LBMC’s Cybersecurity team provides IT assurance, technical security, and security consulting services to fortify your infrastructure—so you can worry less and focus more on the daily needs of running your business.
Uniquely qualified to tackle your security and audit needs.
LBMC’s Cybersecurity team is uniquely qualified to tackle your security and audit needs—because we’ve been where you are. Our extensive experience makes us well-prepared to tackle the unique challenges of your industry. For instance, we are designated as the security and compliance provider of choice by three state hospital associations—meaning that we understand the full depth and breadth of the massive healthcare ecosystem better than anybody. With over 20 years of experience and more than 300 U.S. healthcare companies served thus far, our team members draw on this insider industry knowledge to help you achieve and maintain risk compliance in ways that are practical and relevant to your organization.
In addition to our experienced and knowledgeable team, our cybersecurity solutions for cyber risk management are customized to your unique risk environment. By tailoring our results and deliverables to the particular needs of your organization, we’re able to keep our solutions practical and cost-effective—because keeping your business secure shouldn’t be something you dread.
CASE STUDY: Healthcare Technology Client
Cost Savings of over $550,000
Problem: Our client asked LBMC to help them reduce its audit fatigue and cyber assessment costs while also improving the quality of its overall controls environment by developing and executing a plan to consolidate the number of audits that are conducted across the enterprise.
Approach: LBMC began the effort by assisting our client in documenting the number and types of cyber audits that occur across the organization. LBMC then identified and designated a client service team to meet with the client monthly to ensure clear communication and strong coordination between both parties.
First, LBMC uncovered our client commissions more than 10 separate SOC reports on various business units each year. To reduce the audit burden and cost of these assessments, LBMC worked with company representatives to identify a set of common controls that are conducted at the enterprise level that apply to most of the individual business units and systems that are assessed annually.
Completing an Enterprise Controls SOC report allows LBMC and our client to rely on and leverage the controls that are shared across all environments going forward, greatly reducing the audit costs and time required by business leaders and control owners to support each audit.
Next, LBMC conducted an enterprise-level HITRUST assessment, allowing the company’s other business units that commission HITRUST assessments to “inherit” controls from the enterprise report. This approach reduced the number of controls that needed to be assessed for HITRUST within the various business units by 972 controls in a single year.
Lastly, LBMC worked to consolidate and synch up the testing done on the company’s various PCI environments. By aligning assessment dates, strategically combining the cardholder data environments where possible, and utilizing LBMC’s extensive PCI expertise to identify scope reduction strategies, the company was able to save more than $175,000 on its annual PCI assessments.
Solution: As a result of LBMC’s work, our client has experienced over $550,000 in cost savings, including:
- $35,000 per future SOC report
- $159,000 in HITRUST audit fees
- $179,000 in PCI assessment costs
Our team helped make the audit process easier, less burdensome, and over time, less costly, while also improving the quality of each assessment and the client’s cybersecurity posture across the enterprise.
Audit Once, Report Many
Many of our team members worked as cybersecurity professionals themselves before joining our team. This insider knowledge has allowed us to design processes with you in mind, ensuring our recommendations are practical and our audits are minimally burdensome.
We achieve this with our certifications to conduct assessments against almost every cybersecurity framework that exists—something that few other firms can claim. Because of this, we can do any type of audit you need, while also simplifying the process by auditing once and issuing multiple reports. That’s just one of the ways our solution-minded team makes processes easier for our clients.
CyberSecurity Sense is LBMC’s monthly podcast that will provide insights and updates on such information security topics as: Penetration Testing, Ransomware events, Digital Forensic Analysis, Electronic Discovery and Litigation Support, Risk Assessments, Security Program Planning, Web Application Security, HIPAA Compliance, HITRUST Certifications, NIST 800-171 Certifications, PCI Data Security Standards, SOC Reporting and SOX Compliance.
IT Assurance Services
The cyber risk management and compliance landscape can be especially convoluted and difficult to navigate. With such heavy regulatory and public scrutiny of your security and privacy practices, you need an experienced risk compliance and audit specialist to guide you through this labyrinth of regulations to ensure you have the basic control processes in place to provide evidence to your clients and stakeholders that they’re in compliance. Our team members draw on their insider industry knowledge to help you achieve and maintain cybersecurity risk compliance in ways that fit your unique needs.
Technical Security Services
It’s true that the best defense is a good offense, and the ability for today’s organizations to quickly and efficiently respond to a computer security incident has never been more critical. As a top penetration testing and cyber forensics company, we go on the attack to identify the holes in your defenses before the attackers do—preserving the integrity of your production systems while still providing a comprehensive analysis. As a GIAC certified incident handler, our team provides a proper response to network and computer attacks to prevent unneeded expenses, over-extending internal resources, and ultimately providing the essential information needed to make critical decisions for moving forward.
Security Consulting Services
Whether you are in the heavily-regulated industries of healthcare and financial services or lead a large corporation, our approach to risk assessment, testing, and security program design is based on years of experience leading security functions, addressing risks and consulting on IT security. We know how to implement practical and effective security programs because we have been in your shoes and done it so many times before. Our team of experts function as your virtual security officer, helping you establish and maintain a security program for a company.
201 Franklin Road
Brentwood, TN 37027
Phone: 1 (844) 526-2732
Office Hours: 8 a.m. – 5 p.m., Monday-Friday
P.O. Box 1869
Brentwood, TN 37024-1869
605 Chestnut Street, Suite 1100
Chattanooga, TN 37450
2095 Lakeside Centre Way, Suite 220
Knoxville, TN 37922
325 West Main Street, Suite 1600
Louisville, KY 40202
3700 Arco Corporate Drive, Suite 175
Charlotte, NC 28273
We’re happy to answer any questions you may have on what our security experts can do for you. Submit the form below and one of our professionals will get back to you promptly.