WebGeneration Corp.

Cyber Security and information Security Expertise for Traditional WAN and LAN Network Environments as well as today's Cloud environments. AWS, Google, and Microsoft Clouds Expertise. Providing Expertise in the Design and implementation of Security Components as well as testing of such environments through Gray Box testing on a regular basis to address any issues and development and implementation of Remediation Plans to ensure Continual Security and Protection of the Critical Systems. Design & Implementation of SIEMs to continuously monitor the Critical Nodes within the networks in order to ensure timely discovery of any attacks and addressing them in a timely manner.

Development of Policies, Standards, and Procedures to implement, enforce, and continually monitor controls that are required as the base controls for fortune 500 financial companies per the ISO 2700 family of standards (ISO27001 Through ISO27006), SSAE 16 Type 2, SOC 2, SOX404, Global FSA, BASLE II, COSO, COBIT, SafeHarbor, HIPAA, NIST, DITSCAP and NIACAP, SEC, NIST 800-53, FISMA, FEDCAP, ISF, MAS, FCRA, GSA, FINRA, SEC, AMEX, and NASD, and other Compliance and Audit requirements. Performing Risks & Gap Analysis on a Continual Basis and Designing & Implementing Remediation plans accordingly.

Development of a Risk Assessment and Risk Classification Framework which is based on the assets of the company. Upon classification of the Company assets developing and implementing appropriate Security and Protection Measures based on the Criticality of such assets may it be Systems, Data, Hardware, Software, etc. rather than a one-fits all approach. In addition, assigning and maintaining Classification Standards to all New Assets and devising the appropriate measures as defined in the Risk Assessments Policies and Procedures.

Provide the vision and hands-on approach in development of a comprehensive, viable, and efficient approach to the vendor information security risk assessment framework for qualification and approval of Clients at the global level. Development of the framework based on industry standards including ISO 27000 family, NIST, HIPPA, COBIT, etc. and their related certifications and independent audits in order to make the assessments as efficient, acceptable, and workable by vendors. Development of a meaningful and systematic approach to the qualification process to eliminate and replace the old exhaustive processes, thus eliminating redundancies, and meaningless self certifications.