Categories
Problems that solves
Aging IT infrastructure
IT infrastructure does not meet business tasks
Non-compliant with IT security requirements
Shortage of information for decision making
Values
Enhance Staff Productivity
Ensure Security and Business Continuity
Ensure Compliance
Securicon Federal Security Services
Предоставление широкого спектр услуг, которые позволяют федеральным менеджерам по информационной безопасности реализовывать комплексные проактивные программы безопасности.
Description
At Securicon, we believe that you shouldn’t play catch-up with your security processes. We provide a wide range of services that enable Federal information security managers to implement comprehensive, proactive security programs.
Based on your agency’s unique needs, our services fall into seven major categories:
1 . Risk Management Framework (RMF)
Security Planning and Documentation – Steps 1-3b
Security Assessment – Steps 4-4b
Continuous Monitoring – Step 6
2. Cyber Operations
3. Cybersecurity Operations
4. Systems Engineering Support
5. Security Program Development/Support
6. Technical Consulting Services
7. Governance, Risk And Compliance (GRC)
Risk Management Framework (RMF)
Security Planning & Documentation –Based on RMF steps 1-3b, Security Planning and Documentation services ensure adequate security controls are incorporated into the design of the system through logic, reasoning and a comprehensive understanding of the technical aspects of the system. These are then documented in the System Security plan to ensure the security controls are implemented so-as to adequately protect the confidentiality, integrity and availability of the system and the data it stores and processes.Security Assessments – Based on RMF steps 4-4b, Securicon’s Security Controls Assessment ensures that the system’s controls have been implemented and that they are effective in protecting the system and its sensitive data.
Continuous Monitoring – As a central role in the RMF process, Continuous Monitoring provides organizations with near real-time insight into risk management. Each customer continuous monitoring program is often implemented in different ways to accomplish the mandated continuous monitoring functionality. Therefore, Securicon will work with each customer to ensure our services complement existing program capabilities to result in a strong program that results in secure networks and systems, while also ensuring compliance with the OMB-mandated RMF program requirements.
Cyber Operations
Securicon’s professional support services to DOD and other government entities include:
- The development of unique manning and organizational constructs designed to meet the requirements of a dynamic and high-paced operational environment.
- Creation and update of department-wide policies supporting cyberspace operations and doctrinal publications for a wide range of forces and staff elements.
- Application of the joint planning process, joint intelligence preparation of the operational environment, and fundamental operational principles to the planning, preparation, and execution of the full range of military cyberspace operations.
- Innovative and out-of-the-box concept development to identify and mature new methods of cyberspace capability employment and integration into the full spectrum of military operations.
Securicon’s support of security engineering activities includes:
Assisting the government in the planning and allocation of project specific security requirements and capabilities to current or future enhancements.
Supporting the government in the security impact analyses required for Engineering Change Request (ECR) projects.
Assisting the government in the documentation of project specific security concepts to support new capabilities and in the development of a security requirements traceability matrix.
Supporting in the development and execution of a security test plan and security testing and evaluation of new and existing capabilities to support Certification & Accreditation activities.
Supporting the Government in its work with partner organizations in the development of capability specific security concepts/architectures.
Developing security requirements traceability matrix documentation, security test plans, and Certification & Accreditation (C&A) artifacts.
Security Program Development/Support
Today’s Federal managers with information security responsibilities are often stretched thin and do not have the time or resources to stay current with applicable Federal laws, regulations, standards and guidelines. To achieve success, these Federal managers need to be operating under an Information Security Program that has the correct policies, procedures and resources aligned to ensure all areas of information security and information assurance are appropriately understood and addressed. A successful information security program starts with ensuring a proper security organization exists and necessary resources are available.
The areas that Information Security Programs encompass include:
· System, Data, Asset Identification
· System Access Control
· Computer and Network Management
· System Development Life Cycle
· System Configuration Management (hardware and software maintenance)
· System Authorization
· Privacy and Data protection
· Incident Response
· Business Continuity Planning and Disaster Recovery Planning
· Personnel Security
· Physical Security
· Others – depending on Department, Agency or mission space
Securicon’s technical consulting services include, but are not limited to:
• Vulnerability Assessments
• Penetration Assessments
• Security Architecture Review & Design
• Social Engineering Assessments
• Physical Security penetration tests and assessments
Securicon’s GRC services fall into two major categories:
Program Assessments – We’ll partner with you to determine where you are effectively meeting compliance FISMA, OMB and DOD standards, and we will identify actions to achieve full compliance.
Risk Assessments – We’ll assist you in determining where your budget is needed the most – and where it will have the most impact.