Content tabs module

Breaches and other incidents already take their toll in companies large and small. Top politicians and large firms such as Yahoo!, Target, and Mossack Fonseca have been impacted. Small companies are the most vulnerable, with nearly 60% of small companies going out of business following a hack. As a result, companies are urgently exploring new ways to protect, detect, manage, and report on cybersecurity. Our approach to cybersecurity is balanced and layered, integrated with your Enterprise Risk Management framework. As a result, our partnership with you will explore improvements to policies, processes, dashboards, architectures, and the management of new technologies on all organizational levels from Operations to the Board.

Where Trexin Can Help – Cybersecurity Offerings:

Assessments:

Cyber Risk Gap Analysis, Technology Risk Assessment, Vulnerability Assessment, and “Metrics that Matter” Dashboard Design

Operational Support:

Interim Leadership/Succession Planning, Security Architecture, Key Program Execution, Cyber Risk Management Framework, and Key Risk Indicators(KRI) Framework

Breach Response:

Targeted Incident Response, Improved Incident Response Process, Prioritized Action Plans & Execution, and Red/Blue (+ Purple) Team Exercises

Glenn Kapetansky

Senior Principal, Chief Security Officer

Glenn Kapetansky has a passion for building systems, organizations, and teams that endure, and has done so across a number of business sectors, technologies, and roles. For over 20 years, Glenn has advised senior executives and built teams throughout the delivery cycle: strategy, project planning, financials, architecture, development, quality assurance, deployment, and operational support. His credentials were earned in such diverse industries as healthcare, finance, energy, consumer products, and telecommunications. Glenn’s current focus areas are agile management, data protection, and audit/regulatory compliance.

Glenn speaks and publishes on occasion. He has been named numerous times in various Who’s Who, and is a repeat recipient of Bell Labs’ Arno Penzias Award for Innovation in the Marketplace. He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders’ Association. Glenn’s certifications and memberships include IEEE, (ISC)2 (CISSP), ISACA (CISA), and ITIL.

Help section

Help me perform a cyber risk gap analysis

Assessment against your current risk profile is the only way to properly determine where you need to go, how fast, and in what priority order. Our assessment begins with a comprehensive understanding (identification) of enterprise assets mapped to the business capabilities they support, followed by a thorough risk identification, and response planning effort. Trexin has experience assessing against GDPR, NIST, HIPAA (HITRUST), PCI, SOC2, and FFIEC frameworks.

Areas of Expertise:

  • Assessment
  • Operational Support
  • SIG Questionnaire
  • Data Privacy and Security
  • Audit
  • Regulation
  • Policy
  • HIPAA
  • HITRUST
  • PHI
  • GDPR
  • NIST
  • SOC2
  • SOC3
  • ISO
  • FFIEC
  • PCI
  • CCPA
  • CIS/CSC20

Help me conduct a cyber technology risk assessment

Our world today consists of more technological disruption than we’ve seen before (Big Data, Data Lakes, Robotics, Deep Learning, the Internet of Things, Cloud solutions, “as a Service”, Ransomware, Phishing, etc.) which may have a profound impact on the operational facets of your business. New technology introduces new risk that must be quickly analyzed and incorporated into your risk strategy, as well as evaluation of your existing risk profile to determine any potential impact to your sensitive data. Trexin will help you understand how to stay on top of new technologies and develop processes to avoid blocking business critical initiatives as new disruptive technologies come to light.

Areas of Expertise:

  • Assessment
  • Cost-Benefit Analysis
  • Continuous Compliance
  • Audit
  • Regulation
  • Policy
  • SIG Questionnaire
  • Data Privacy and Security

Help me develop cybersecurity architecture(s)

Trexin maintains a staff of broad, deep, and specialized security experts who provide the level of capability and understanding to architect the bridge between understanding best-in-class Cybersecurity needs/trends and the implementation of systems and solutions to meet those needs.

Areas of Expertise:

  • Operational Support
  • Future State Architecture
  • Continuous Compliance
  • Audit
  • Regulation
  • Policy

Help me assess my cyber vulnerabilities

Trexin’s approach to cybersecurity is to “follow the data” to ensure necessary and sufficient, effective due diligence to mitigate the ever-expanding threat landscape. Trexin will assess the vulnerability of your enterprise systems and cybersecurity defense procedures, performing an in-depth review of your company’s defense. This will pave the way for your company to strategically identify and prioritize remediations for vulnerability mitigation.

Areas of Expertise:

  • Assessment
  • Vulnerability Mitigation
  • Data Privacy and Security

Help me simulate Red/Blue/Purple team exercises

Trexin can simulate real-live exercises meant to simulate breaches before they happen, in order to practice effective responses under fire. Trexin will assess the defensive capabilities and critical decision-making of your IT staff/SOC under fire and test your organization’s ability to detect and respond to a stealthy, invasive and prolonged attack, testing for gaps against world-class talent. Trexin’s addition of “Purple” teams allows the real-time testing, measurement, and improvements of the Management Team’s responses and decisions. To bolster the realism of the attack, our security experts can introduce custom malware into the target environment, mirroring the skills and threat level of perceived malicious actors.

Areas of Expertise:

  • Breach Response
  • Real-World Simulation
  • Operational Support

Help me with interim cybersecurity leadership

Trexin can provide interim and deputy leadership in the CISO/CSO/Architect space, whether it is building a new business unit within your organization, redesigning your current model, or augmenting staff with SMEs. Our security experts have performed these roles for years, giving you a fast track to ‘get to done’.

Areas of Expertise:

  • Operational Support
  • Coaching

Help me plan for succession

Trexin can assist CSOs & CISOs define the Deputy role, staff the role in the short term, and also identify/train/groom the right permanent candidate. This improves their ability to succeed in their role and responsibilities, and prepares them to manage and mitigate risks and issues encountered in today’s dynamic professional environment.

Areas of Expertise:

  • Operational Support
  • Coaching

Help me create a cyber risk management framework

Trexin can help you navigate the execution of developing your enterprise risk register based on a fact-based assessment with executive-level consensus and support. Trexin can help you manage the compliance environment and account for a variety of regulatory factors (HITRUST, PCI, SOC2, FFIEC, GPDR, CCPA, etc.). Beginning with a firm understanding of your compliance goals, Trexin can assist with the selection of a framework, assess your current state, or determine the most effective compliance program for your organization.

Areas of Expertise:

  • Operational Support
  • Continuous Compliance
  • Audit
  • Regulation
  • Policy
  • HIPAA
  • HITRUST
  • PHI
  • GDPR
  • NIST
  • SOC2
  • SOC3
  • ISO
  • FFIEC
  • PCI
  • CCPA
  • CIS/CSC20

Help me create a key risk indicators (KRI) framework for cybersecurity

Trexin can provide a comprehensive identification of enterprise assets mapped to the business capabilities they support, followed by a thorough risk identification, and response planning effort. Trexin can assess your current risk profile, determining where you need to go, how fast, and in what priority order. Choosing the most effective enterprise risk management framework (ERM) for your organization is as important as choosing the right tools for any job. More than one tool can do the job, but your business needs should drive the selection of the most effective and efficient framework for you. All too often organizations choose the most elaborate or widespread ERM solution, only to spend more resources on maintaining it than getting to the true value of managing risk. Our team will lead you through an assessment process to determine your current state against future goals, and to develop a prioritized and sequenced roadmap to get you there. Only after assuring yourself that your key initiatives are succeeding will you be confident you achieved an effective framework for your business.

Areas of Expertise:

  • Operational Support
  • Continuous Compliance
  • Audit
  • Regulation
  • Policy

Help me design management dashboard(s) that track "Metrics that Matter"

Paramount to ensuring the success of your risk and cybersecurity programs is appropriate metrics and reporting. Trexin believes in distinct dashboards for key levels of management that are based on the same underlying set of data, providing drill-down and roll-up traceability. Our team of security experts can analyze current metrics against your goals and determine alignment and appropriateness of the data being collected, how it is being presented, and identify missing or non-essential data points. Trexin knows metrics intended to manage change progress are different than metrics for managerial, operational stability and need to be re-baselined over time in order to account for your own maturation in parallel with business, technology, and threat changes.

Areas of Expertise:

  • Assessment
  • Self-Service Business Intelligence (BI)
  • Interactive Visualization, Operational Support
  • Data Integration

Help me respond to targeted cybersecurity incidents

You have had an incident, or maybe you only suspect it. Strongly. Trexin’s response capabilities leverage seasoned cyber professionals to support not only your IT and cyber teams, but also enterprise management outside of IT to address a targeted, acute security incident. Trexin, following a direct response to your latent or active threat, can launch threat-driven and/or vulnerability assessments of selected environments to guard against future exploitation.

Areas of Expertise:

  • Breach Response
  • Vulnerability Mitigation
  • Operational Support

Help me improve my Incident Response process

Trexin leverages our core assessment methodology and blends in world-class cyber experts to create a prioritized list of vulnerabilities to remediate. Trexin, recognizing that perfect protection is a myth that can bust any budget, helps you with a deployment strategy that complements your organization’s strategy, budget, capabilities, and desire for change. Whether you suspect your organizational security is not up to par, or your security defense is close to optimal but want to test for gaps versus world-class talent, Trexin has an offering for you.

Areas of Expertise:

  • Breach Response
  • Remediation Strategy
  • Operational Support

Help me develop and execute prioritized action plans

A “red flag” is the term used by auditors when a compliance violation is discovered, which can represent serious implications to your business depending on the regulatory method and impacted area. Trexin believes prevention of a formal finding is just as important as swift and surgical remediation of one. Our experts can proactively assist in creating appropriate prevention and remediation strategies, as well as security control workplan to fit the threat profile identified. In alignment with your organizational priorities, Trexin also can provide temporary support for key roles (“two in the box”, interim staffing) as a bridge while helping with a permanent placement.

Areas of Expertise:

  • Breach Response
  • Remediation Strategy
  • Coaching
Social Media Accounts