services
Board Advisory
and Education
- Cybersecurity Strategy and Oversight: Advising on the development and implementation of robust cybersecurity policies, strategies and reporting, ensuring the Board has appropriate visibility into the cybersecurity, resilience and related management programs.
- Incident Response, Crisis Management and Operational Resilience: Offering unique insights into incident response, business and technology asset recovery, and crisis management practices, our team can help the Board prepare for and respond to the variety of potential threats, incidents and crises.
Cybersecurity and Operational Resilience Risk Management
- Comprehensive Risk and Control Assessments: Conduct independent reviews of cybersecurity and resilience program maturity, including conformance with laws, rules and regulations, including the Gramm Leach Bliley Act (GLBA), New York Department of Financial Services (NYDFS) and other regulatory expectations.
- Risk Management Frameworks: Advise on development and implementation of industry frameworks including the NIST Cybersecurity Framework (CSF), Cyber Risk Institute Profile (CRI), ISO 22301:2019 Security and Resilience —Business Continuity Management Systems, and other requirements as needed. Building integrated and cohesive operational frameworks allows organizations to plan for, adapt to, withstand and recover from disruptions, whether they are natural disasters, cyber-attacks, or other crises.
Threat Intelligence and Analysis Programs
- Raven has extensive experience in building and leading world class physical and cyber intelligence programs and can provide independent assessment of the maturity of the existing Cyber and/or Physical Intelligence Programs including:
- Review of sources, methods, analysis, reporting and feedback to ensure capabilities are being effectively utilized to identify potential threats the critical organizational assets and provide timely, actionable analysis for awareness and to mitigate risks.
- Assessment of the utilization of intelligence by target consumers from tactical to Board levels
- Development of actionable recommendations to uplift and mature the program if needed.
Cyber Incident Response and All Hazards Crisis Management
- Response Plan Review and Development: The team extensive experience in development and implementation of incident response and crisis management strategies and plans at the national, organization, down through planning for contingencies for your most critical corporate assets. Our processes ensure business and technology stakeholders are identified and engaged across the processes of threat identification, response capability analysis, plan development, testing and continuous improvement phases.
- Response Plan and Capability Testing: Plans are good on paper, but do they address the requirements to manage and respond to real world events and impacts? Through a unique combination of operational experience and industry leading risk management processes, we can assess.
Critical Infrastructure Protection
Building on the capabilities described above, our team has defined and executed collaborative operating models to facilitate collaborative engagement of the private sector, government agencies, and international partners to address and manage threats to critical infrastructures.
Training
We bring instructional experience in corporate, military, law enforcement, and academic settings. We can develop and execute briefings, training materials and courses across the array of expertise offered by the company. Our team has extensive experience in actively engaging audiences across the spectrum of knowledge and experience, from a SOC or threat analyst to senior executives and the Board of Directors.