Our information security practice developed when the firm was subcontracted to perform a series of IT and Y2K audits for financial institutions throughout New England. From there, the practice’s service offerings expanded in response to mounting regulatory requirements, increased customer demand, and a growing need for risk management and IT security expertise across industries.
Meet the Director
Nathaniel C. Gravel, CISA, CISM, CRISC
Director-Information Security Practice
Growing up with the company, Nate began his career at GraVoc in research and development, focusing primarily on regulatory compliance and emerging security trends. He spent several years as an associate in the information security practice, until he eventually became project lead on the majority of our accounts and was subsequently appointed director of the practice in early 2010. Nate holds a B.A. from Trinity College (Hartford, CT) and a M.A. from Middlebury College (Middlebury, VT). He has also earned several professional certifications through the Information Systems Audit and Control Association (ISACA), including certified information systems auditor (CISA), certified information security manager (CISM), and certified in risk and information systems.
Risk Management & Compliance
Driving value out of security investments and ensuring compliance with federal, state, and industry regulations.
- Disaster Recovery/Business Continuity Policies & Procedures
- Risk Assessment
- Social Engineering
- Vendor Management
Providing an independent and objective review of IT infrastructure and control configurations through in-depth testing and expert analysis.
- Compliance Review
- IT Audit
- IT General Controls Audit
Optimizing the balance between security and performance for local and wide area networks.
- External Penetration Testing
- Internal Network Vulnerability Assessment
- Web Application Testing
- Wireless Security Assessment