Ever notice how everything seems so complicated these days? When it comes to mitigating risk inside your company, our goal is to modularize and de-clutter things so they are easiser to understand.

We take everything your business is doing and we put each peice into a bucket. In the case of risk mitigation, we have six buckets. They are listed below.

Our approach to risk management follows a few very important standards. These standards include:

  • National Institute of Standards and Technology (NIST)
  • NIST Special Publications 800-53, 800-171, and others
  • Information Systems Security Engineering Process (ISSE)
  • Information Assurance Technical Framework (IATF)

Our MORTAR™ program is designed to slice the work into manageable portions and help facilitate a better understanding of what compliance means within your company. There will be little geek speak and you will find these conversations helpful and informative to you as the risk owner.

One unique element of our MORTAR™ program is that we have worked diligently to take all the complexity and tech-talk out, leaving you free to focus on business concepts you are familiar with. As mentioned earlier, we will work from these six buckets to help you organize and mitigate your operational cyber security risks.

  • IDENTIFY
  • PROTECT
  • DETECT
  • RESPOND
  • RECOVER
  • MONITOR

There is a strong correlation between industry standards and these six buckets. By grouping the security controls that govern cyber security effectiveness, you will find it much easier to understand why the requirement exists, and what you need to do to align with the requirement.

TOPSTONE Cyber Defense Artwork

Risk is everywhere and you need to have a plan

Contact us today! Our first consultation is complimentary.

TOPSTONE Risk Mitigation Artwork

- The Pillars of Security

Here are some typical questions we ask our clients and the kind of response that shows effective risk management.

Here are some typical questions we ask our clients and the kind of response that shows effective risk management.

Yes, we use a list in SharePoint online to track all hardware by serial number. We also track its status and who it is issued or assigned to.

- Contact Us

Let's start today! We can help give you peace of mind where your data and cyber security is concerned.

Our Location

10620 Treena Street, Suite 230
San Diego, CA 92131

Social Media

- Write Us