What does our cybersecurity services include?
Training and Exercises: Company-wide cyber awareness and Social Engineering (SE) training tailored to the specific organization and scaled for semi-annual and annual review. Part of our training includes SE exercises, which test infrastructure security from multiple angles and ways.
Zero Trust Implementation: Utilizing the government standard called Zero Trust Architecture (ZTA), we lockdown your network by making sure all traffic is verified and trusted. We specialize in the following two environments:
Office 365 (O365)
Microsoft Azure
Vulnerability Testing and Remediation: We test your network for potential vulnerabilities and provide remediation if any are found. Testing includes network scans and penetration testing (i.e., ethical hacking).
Standard Operation Procedure (SOP): We provide security SOPs such as password management and Bring Your Own Device (BYOD) polices, which will help improve overall security.
Security Risk Management (SRM): SRM consists of assessing, managing, and monitoring of infrastructure in accordance with NIST SP 800-37 – Risk Management Framework (RMF) and NIST SP 800-53 – Security and Privacy Controls. This involves the creation of System Security Plans (SSPs) tailored for each organization, which falls under NIST 800-171.
SOC: Proactive 24/7 network monitoring for potential threats and attacks (e.g., malware, ransomware, brute force attacks, etc.).
Risk Assessment Consultation: Reviewing current security posture and provide guidance to current technical team.
Incident Response (IR): Immediate remediation assistance following a cyber-attack. o IR includes, but is not limited to: locking down and quarantining infrastructure; recovering network; implementing proactive security settings/monitoring; and incident reporting.
Federal Government Authority to Operate (ATO) Package: Prepare for clients required cybersecurity documentation required for submission to gain an ATO on DoD and DHS Federal networks.
