Main Menu


It used to be that cybersecurity was only a concern for high risk industries, such as financial service or health care institutions. However with an increase in hacks and other threats to digital information, cybersecurity is now an issue for anyone with a computer. With larger organizations implementing better security, the window is narrowing for hackers and they are targeting smaller organizations.

Brown Smith Wallace information security and data privacy professionals provide a specialized knowledge set to help our clients prevent information security attacks and data exposures that challenge organizations. All too often, organizations are unaware of the information security risks they face, and are unable to manage risks in the event of an information security and privacy breach.

Businesses may face potential litigation, regulatory fines, and reputation issues if sensitive information is not properly protected. The risks are typically higher in industries with complex regulatory requirements, in organizations that are unable to determine what constitutes sensitive data and in organizations that lack an integrated approach to data privacy.

Our team of highly experienced security & privacy professionals will examine your critical business systems and determine the level of exposure you have to internal and external threats. We provide a wide array of security and privacy services listed below to assist organizations in identifying and addressing potential security exposures, such as loss of customer data, loss of revenue and reputation damage, before they become problems.  Our services include:

  • Security Assessment – Vulnerability assessment, attack and penetration testing, web application and client/server application security, wireless security, social engineering, physical security.
  • Data Security and Privacy – Data classification and retention review, data discovery and data loss prevention (DLP).
  • Incident Response and Forensic Services – Digital forensics, eDiscovery and litigation services, incident response, incident response program guidance.
  • PCI Compliance – Our team can help members of the payment card industry (financial institutions, credit card companies, merchants, and service providers) understand and meet the requirements of PCI DSS (Payment Card Industry Data Security Standards). These standards are meant to protect personal information and ensure security when transactions are processed using a payment card. Failure to meet compliance standards can result in fines from credit card companies and banks and even the loss of the ability to process credit cards. We also provide assistance with Data Security Standards, including performing Qualified Security Assessments, Reports on Compliance (ROC), Attestation of Compliance (AOC), and Self-Assessment Questionnaires (SAQ).
  • Security Controls Assessment – Firewall policy assessment, security and IT architecture review, voice over IP infrastructure review, database security review.
  • Security Program Assessment – we assist organizations with analyzing information security program policies, procedures and practices to evaluate controls protecting critical information. We utilize industry standards such as COBIT, ISO 27001 and ISO 27002 as a framework for evaluating your current information security controls in order to identify gaps in current practices.

With our help, our clients have been able to reduce their security and privacy risks by conducting gap assessments, testing and implementing remediation plans. In addition to these resources, we also provide staff augmentation and training, including security staffing, security awareness program development and training, security and IT training.

Contact us today to schedule an IT security risk analysis. In less than an hour, you will gain key insights into the IT risks that will cause your organization future concerns and challenges.



  • We were extremely pleased with our enterprise information security risk assessment performed by Brown Smith Wallace. They identified several different areas that were at risk, and developed the foundation to increase control of our information security. As a result of their expertise, more than 30 policies were rewritten, consolidated or created.

    Arch Coal
    Mike Abbene, V.P./CIO-Retired

  • A few years ago, we made the decision to move our audit and tax work to a larger firm. We had grown considerably, and were looking for a firm that could provide value beyond just the traditional audit and tax work that we had needed in the past. Our requirements did not preclude a firm that was unfamiliar with our industry from being chosen, but certainly the size of the firm and their commitment to quality were important factors to us. We were looking for a good fit and a good partner. After an extensive review, we chose Brown Smith Wallace to be our partner.

    From the start of our engagement, Brown Smith Wallace did not disappoint, as they initially impressed us with their audit and tax knowledge and capabilities. Early on, they recommended a change in a tax filing that saved us a considerable sum of money….and we realized they had a whole lot more to offer. We have used them to assist us with acquisitions, conduct penetration tests of our IT security, and perform a variety of operational and financial special projects.

    If you are looking for an accounting firm that adds real value, strives to understand your business, and is committed to being a long-term partner, you should talk to Brown Smith Wallace.

    CCA Global Partners
    Jim Acker, CFO

  • Brown Smith Wallace’s IT security professionals helped the bank enhance our control over technology with proactive advice, attention to scope and budget with insights into best practices.

    Integra Bank N.A.
    Sherry Meeks, VP-Internal Audit Manager

Thought Leadership



Schedule a Meeting

Please fill out the form below.

Back to Page