Industries
US Federal Government
The Federal Information Security Management Act (FISMA) requires US federal agencies to implement a mandatory set of processes and system controls designed to ensure the Confidentiality, Integrity, and Availability of system-related information. The processes and systems controls in each federal agency must follow established Federal Information Processing Standards (FIPS), National Institute of Standards and Technology standards (NIST), and other legislative requirements pertaining to federal information systems, such as the Privacy Act of 1974.
We support federal agencies with their FISMA compliance needs by providing our expertise and knowledgeable resources to support their formal program for information security management focused on FISMA requirements, protecting IT resources, and their mission. We utilize NIST’s Risk Management Framework (RMF) to obtain and maintain Authority to Operate (ATO) for FISMA systems. Our solutions will help federal agencies migrate their security and privacy controls to NIST SP 800-53 Rev 5, enable cyber risk management and compliance of cloud-based, on-premises, and hybrid systems, and provide near real time compliance posture to the CISO.
State & Local Government
State & Local governments are mandated to comply with security and privacy legislations. Security legislations encompass legal provisions that apply to IT teams, include policies, procedures, and standards to protect sensitive data and information systems from unauthorized access, use, disclosure, modifications, or destruction.
Privacy laws govern the collection, storage, safeguarding, use, and disposal of data collected by any entity, including local governments.
Reporting legislation like the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), mandates local governments to report any cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA) as soon as they occur.
We work with the State & Local government to address weaknesses identified in its Plan of Action and Milestones, provide annual security and privacy awareness training for employees and contractors, provide annual Incident Response training, and conduct Privacy Impact Assessments (PIA) on all applicable systems.
K-12 & Higher Education
School systems and universities need to demonstrate compliance with security standards such as ISO 27000, FERPA, HIPAA, and PCI-DSS. For universities involved in federal and defense research, need to comply with NIST SP 800-171 and Cybersecurity Maturity Model Certification (CMMC) to protect the Controlled Unclassified Information (CUI) and Federal Contract Information (FCI) in their possession. We help schools and universities comply with these security and privacy standards and requirements.
For K-12 security and privacy, we offer our partner’s obfuscation solution called Telos Ghost. It is a virtual obfuscation network that hides people and resources in the digital realm. Students can work with confidence, knowing they’re shielded from view to avoid cyber bullying and other breaches of their privacy. Ransomware attacks are frequently delivered via phishing attacks that target students and staff, who often fall prey to such attacks. Telos Ghost can mitigate these risks by hiding devices and resources from internal or external unauthorized access and preventing any successful intrusions from spreading horizontally across the network by hiding those attack vectors as well. We also provide cybersecurity awareness training to avoid phishing attacks.
We provide our partner Telos’ campus Wi-Fi solution that is FIPS 140-2 compliant secure mobility network solution which provides security assurance and enables students to improve collaboration and learning while supporting personal and school-issued devices.
.jpg)
Healthcare
Healthcare organizations are required to comply with HIPAA, HITECH, MARS-E, and other frameworks, and standards for protecting healthcare information. We provide cyber risk management and security compliance products and ensure the relevant security and privacy controls are in place to meet healthcare requirements. Our partner’s network obfuscation product Telos Ghost can ensure that the healthcare records stay hidden from all but authorized users - both within the enterprise network and moving across the internet to other organizations.
Financial Services
Our partner’s the Xacta® solution suite is the cyber risk management and compliance platform that reveals risk in real time and helps financial companies abide by the NIST Cybersecurity Framework and comply with GLBA, PCI-DSS, IRS 1075, FFIEC, and other financial security standards - in the cloud, on-premises, and in hybrid environments.
Our partner’s network obfuscation product Telos Ghost can protect financial transactions, document repositories, email and applications servers, as well as assure confidential unified communications over mobile voice, chat, and video.