The Need For Cyber Security |
Effective implementation of comprehensive cyber security
strategy has become one of the most important national
priorities of our times. Each government agency
is individually responsible for continuation of improvements
in its cyber security posture.
With cyber security and telecommunications demands
increasing and workforce decreasing, government
organizations experience an increased need for cyber
security capabilities and improved cyber security
management, control and response techniques.
IT-CNP provides specialized cyber security services that
assist agencies in providing a safe and secure cyber
environment, in which to carry out business activities
while implementing a departmental cyber security process to
ensure that cyber security related policy directions as
defined by legislative requirements as well as President's
Management Agenda guidance and circulars on cyber security
are implemented consistently across the complex.
Information technology evolved from room-size computers shut
off from the rest of the world to tiny wireless
communications mobile devices interconnected by internal
networks and Internet. In this diverse world of
communications systems, no cyber security solution works on
all operating systems and can protect every type of computer
and network component.
Attackers must find only one vulnerably in a security
system to gain access to the protected system while security
experts must close all potential vulnerabilities of the
system. Complex software programming that controls
networking devices and computer servers are now composed of
millions of lines of code and have many more potential
security vulnerabilities that attackers may explore to
compromise the security perimeter and get access to
personal, confidential and mission critical information.
The range of risks confronting the operation of complex
geographically dispersed government networks include, but
are not necessarily limited to natural disasters,
intentional malicious acts, inadvertent errors, unforeseen
software/hardware conflicts and cascading failures from
interconnected systems. Risk sources are from
malicious sources include foreign powers, terrorist groups
and, occasional corrupt insiders, each of which can
compromise or otherwise do significant damage to classified
and unclassified systems.
IT-CNP's cyber security personnel, best practices, lessons
learned and cyber security technology assist federal, state
and local government customers to maintain effective cyber
security posture.
Proactive internal cyber security controls are vitally
necessary to assure:
Uninterrupted availability of information system resources
Confidentiality and integrity of information systems and
their contents
Effective robust user authentication and access controls
Increased security of communications, information and
critical infrastructure
Interoperability of systems for authenticating individuals
and machines on networks
Compliance with enterprise information technology security
requirements
Standardization of security settings for a wide range of
networking devices and applications
Reliability, confidentiality and integrity of information
exchange process.
Existence of accountability mechanisms assuring compliance
for access to government data.
|
Strategic Cyber Security Support Services |
IT-CNP provides expert cyber security consulting advice,
guidance, and facilitation regarding current cyber security
improvement practices, services, and support products to
assist agencies in their cyber security program management
and efforts which enable them to meet new cyber security
challenges and continuously improve their mission
performance.
|
Enterprise-Wide Cyber Security Program Support |
The goal of IT-CNP's Enterprise-Wide cyber security program
support is to improve the information security posture and
reduce the cyber security vulnerabilities of customer
organization. This is accomplished by improving compliance
with FISMA and all other Cyber-Security government-wide
regulations, policies, and procedures.
In order to reduce cyber security vulnerabilities our
security experts support customers to continue
developing enterprise-wide directives, manuals and other
standards that comply with the kaleidoscope of Federal
statutory and regulatory requirements. Compliance with the
directives, manuals and other guidance by each agency's
respective security program demonstrates improved cyber
security performance to the satisfaction of external review
bodies such as the Government Accountability Office (GAO),
OMB, and the Independent Public Auditor.
By identifying vulnerabilities and implementing corrective
measures, IT-CNP's security experts assist government
agencies to effectively reduce the number of opportunities
for system compromise, resulting in an overall improvement
in the level of protection afforded our information
resources. Ongoing monitoring is used to continuously assess
the security posture of our operational environments to
detect new or unpatched vulnerabilities, offering
opportunities for proactive remediation and control.
IT-CNP's Enterprise-Wide Cyber Security solution
components include:
Cyber Security policy development, statistical and
analytical support
Strategic cyber security business and action planning
Network Security Monitoring/Analysis and Incident Response
Cyber Security Threat Analysis
Cyber security research and engineering
Security Operations Center (SOC) Operational Support
Security Vulnerability Analysis
Enterprise Cyber Security Infrastructure Support
Cyber Security Technology Assessment and Forensics
Certification & Accreditation (C&A) policy and compliance
support
Continuous Independent Validation and Verification (IV&V)
testing of system security controls |
|
|
