Cyber Security (Core IA Competencies) Services
Cyber Security Services
Agencies and Organizations are becoming more dependent on the security of their IT service and record-keeping of the data processing department. The overall objective of Cyber Security is to protect organization resources and employees, to safeguard the organization’s vital records of which the data center has become the custodian, and to guarantee the continued availability of essential Information System (IS) services. Our services include the following core cyber security and Information Assurance services.
Access Control
Social Engineering, Phishing Attacks, Identity Theft
Physical Security
Risk Management
Disaster Recovery and Business Continuity Planning
Firewall, IDS/IPS and Network Defense Systems
Wireless Security
Virus, Trojans and Malware Threats
Secure Coding Best Practices and Securing Web Applications
Hardening OS
Encryption Technologies
Vulnerability Assessment and Penetration Testing
Computer Forensics and Incident Response
Agencies and Organizations are becoming more dependent on the security of their IT service and record-keeping of the data processing department. The overall objective of Cyber Security is to protect organization resources and employees, to safeguard the organization’s vital records of which the data center has become the custodian, and to guarantee the continued availability of essential Information System (IS) services. Our services include the following core cyber security and Information Assurance services.
Access Control
- Identify and manage criteria for mandatory and discretionary access control, and the different factors that help in implementation of access controls and design an access control plan
- Implement and manage an access control plan in alignment with the basic principles that govern the access control systems such as need-to-know
- Identify and manage different access control systems such as ID cards and bio-metrics
- Develop procedures to ensure system users are aware of their IA responsibilities before granting access to the information systems
Social Engineering, Phishing Attacks, Identity Theft
- Train clients to the various social engineering concepts and their role in insider attacks and develop best practices to counter social engineering attacks
- Design a response plan to identity theft incidences
- Identify and design a plan to overcome phishing attacks
Physical Security
- Identify standards, procedures, directives, policies, regulations and laws for physical security
- Determine the value of physical assets and the impact if unavailable
- Develop and effectively implement a physical security plan and establish a physical security performance measurement system
- Design, implement and manage a coherent, coordinated, and holistic physical security plan to ensure overall organizational security
- Develop and establish personnel security to align with overall security goals for the enterprise
- Design and manage the physical security audit and update issues
Risk Management
- Develop risk mitigation and risk treatment processes based on the organization’s acceptable risk
- Develop and implement a risk management plan
- Design a systematic and structured risk assessment process and establish, in coordination with stakeholders, an IT security risk management program based on standards and procedures and ensure alignment with organizational goals and objectives
- Develop, coordinate and manage risk management teams
- Establish relationships between the incident response team and other groups, both internal (e.g., legal department) and external (e.g., law enforcement agencies, vendors, and public relations professionals)
- Develop an incident management measurement program and manage the risk management tools and techniques
- Assess threats and vulnerabilities to identify security risks, and regularly update applicable security controls
- Evaluate changes to risk management policies and processes and ensure the risk management program remains current with the emerging risk and threat environment and in alignment with the organizational goals and objectives
- Evaluate if security controls and processes are adequately integrated into the investment planning process based on IT portfolio and security reporting
Disaster Recovery and Business Continuity Planning
- Develop, implement and monitor business continuity plans in case of disruptive events and ensure alignment with organizational goals and objectives
- Define the scope of the enterprise continuity of operations program to address business continuity, business recovery, contingency planning, and disaster recovery/related activities
- Identify and prioritize critical business functions and consequently design emergency delegations of authority, orders of succession for key positions, the enterprise continuity of operations organizational structure and staffing model
- Manage and direct contingency planning, operations, and programs to manage risk
- Monitor and document lessons learned from test, training and exercise, and crisis events
- Design documentation process as part of the continuity of operations program
- Design and execute a testing and updating plan for the continuity of operations program
- Integration of IA requirements into the Continuity of Operations Plan (COOP)
- Identify the measures to increase the level of emergency preparedness such as backup and recovery solutions and design standard operating procedures for implementation during disasters
- Manage the acquisition life cycle and perform Business Impact Analysis
Firewall, IDS/IPS and Network Defense Systems
- Identify and deploy the appropriate intrusion detection and prevention systems for organizational information security
- Design and develop a program to monitor firewalls and identify firewall configuration issues
- Understand perimeter defense systems such as grid sensors and access control lists on routers, firewalls, and other network devices
- Identify and deliver the basic network architecture to the most complex network architecture, models, protocols and components (routers and hubs) that play a role in network security
- Manage DMZs, VPN and telecommunication technologies such as PBX and VoIP
- Identify network vulnerabilities and explore network security controls (SSL and TLS) for transmission security
- Support, monitor, test, and troubleshoot complex issues with hardware and software
- Manage accounts, network rights, and access to systems and equipment
Wireless Security
- Identify vulnerability and attacks associated with wireless networks and manage different wireless network security tools
Virus, Trojans and Malware Threats
- Assess the threat of virus, Trojan and malware to organizational security and identify sources and mediums of malware infection
- Deploy and manage anti-virus systems
- Develop process to counter virus, Trojan, and malware threats
Secure Coding Best Practices and Securing Web Applications
- Develop and maintain software assurance programs in alignment with the secure coding principles and each phase of System Development Life Cycle (SDLC)
- Configure and run tools that help in developing secure programs
- Install and operate the IT systems in a test configuration manner that does not alter the program code or compromise security safeguards
- Identify and mitigate web application vulnerabilities and attacks and web application security tools to counter attacks
Hardening OS
- Identify and evaluate various OS vulnerabilities and attacks and develop a plan for hardening OS systems
- Review system logs to determine the patch management process and configuration management for information system security
Encryption Technologies
- Identify and evaluate the different components of a cryptosystem
- Develop a plan for information security encryption techniques
Vulnerability Assessment and Penetration Testing
- Design, develop and implement a penetration testing program based on penetration testing methodology to ensure organizational security
- Identify different vulnerabilities associated with information systems and legal issues involved in penetration testing
- Develop pre and post testing procedures
- Develop a plan for pen test reporting and implementation of technical vulnerability corrections
- Develop vulnerability management systems
Computer Forensics and Incident Response
- Develop Incident Response Plan to identify a potential security violation and take appropriate action to report the incident
- Evaluate and manage compliance with system termination procedures and incident reporting requirements related to potential security incidents or actual breaches
- Assess potential security violations to determine if the network security policies have been breached, assess the impact, and preserve evidence
- Diagnose and resolve IA problems in response to reported incidents
- Develop guidelines to determine whether a security incident is indicative of a violation of law that requires specific legal action
- Set up and manage forensic labs and programs
- Design investigation processes such as evidence collection, imaging, data acquisition, and analysis
- Design anti-forensic techniques and identify the best practices to acquire, store and process digital evidence
- Configure and use various forensic investigation tools