Enterprise IT SERVICES
The purpose of E.O. 13587 is to “Detect, Deter, and Mitigate” an Insider Threat. Standing up a program capable of detecting an insider is an intricate process to include almost every aspect of any agency, company, or enterprise.
Areas for Maturing an Insider Threat Program:
+ Policies, Procedures, Tactics, and Rules of Engagement
+ Technical Controls & Tools
+ Collaboration and tuning available data sources
+ Identifying Risks, Vulnerabilities, and Current Threats
+ Proper Handling of Insider Threat information
Certification and accreditation, risk assessments and vulnerability evaluation in accordance with NIST Risk management Framework and DoD Risk Management Framework (DoD 8500.1) and DHS Cyber Security Framework (CSF) for government (federal, state, and local) and civilian critical infrastructure. Assist clients implement cyber risk management program as part of enterprise risk management process to include:
+ Governance (policy, process and procedures)
+ Security architecture
(implementation of technical and physical security controls)
+ Continuous monitoring, auditing and remediation
Our experts are experienced in developing Certification and Accreditation documentation e.g. SSAA, IATT, IATO, IATC, and ATO documentation in compliance with DOD and Federal policy (DoDI 8510.01, NIST SP 800 series, FISMA).
Data Modelling, Correlation
24/7 NETWORK OPERATIONS
We provide certified professionals (CCNA, Sect+, A+, N+, MCSE, ITIL) with the requisite experience and skills to securely operate our client’s critical network enterprise. Our experienced management team provide cost effective staffing solutions by matching the qualifications to the position.
SECURITY SOLUTIONS, AUDITS AND TESTING
Our team of experts include network security systems engineers that architect, implement and operate cyber security solutions for our clients. These solutions include Security Information and Event Management (SIEM), Host Intrusion Prevention Systems, Firewalls, and Intrusion Detection and Prevention Systems (IDPS). Our team of experts provide network security audits (Blue Team) and penetration testing (Red Team) services. All of our experts have the appropriate industry certifications (GSNA, CISA, CEH, CCNA-Security).
OPERATIONAL TEST AND EVALUATION
The following in the planning, execution and reporting of operational test for C4ISR systems. Including the following:
+ Mission Based Test Design
+ Integrated Evaluation Framework
+ Design of Experiments
+ Interoperability Testing
+ Test and Devaluation Master Plan
+ Cooperative Vulnerability and Penetration Assessment Support
+ Adversarial Assessment Support