief Risk Officer, the CISO or the General Counsel to establish data governance and security policies, ensure the company is up-to-date in its cybersecurity safeguards, pro-actively develop ransomware and business continuity plans, and to establish and test disaster recovery readiness.

FTI has developed an offering called the “Office of the CISO” to help executives in these complex and inter-related task. We can provide any or all of the services below, and even act as your CISO on a retainer basis, if needed.

Our Office of the CISO Services:

Cybersecurity Preparedness & Response

Cybersecurity assessment
Cybersecurity improvement roadmap and implementation
Prepare Incident Response Plan (IRP) including internal and external communication
Security policies
Governance
Ongoing penetration testing
Strategic communications planning and event response

Information Security and Governance

Establish global governance across domains, functions, and business units
Develop and foster best practices
Audit and report to the board

Data Protection and Regulatory Compliance

Protect PII and other data
Ensure regulatory compliance to GDPR, CCPA, PCI and HIPAA
Development and support of Enterprise Data compliant Architecture, Products and Platforms, and Processes
Enterprise data management
Data breach escalation and communication strategy
Data breach even communications

Business Continuity

Business continuity assessment
IT disaster recovery and business continuity / contingency design
Roadmap development to achieve continuity readiness
Continuity testing
Strategic communications planning and event response

Regulatory Compliance

Growing data privacy and cybersecurity concerns have led to an increase in legislation and regulation, which often involve demanding requirements. FTI Consulting’s Compliance services are focused on ensuring that your organization meets its unique compliance requirements while maximizing the return on cybersecurity investment.

The web of potentially overlapping compliance and regulatory regimes that call into play cybersecurity matters can be daunting, but FTI Consulting experts leverage a global network to support clients with conducting a regulatory gap assessment to identify necessary changes that need to be made to achieve compliance; assessing the client’s data environment, security infrastructure and existing cybersecurity policies, procedure and processes; designing a control development and revision strategy that will recommend technology solutions, human resources and policy changes; and, aiding in the implementation of recommended solutions to achieve compliance.

Regulatory Compliance in Action:

SITUATION

A security breach resulted in an investigation by the Office of Civil Rights (OCR).

OUR ROLE

We were engaged to help manage breach communication and documentation and to develop a robust privacy and security program to protect against future compliance risk.

OUR IMPACT

We provided a rapid, initial assessment of the existing privacy and security program, followed by a formal risk assessment report that included specific findings and recommendations. Our recommendations allowed our Client to strengthen their privacy and security program to meet the requirements of HIPAA and HITECH.

Contact Our Experts

David Dunn

Managing Director

Forensic & Litigation Consulting

T: +1 267.507.2863
E: david.dunn@fticonsulting.com

View Bio >>

Pratyush Lal

Managing Director

Corporate Finance

T: +1 678.462.8233
F: +1 404.460.6299
E: pratyush.lal@fticonsulting.com

View Bio >>

Resources

INSIGHT

IT Best Practices for Building COVID-19 Resilience

The pervasive presence of IT in nearly all operations warrants continued and decisive leadership attention as portfolio companies and support businesses address the impacts of COVID-19. Building resilience to get through the pandemic and beyond involves focusing on three key areas.

INSIGHT

Robotic Process Automation: How to Successfully Stand up a Digital Workforce

With a recent surge in adoption of Robotic Process Automation, many midsize companies are asking how they can get in on the action. Here’s what they’ll need to successfully implement this back-office transformation accelerator.

INSIGHT

IT Best Practices for Building COVID-19 Resilience

A well-defined FP&A technology infrastructure is key to improving business performance.

See how Machine Learning and AI can fit into your business strategy

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.