Defense Contractors & Suppliers
The base of hoytNIVA is Defense. Servicing the DoD directly ourselves we understand what it takes to not only become compliant, we understand what it takes to run a business to ensure the warfighter is ready for battle. Focused on reducing risk to the lowest possible level we assess risks in technology, human capital and policy and provide your organization with a roadmap to remedy issues and assist as needed throughout the process. Further, we provide tools to act as the overwatch for your organization 24/7/365 against threats worldwide.
hoytNIVA Defender Services
- Risk Assessment
- Detailed Assessment, Reporting & Advising for Technology, Human Capital & Policy and Process
- Audit
- Audit for Trusts, Private Companies, Family Exchanges and Public Companies
- Extensive Experience with SOX, IFRS, FINRA & GDPR (For European Clients/Transactions)
- Audit for Trusts, Private Companies, Family Exchanges and Public Companies
- Compliance
- Establish HIPAA Compliance for Health Care Clients
- Doctor’s Offices/Groups, Speciality Care, Hospital Groups
- Banks, Credit Unions & Credit Card Processors
- FFIEC for Banks/Credit Unions, PCI for Credit Card Processors
- Establish HIPAA Compliance for Health Care Clients
- Valuation & Risk Assessment
- Perform Due-Diligence Pre-M&A, Post M&A, Technology & Human Capital
- Support for Forecasting with Technology Trends
- Business Advisory
- Assessing Risk of Client’s External Exposures with their Clients, Vendors, Suppliers & Partners
- Technology Consulting for Future Growth, Business Goals & Objectives
- Technology Support for Client R&D, Assessing Current Products & Services, Support of New Products & Services
- Training
- Perform Training for CPA Firm and/or their Clients for Technology Usage, Cyber-Protection & Overall Best Practices
- Implementation & Integration
- Supporting the Implementation and/or Integration of ERP’s & Other Software/Hardware Solutions
Public Accounting Firms & CPAs
A key relationship for our firm, leveraging our lifetime experience with Big 4 and alumni companies, is the ability to offer cyber-risk services as an add-on for the public accounting firm or as a standalone service through a referral. Our level of service is extremely adaptable and addresses compliance requirements for industry/market-specific requirements along with human capital needs.
Additionally, we perform a detailed assessment of policy and process to marry the technology and human capital component to ensure the lowest level of risk is achieved.
hoytNIVA Defender Services
- Risk Assessment
- Detailed Assessment, Reporting & Advising for Technology, Human Capital & Policy and Process
- Audit
- Audit for Trusts, Private Companies, Family Exchanges and Public Companies
- Extensive Experience with SOX, IFRS, FINRA & GDPR (For European Clients/Transactions)
- Audit for Trusts, Private Companies, Family Exchanges and Public Companies
- Compliance
- Establish HIPAA Compliance for Health Care Clients
- Doctor’s Offices/Groups, Speciality Care, Hospital Groups
- Banks, Credit Unions & Credit Card Processors
- FFIEC for Banks/Credit Unions, PCI for Credit Card Processors
- Establish HIPAA Compliance for Health Care Clients
- Valuation & Risk Assessment
- Perform Due-Diligence Pre-M&A, Post M&A, Technology & Human Capital
- Support for Forecasting with Technology Trends
- Business Advisory
- Assessing Risk of Client’s External Exposures with their Clients, Vendors, Suppliers & Partners
- Technology Consulting for Future Growth, Business Goals & Objectives
- Technology Support for Client R&D, Assessing Current Products & Services, Support of New Products & Services
- Training
- Perform Training for CPA Firm and/or their Clients for Technology Usage, Cyber-Protection & Overall Best Practices
- Implementation & Integration
- Supporting the Implementation and/or Integration of ERP’s & Other Software/Hardware Solutions
Insurance Providers & Brokers
Cyber-liability for an organization is a very challenging area since there are so many variables that make the underwriting difficult. Many organizations simply do not understand what exposures they have.
At hoytNIVA we act as the engine and due-diligence partner to support the underwriting of insurance. Leveraging extensive experience in mitigating risk we provide a point-in-time assessment along with intermittent updates to ensure the risk is known today and tomorrow. Further, in support of insurers’ clients, we work with organizations across the U.S. and abroad to reduce their risk exposure and, in turn, lower their risk to the insurer.
Additionally, as a cost-savings measure, a lowered risk rating by hoytNIVA can support a reduced premium going forward.
Venture Capital & Private Equity
hoytNIVA’s pre-M&A and post-M&A Cyber-Risk Assessment is the most comprehensive assessment available. Leveraging tier-1 experience from the U.S. Government in addition to tier-1 corporate, we provide the full level of detail necessary to assess this potential investment’s risk.
We’re proud of our base of expertise and we understand the importance of only providing the full strength of our team to protect your investment.
Family Offices
hoytNIVA has unique expertise and we’re intimately involved with each of our client’s protection and ultimately their prosperity. Often times we are sought out to ensure that those with the most to lose are fully aware of the internal workings of the businesses they own and operate. How we protect the “family” varies depending on immediate needs and longer term plans. We often provide internal and external audit functions, cyber-risk assessments, and oversight. Additionally we can support the family’s public accountants, attorneys, and insurance providers with detailed forensics. hoytNIVA’s leadership team has extensive law enforcement, intelligence, and investigative backgrounds. Consequently we are able to work with authorities worldwide in cases where crimes have been committed.
Family Office Offerings
- Technology
- Complete Risk-Based Cyber-Security Audits
- Forensic Review of Internal Systems, External Connections and API’s
- Data Backups & Recovery
- Support for External Auditors
- SOC1/2/3, SOX for Public Companies, GDPR, PCI-DSS, FFIEC for Bank Institutions, HIPAA
- Decommissioning of Hardware & Software
- General IT Services and User Training
- Systems Investigations
- Internal & External Uses (Including Law Enforcement)
- Human Capital
- Personnel Audit for Best Usage, Most Appropriate Role(s)
- Mid to Executive-Level Search
- Background Investigations
- Prospective Hires & Existing Staff/Executives
- Former Staff/Executives for Breach of Confidentiality & Non-Competes
- Policy & Procedure
- Employee Manual Review & Refinement (Creation as Needed)
- Compliance Review for Industry and Government Requirements (Local to International)
- Employee Technology Policy Review or Creation
Health Care
The healthcare system is increasingly under scrutiny and risks abound, especially for smaller practices that have not yet been gobbled up by the giants of the industry. When was the last time you took a comprehensive look at your people, processes, and systems? Chances are there are immediate opportunities to reduce risk, and we have helped local providers do just that.
For example, consider HIPAA compliance. Are all of your addressable concerns well documented? Have you identified all third parties considered business associates for the purposes of HIPAA? Have you undergone a technical evaluation within the last year? We can help you answer these questions and, more importantly, reduce your risk of incurring fines based on the wrong answers.
In addition to handling electronic protected health information (ePHI), most healthcare providers process payments and handle cardholder data that is governed by the PCI-DSS standard. There are many different levels of PCI-DSS compliance and they vary by merchant. Providers with smaller volumes often self-report and accuracy is critical here. One only has to scan the news to see that handling credit card data is a significant source of risk.
Auto Dealerships (Individual, Dealer Groups)
Auto dealerships are a growing target for hackers. Why? There’s customer and financial institution data connected to many systems and in most cases, a very small investment has been made to protecting the data in comparison to the resources of hackers. We hear from nearly 100% of our clients, “the OEM’s have our back…the data is secure” or, “our IT team is solid so we’re solid”. Even a solid IT Team is no match for the rising threat. Those who want your data are collectively smarter than the best IT individual or team. They are simply more specialized and have specific expertise at extracting data from promising targets.
The biggest fallacy? The OEM’s do NOT protect your dealer or reputation. Neither does cyber-insurance.
All of the systems used for sales, service, parts, warranty and other dealership functions connect internally to each other and externally to the internet. In 95% of our engagements, the operating systems and malware/virus software were out of date, the staff was untrained, and machines with company-wide access were accessible and often left unattended.
Protection is Achievable
What if there was a world where your dealerships were projected by a truly tier-1 team and technology? With former NSA, DIA and CIA technologists, Big 4 consulting professionals, MIT graduates and PhD-level professionals, hoytNIVA is second to none in how we protect our clients.
What hoytNIVA Offers
- Cyber-Risk Assessment
- Technology Review & Advising
- Full Review of Software & Hardware (Versions, Risk Exposures, Updatability, Sunsetting and Decommissioning)
- Full Review of Internal & External Connections
- Penetration Testing (For Internal Purposes & External Compliance Requirements)
- Human Capital Review & Advising
- Interview of Leadership & Teams (Usage, Best Practices)
- Training Review, Development & Performance
- Policy & Procedure
- Review & Consulting on Proper Use Policies
- Review & Consulting of Compliance (Brand, Local/State/Federal, Financial, Insurance)
- Review of Service-Level of Agreements
- Technology Review & Advising
- Comprehensive Risk-Based Report
- Confidential, Detail Report on Individual Risks (Highest to Lowest)
- Confidential Session with Leadership & Staff (As Required)
- Roadmap to Mitigate Risks
- To be performed internally, by hoytNIVA or in-tandem with your team