Cybersecurity

We provide cybersecurity services to maximize the confidentiality, integrity and availability of your critical information assets and reduce cyber risk.

Request a proposal

Featured

2026 Cybersecurity Predictions e-book

Team discusses client needs in an office

Featured

Mastering multiple compliance frameworks and compliance strategies

A man and a woman analyzing IT data together

Featured

Cyber resilience: A guide to navigating modern risks

Not-for-profit organization enhances workflow and performance with cloud-based solution

Featured

Strategies to address the new SEC cyber disclosure rule (and how to do it!)

Team of professionals working with advanced information technology

Featured

NIST publishes major revision to Cybersecurity Framework (CSF): What organizations need to know

Featured

Key cybersecurity trends from industry-leading reports

Cybersecurity

In the News

Who’s accountable when there’s an AI disaster?

Article

SEC extends compliance dates for certain rule amendments

Article

Cybersecurity strategy in financial services organization

Cybersecurity in the financial services industry: Debunking quick fixes and investing in what really works 

Article

The CMMC final rule – A turning point for cybersecurity and supply chain risk management

Whitepaper

2026 Cybersecurity Predictions

Article

Cybersecurity and IT risks - Higher education internal audit back-to-basics

Building mission resilience: Enhancing cyber and fraud risk governance for not-for-profits

Article

artificial intelligence manufacturing graphic

AI in banking: readiness, risk and real-world impact

In the News

Closeup view of cables in server room protecting from cyber attacks

AI-powered hacking in accounting: ‘No one is safe’

Multimedia

AI legal risks for dealerships: navigating compliance and adoption

Article

Life sciences data privacy - Woman reviews data analytics to make informed decisions

Life sciences data privacy: Managing growing complexity

Case Study

Enterprise technology assessment for top association

Article

Team of IT professionals working on iia three lines model

Three Lines Model offers a logical risk management framework

Case Study

Medical management team discusses strategy in a conference room

Strengthening model validation through consistency and expertise

Article

Supply chain security in focus: Navigating amendments to Executive Orders 13694 and 14144

Article

Building a resilient cybersecurity program amidst regulatory change

Article

Protecting yourself from predators and creditors

In the News

Untangling the confusing ‘rat’s nest’ around data retention, privacy and sprawl

Article

Tariffs and the insurance industry: Strategic impacts and actionable insights for insurance organizations

Article

Manufacturing stability strategy for times of economic uncertainty

View all related insights

Organizations need an accurate and objective view of their cybersecurity profile to safeguard information assets and protect the organization's value.

Proactively protect and address your cybersecurity and information technology (IT) risks.

Information assets and technology investments left ungoverned and unprotected leave organizations vulnerable to compromise and loss of reputation, revenue/value, customers and intellectual property. Couple these risks with the increasing demands for transparency, accountability and compliance by regulators, government entities, shareholders and others, and you have a perfect storm of risks.

While sophisticated hacking is a valid threat to organizations, it is rarely the root cause of a data breach. The vast majority of data breaches and cybersecurity incidents are actually caused by a breakdown of basic cybersecurity processes and controls.

The Baker Tilly team provides comprehensive cybersecurity services to help organizations assess cyber risk, implement measurable security enhancements and improve control effectiveness. We will evaluate your cybersecurity controls, deliver recommended improvements and provide assurance that your cybersecurity controls are working.

Connect with us

Our solutions

Our clients count on our proactive, experienced cybersecurity services to manage cyber risk, helping them win now and anticipate tomorrow.

Cybersecurity and IT assessments

Cybersecurity advisory

Cybersecurity and IT assessments

SOC reporting

SOC 1®, SOC 2® and SOC 3®
SOC for Cybersecurity
SOC readiness assessment

Cybersecurity assessments

CIS Critical Security Controls (CSC) assessment
Microsoft Supplier Security & Privacy Assurance Program (Microsoft SSPA)
New York State Department of Financial Services (NYSDFS)
National Institute for Standards and Technology (NIST) 800-171
National Institute for Standards and Technology (NIST) CSF 2.0
National Institute for Standards and Technology (NIST) 800-53
Penetration testing assessment

International Organization for Standardization (ISO) certifications

ISO 27000 family
ISO 27701
ISO 22301
ISO 42001
ISO 9001

Payment Card Industry Data Security Standard (PCI DSS)

PCI DSS
PCI SAQ
Approved Scanning Vendor (ASV)

Federal assessments

Cybersecurity Maturity Model Certification (CMMC)
The Federal Risk and Authorization Management Program (FedRAMP)
Government Risk and Authorization Management Program (GovRAMP, formerly StateRAMP)

Healthcare assessments

Health Insurance Portability and Accountability Act (HIPAA)
HITRUST®

International standards

BSI Cloud Computing Compliance Criteria Catalog (C5)

Privacy compliance assessments

General Data Protection Regulation (GDPR)
California Consumer Privacy Act (CCPA)

IT assurance

IT SOX compliance
IT SOX readiness
IT SOX – PCAOB
IT internal audit – ERM
IT internal audit – general IT
IT internal audit – risk assessment
IT ESG
IT GRC – SOD
IT ERP – NetSuite
IT ERP – Oracle
IT ERP – SAP

Contact our team

Cybersecurity advisory

AI governance advisory
IT and cybersecurity internal audit solutions
Federal assessment advisory
Third-party vendor risk management
Vulnerability assessment
Technology due diligence
Cyber incident response planning and business continuity

Contact our team

Our industries

Energy

Energy consulting expertise where it matters — on the ground, in the grid and for the future.

Financial Institutions

The financial institutions industry continues to diversify, but competition and more complex vendor relationships make determining business strategy more complicated.

Healthcare

Baker Tilly helps healthcare organizations address today’s challenges while planning for what’s next through a coordinated approach across the healthcare ecosystem.

Higher Education

We empower higher education leaders to navigate the greatest challenges and ensure universities and colleges continue sustainability to drive social mobility, knowledge creation, economic and workforce development while contributing to a healthier and more just and civil society. Baker Tilly will help you articulate and realize your goals and maximize your chances of achieving them. Let's go there. Now, for tomorrow.