State of Florida Cyber Security Services RFI
|
|
- Theresa Gibson
- 8 years ago
- Views:
Transcription
1 RFI ATTENTION: State of Florida Dept. of Management Services Joel Atkinson Associate Category Manager 4050 Esplanade Way, Suite 360 Tallahassee, FL (850) REMIT TO: evigilant Security Raj S. Leyl EVP, Cyber Security 8253-M Backlick Rd. Lorton, VA (301) September 3, 2015 DUNS #: Cage Code: 3CEK3 Small Disadvantaged Business GSA Schedule 70: GS35F178AA GSA Schedule 84: GS07F0178W GSA Stars II: GS Z
2 Table of Contents 1 INTRODUCTION BACKGROUND SECTION IV RESPONSE... 3 for any purpose other than to evaluate the Proposal. i
3 1 INTRODUCTION evigilant is a small, minority-owned business and a prime contractor on both the GSA Schedule 70 and GSA STARSII contracts. evigilant has significant experience in providing information assurance, risk assessment and mitigation support to Federal and DoD agencies. We have also supported various information assurance efforts, all of which we have predicated with costeffective, risk-balanced applications of controls to promote confidentiality, integrity, availability, non-repudiation, and authentication of information. 1.1 BACKGROUND evigilant, a full service security provider since 1999, specializes in facilitating risk and vulnerability mitigation for its clients within their IT systems and physical facilities. As a direct result of evigilant s impeccable quality of service and client satisfaction levels, we have enjoyed healthy growth over the past three years, maintaining an annual growth rate of 60% or higher from each year. evigilant has served as a trusted advisor in matters pertaining to electronic security solutions and cyber security for agencies such as EPA, IRS, FTC, Department of Commerce, TSA, USAID, Department of Army, and NCIS. We have a team of highly skilled and experienced Information Assurance experts all of whom possess intimate familiarity with the DoD pertaining to Information Assurance Certification and Accreditation Process (DIACAP) and related DoD IA instructions, including DoD E, DoD , DoD , DoD evigilant deploys a Global Security Solutions (GSS) practice comprised of a C&A Assessment Team whose primary purpose is to provide information assurance (IA) support and guidance to the Federal Government, Department of Defense (DoD) and/or commercial organizations to ensure satisfaction of the compulsory requirements related to the organization s overall security posture. We focus our services on improving IT networks and defending them against cyber-attacks. Our services include: technology assessment, development and transition, requirements analysis, systems engineering, operational and technical support, software development and prototyping, hardware development and prototyping, training support and cyber security engineering. Raj S. Leyl, MBA, PMP, evigilant s EVP and formerly led the IRS e-file program, where he reported to the IRS Commissioner and was appointed by the Secretary of Treasury to serve and help improve the security posture of the IRS e-file eco-system. Mr. Leyl is an experience executive who oversees all of evigilant s information security contracts and programs. He helps ensure that all of our cyber programs are properly staffed with the best talent, and has implemented processes and tools to help mitigate risks and deliver solutions consistently on time, on budget, and meeting evigilant s high quality standards. evigilant s strength is in serving as a trusted advisor to our clients, to help ensure that all requirements are understood and all current assets are reviewed and assessed before we prescribe a solution. We have in-house principals that are expert integrators that have experience in pre and post incident response services. Our goal is to meet your requirements, quality standards and deliver the most cost-effective solutions possible. We go the extra mile to ensure that our client s best interests are always factored into our recommendations. evigilant is also a leader in IT security and we have staff members that are leaders in this field. for any purpose other than to evaluate the Proposal. 1
4 CONTACT INFORMATION Company Name evigilant.com, Inc. Address 8253-M Backlick Rd. Lorton, VA Point of Contact Raj S. Leyl Title Executive Vice President, Cyber Security Phone (301) Website for any purpose other than to evaluate the Proposal. 2
5 2 SECTION IV RESPONSE Services a. Incident Response Agreements Terms and conditions in place ahead of time to allow for quicker response in the event of a cybersecurity b. Assessments Evaluate a State Agency s current state of information security and cybersecurity incident response capability c. Preparation Provide guidance on requirements and best practices d. Developing Cyber-Security Incident Response Plans Develop or assist in development of written State Agency plans for incident response in the event of a cyber-security e. Training Provide training for State Agency staff from basic user awareness to technical education. evigilant Capability Pre-Incident Services: evigilant is a first tier sub-contractor at USAID where we currently have staff providing this service. We also currently are a prime contractor at US ARMY TARDEC, where we perform this function. evigilant is also a prime contractor and trusted advisor at the Maryland Enterprise Education Consortium and provides expert Cyber Security services to Maryland educational institutions including colleges, libraries, and K-12 school system. evigilant performed a comprehensive IT security assessment for the National Building Museum and have since remediated the vulnerabilities that were identified. evigilant continues to provide IT network and security management services to the National Building Museum. As part of our scope at USAID, we are a major vendor providing expert cyber security support services to the USAID CISO (Chief Information Security Officer). We recently completed a comprehensive IT Security assessment and have developed a roadmap to help bridge the gaps in a logical manner; based on severity and impact to the overall security posture vs. cost. evigilant provides guidance on IT security requirements and best practices to multiple clients including USAID, National Building Museum, IRS, Army, and EPA. At USAID, our team of 28 people supports all aspects of the USAID CISO mission including incident response, e-discovery, Risk Management, Information Assurance governance and assessments, security engineering, security training, and privacy and information protection. evigilant is on a State of MD wide contract to provide IT Security Assessments and Advisory Services. The Maryland Education Enterprise Consortium (MEEC) is an initiative of the University System of Maryland comprised of educational agencies throughout the State of Maryland, including: 6 educational organizations/associations 49 higher education agencies 24 public K-12 school districts (1475 schools) 105 private K-12 schools 18 library systems Our team has also developed cyber-security incident response plans for the United States Agency for International Development (USAID), where we work directly for the USAID CISO. We have a comprehensive incident response tools, processes, and guidelines in place to help protect USAID IT infrastructure and we also have an e-discovery team in place to help deal with post-incident services. evigilant has extensive experience in providing training services, from online content development, instructional design, implementing enterprise learning management systems such as SuccessFactors, and Cornerstone OnDemand, to offering on-the-job training and instructor-led training courses to our many clients. We provide IT Security awareness training, including privacy training at USAID currently. We also have provided similar training on e-signatures and IT security via online courses and integrating it with a learning management system (LMS) at the Internal Revenue Service (IRS). Past Performance M- M- M- MEEC - C P ( M- M- IRS -TIRNO- 10-C for any purpose other than to evaluate the Proposal. 3
6 a. Breach Services Toll-free Hotline Provide a scalable, resilient call center for incident response information to State Agencies. b. Investigation/Cl ean-up Conduct rapid evaluation of incidents, lead investigations and provide remediation services to restore State Agency operations to preincident levels. c. Incident response Provide guidance or technical staff to assist State Agencies in response to an d. Mitigation Plans Assist State Agency staff in development of mitigation plans based on investigation and incident response. Assist State Agency staff with incident mitigation activities. e. Identity Monitoring, Protection, and Restoration Provide identity monitoring, protection, and restoration services to any individuals potentially affected by a cyber-security Post-Incident Services: evigilant currently provides e-discovery and similar services at USAID. We have implemented and oversee a comprehensive incident response program which includes capturing all incidences, qualifying them, and remediating them. evigilant currently provides incident response remediation services at USAID as well as the National Building Museum. We also provide these services under our State of Maryland MEEC IT Security Assessments and Advisory Services contract. evigilant has also been providing this service to the National Building Museum since 2010 and continue to provide this service over the last 5 years. evigilant has the experience and skills to effectively provide expert guidance and/or technical cyber security staff to assist the State of Florida in responding to, and effectively addressing and mitigating a security Our EVP of cyber security, Mr. Raj Leyl, was an appointed executive and worked for the IRS commissioner to instill new security policies and guidance for online tax return preparers to help further improve the security posture of the nation s tax e-filing system. Mr. Leyl was the executive in charge of the IRS e-file system and worked closely with the IRS CISO and Cyber Security division to develop strategies to protect the IRS e-filing eco-system from breach. evigilant has developed comprehensive mitigation plans for USAID as well as the National Building Museum. We currently have staff onsite at USAID that are managing the USAID incident response program and operations. To date, we are proud that our team has successfully mitigated all breaches and we have implemented proactive measures to counter attacks before they occur and we have the expertise to quickly mitigate an incident when it occurs. evigilant works with its proven partners such as CSID and Identity Guard to provide active ID monitoring and protection. At USAID, we have recommended, and successfully obtained approval to implement an API Gateway solution that will help the agency validate and verify identities before they are allowed access into the USAID network. This API Gateway sits outside of the USAID firewall. MEEC- C P IRS - TIRNO-10- C Note: For referenced past performances, the following is breakout of period of performance (POP) and contract value: for any purpose other than to evaluate the Proposal. 4
7 USAID- M- - United States Agency for International Development (USAID) CISO Information Assurance Support Services (POP: 3/2015 3/2018 Total Value: $8,000,000) NBM Service Schedules 1 to Service Schedule 7 Natiional Building Museum (NBM) IT Network Security Assessment and ongoing maintenance and security (POP: 6/2010 Present) SS1 SS7) over $550K) MEEC - C P - Maryland Education Enterprise Consortium (MEEC) - IT Security Assessments and Advisory Services (POP: 3/2015 3/2018, IDIQ contract) IRS -TIRNO-10-C Internal Revenue Service (IRS) Unax IT Security Training Solution (POP: 9/2010 2/2013. Total Value: $1.3M) for any purpose other than to evaluate the Proposal. 5
carahsoft Florida Department of Management Services CARAHSOFT S RESPONSE TO THE REQUEST FOR INFORMATION
carahsoft CARAHSOFT S RESPONSE TO THE Florida Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services
More informationREQUEST FOR INFORMATION
Department of Management Services REQUEST FOR INFORMATION Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services 3 September 2015 6506 Loisdale Rd, Ste 325
More informationCyber-Security Assessment, Remediation, and Identity Protection, Monitoring and Restoration Services
Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring and Request for Information 9/3/2015 12:00PM Prepared For State of Florida Department of Management Services Division of State
More informationDepartment of Management Services. Request for Information
Department of Management Services Request for Information Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services September 3, 2015 Submitted By: Carlos Henley
More informationCyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services
4937 Fargo Street North Charleston SC 29418 Phone 843.266.2330 Fax 843.266.2333 w w w. c o d e l y n x. c o m Request for Information: Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring,
More informationState of Florida Department of Management Services
September 3, 2015 State of Florida Attn: Joel Atkinson Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services 350 Seventh Avenue 10th Floor New York, New
More informationReliable, Repeatable, Measurable, Affordable
Reliable, Repeatable, Measurable, Affordable Defense-in-Depth Across Your Cyber Security Life-Cycle Faced with today s intensifying threat environment, where do you turn for cyber security answers you
More informationStatement of Gil Vega. Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer. U.S. Department of Energy
Statement of Gil Vega Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer U.S. Department of Energy Before the Subcommittee on Oversight and Investigations Committee
More informationCorporate Overview. MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA 22153 Office: 703.636.2033 Fax: 866.761.7457 www.mindpointgroup.
Corporate Overview MindPoint Group, LLC 8078 Edinburgh Drive, Springfield, VA 22153 Office: 703.636.2033 Fax: 866.761.7457 www.mindpointgroup.com IS&P Practice Areas Core Competencies Clients & Services
More informationLegislative Language
Legislative Language SEC. 1. COORDINATION OF FEDERAL INFORMATION SECURITY POLICY. (a) IN GENERAL. Chapter 35 of title 44, United States Code, is amended by striking subchapters II and III and inserting
More informationCybersecurity Framework: Current Status and Next Steps
Cybersecurity Framework: Current Status and Next Steps Federal Advisory Committee on Insurance November 6, 2014 Adam Sedgewick Senior IT Policy Advisor Adam.Sedgewick@nist.gov National Institute of Standards
More informationIndependent Security Operations Oversight and Assessment. Captain Timothy Holland PM NGEN
Independent Security Operations Oversight and Assessment Captain Timothy Holland PM NGEN 23 June 2010 Independent Security Operations Oversight and Assessment Will Jordan NGEN Cyber Security 23 June 2010
More informationCyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services. RFI Response
ISO 9001:2008 HUBZone Small Business Concern Microsoft Gold Certified Partner Oracle Gold Certified Partner www.futurenetgroup.com Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring,
More informationNetwork Management and Defense Telos offers a full range of managed services for:
Network Management and Defense Telos offers a full range of managed services for: Network Management Operations Defense Cybersecurity and Information Assurance Software and Application Assurance Telos:
More informationCompliance Risk Management IT Governance Assurance
Compliance Risk Management IT Governance Assurance Solutions That Matter Introduction to Federal Information Security Management Act (FISMA) Without proper safeguards, federal agencies computer systems
More informationHow To Protect Your Network From Attack From A Network Security Threat
Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your
More informationSecure by design: taking a strategic approach to cybersecurity
Secure by design: taking a strategic approach to cybersecurity The cybersecurity market is overly focused on auditing policy compliance and performing vulnerability testing when the level of business risk
More informationCybersecurity Enhancement Account. FY 2017 President s Budget
Cybersecurity Enhancement Account FY 2017 President s Budget February 9, 2016 Table of Contents Section 1 Purpose... 3 1A Mission Statement... 3 1.1 Appropriations Detail Table... 3 1B Vision, Priorities
More informationThe ICS Approach to Security-Focused IT Solutions
The ICS Approach to Security-Focused IT Solutions for the State of Mississippi ICS offers a dynamic and comprehensive portfolio of security-driven IT solutions for the State of Mississippi. Taking a proactive
More informationCyber Security Defense Services Portfolio Development Status. February 2016
Cyber Security Defense Services Portfolio Development Status February 2016 1 Agenda Merit s Six Strategic Thrusts Merit s current security offerings Member feedback Mission and vision statement for this
More informationCyber Security key emerging risk Q3 2015
Cyber Security key emerging risk Q3 2015 The study is based on interviews with CIO:s, CISO:s and Head of Security in August and September 2015. November 2015 www.pwc.se Companies falling behind are more
More informationThe Information Assurance Process: Charting a Path Towards Compliance
The Information Assurance Process: Charting a Path Towards Compliance A white paper on a collaborative approach to the process and activities necessary to attain compliance with information assurance standards.
More informationGEARS Cyber-Security Services
Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments
More informationCybersecurity..Is your PE Firm Ready? October 30, 2014
Cybersecurity..Is your PE Firm Ready? October 30, 2014 The Panel Melinda Scott, Founding Partner, Scott Goldring Eric Feldman, Chief Information Officer, The Riverside Company Joe Campbell, CTO, PEF Services
More information[STAFF WORKING DRAFT]
S:\LEGCNSL\LEXA\DOR\OI\PARTIAL\CyberWD..xml [STAFF WORKING DRAFT] JULY, 0 SECTION. TABLE OF CONTENTS. The table of contents of this Act is as follows: Sec.. Table of contents. Sec.. Definitions. TITLE
More informationTITLE III INFORMATION SECURITY
H. R. 2458 48 (1) maximize the degree to which unclassified geographic information from various sources can be made electronically compatible and accessible; and (2) promote the development of interoperable
More informationADDENDUM TO STATE OF MARYLAND PURCHASES ISSUED UNDER STATE CONTRACT NO. 060B2490021-2015.
ADDENDUM TO STATE OF MARYLAND PURCHASES ISSUED UNDER STATE CONTRACT NO. 060B2490021-2015. This addendum is applicable to each purchase order that is subject to the State of Maryland s contract number 060B2490021-2015.
More informationBuilding Security In:
#CACyberSS2015 Building Security In: Intelligent Security Design, Development and Acquisition Steve Caimi Industry Solutions Specialist, US Public Sector Cybersecurity September 2015 A Little About Me
More informationPersonal Security Practices of the CAO
Personal Security Practices of the CAO 1. Do you forward your government email to your personal email account? 2. When is the last time you changed your Enterprise password? Within the last 60 days Within
More informationIntroduction. Special thanks to the following individuals who were instrumental in the development of the toolkits:
Introduction In this digital age, we rely on our computers and devices for so many aspects of our lives that the need to be proactive and vigilant to protect against cyber threats has never been greater.
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationCybersecurity & Public Utility Commissions
Cybersecurity & Public Utility Commissions November 12, 2014 TCIPG Ann McCabe, Commissioner Illinois Commerce Commission NARUC (National Association of Regulatory Utility Commissioners) Cybersecurity Primer
More informationFlorida Department of Management Services Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services RFI
Florida Department of Management Services Cyber-Security Assessment, Remediation, and Identity Protection, Monitoring, and Restoration Services RFI August 25, 2015 Re: Cyber-Security Assessment, Remediation,
More informationSeptember 24, 2015. Mr. Hogan and Ms. Newton:
Mr. Michael Hogan and Ms. Elaine Newton Office of the Director, Information Technology Laboratory National Institute of Standards and Technology 100 Bureau Drive Mail Stop 8930 Gaithersburg, MD 20899-8930
More informationCyber Security Solutions Integrated. Proactive. Resilient.
Cyber Security Solutions Integrated. Proactive. Resilient. Between defending against cyber attacks and ensuring mission resilience, there is one important word: HOW Cyber attacks never stop coming. Intrusions
More informationInformation Security Risk and Compliance Series Risking Your Business
Information Security Risk and Compliance Series Risking Your Business Sergio Saenz and Ron Nemes June 2015 Introduction As the DoD Information Assurance Certification and Accreditation Process (DIACAP)
More informationCONSULTING IMAGE PLACEHOLDER
CONSULTING IMAGE PLACEHOLDER KUDELSKI SECURITY CONSULTING SERVICES CYBERCRIME MACHINE LEARNING ECOSYSTEM & INTRUSION DETECTION: CYBERCRIME OR REALITY? ECOSYSTEM COSTS BENEFITS BIG BOSS Criminal Organization
More informationVendor Risk Management Financial Organizations
Webinar Series Vendor Risk Management Financial Organizations Bob Justus Chief Security Officer Allgress Randy Potts Managing Consultant FishNet Security Bob Justus Chief Security Officer, Allgress Current
More informationCisco Security Optimization Service
Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless
More informationIntroduction to NICE Cybersecurity Workforce Framework
Introduction to NICE Cybersecurity Workforce Framework Jane Homeyer, Ph.D., Deputy ADNI/HC for Skills and Human Capital Data, ODNI Margaret Maxson, Director, National Cybersecurity Education Strategy,
More informationCyber ROI. A practical approach to quantifying the financial benefits of cybersecurity
Cyber ROI A practical approach to quantifying the financial benefits of cybersecurity Cyber Investment Challenges In 2015, global cybersecurity spending is expected to reach an all-time high of $76.9
More informationMASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY
MASTER OF SCIENCE IN INFORMATION ASSURANCE PROGRAM DEPARTMENT OF COMPUTER SCIENCE HAMPTON UNIVERSITY HTTP://SCIENCE.HAMPTONU.EDU/COMPSCI/ The Master of Science in Information Assurance focuses on providing
More informationCybersecurity Framework. Executive Order 13636 Improving Critical Infrastructure Cybersecurity
Cybersecurity Framework Executive Order 13636 Improving Critical Infrastructure Cybersecurity National Institute of Standards and Technology (NIST) Mission To promote U.S. innovation and industrial competitiveness
More informationDeveloping a Mature Security Operations Center
Developing a Mature Security Operations Center Introduction Cybersecurity in the federal government is at a crossroads. Each month, there are more than 1.8 billion attacks on federal agency networks, and
More informationTop 5 Global Bank Selects Resolution1 for Cyber Incident Response.
MAJOR FINANCIAL SERVICES LEADER Top 5 Global Bank Selects Resolution1 for Cyber Incident Response. Automation and remote endpoint remediation reduce incident response (IR) times from 10 days to 5 hours.
More informationHow To Write A Cybersecurity Framework
NIST Cybersecurity Framework Overview Executive Order 13636 Improving Critical Infrastructure Cybersecurity 2nd ENISA International Conference on Cyber Crisis Cooperation and Exercises Executive Order
More informationCloud Computing Contract Clauses
Cloud Computing Contract Clauses Management Advisory Report Report Number SM-MA-14-005-DR April 30, 2014 Highlights The 13 cloud computing contracts did not address information accessibility and data security
More informationPublic Law 113 283 113th Congress An Act
PUBLIC LAW 113 283 DEC. 18, 2014 128 STAT. 3073 Public Law 113 283 113th Congress An Act To amend chapter 35 of title 44, United States Code, to provide for reform to Federal information security. Be it
More informationHow To Understand And Manage Cybersecurity Risk
White Paper A Framework to Gauge Cyber Defenses NIST s Cybersecurity Framework Helps Critical Infrastructure Owners to Cost-Effectively Defend National & Economic Security of the U.S. Executive Summary
More informationFour Top Emagined Security Services
Four Top Emagined Security Services. www.emagined.com Emagined Security offers a variety of Security Services designed to support growing security needs. This brochure highlights four key Emagined Security
More informationAn Information Security and Privacy Perspective for Procurement Services Projects
MANAGEMENT OF DATA: An Information Security and Privacy Perspective for Procurement Services Projects Presentation for: Procurement Services Senior Leadership Meeting Presented by: Ann Nagel, Associate
More informationIndustrial Security & Compliance Using the Holistic Lifecycle Model
Industrial Security & Compliance Using the Holistic Lifecycle Model Clint Bodungen Founder / Lead Analyst CIDG, Corp. (Critical Infrastructure Defense Group) Chris Paul Counsel Joyce & Paul, PLLC Jeff
More informationDelaware Cyber Security Workshop September 29, 2015. William R. Denny, Esquire Potter Anderson & Corroon LLP
Changing Legal Landscape in Cybersecurity: Implications for Business Delaware Cyber Security Workshop September 29, 2015 William R. Denny, Esquire Potter Anderson & Corroon LLP Agenda Growing Cyber Threats
More informationAUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES
AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE CYBER SECURITY CAPABILITY FRAMEWORK & MAPPING OF ISM ROLES Final Report Prepared by Dr Janet Tweedie & Dr Julie West June 2010 Produced for AGIMO by
More informationLogical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110
Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110 Exam Information Candidate Eligibility: The CyberSec First Responder: Threat Detection and Response (CFR) exam
More informationU.S. ELECTION ASSISTANCE COMMISSION OFFICE OF INSPECTOR GENERAL
U.S. ELECTION ASSISTANCE COMMISSION OFFICE OF INSPECTOR GENERAL FINAL REPORT: U.S. Election Assistance Commission Compliance with the Requirements of the Federal Information Security Management Act Fiscal
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationCybersecurity Audit Why are we still Vulnerable? November 30, 2015
Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 John R. Robles, CISA, CISM, CRISC www.johnrrobles.com jrobles@coqui.net 787-647-3961 John R. Robles- 787-647-3961 1 9/11-2001 The event
More informationSYMANTEC MANAGED SECURITY SERVICES. Superior information security delivered with exceptional value.
SYMANTEC MANAGED SECURITY SERVICES Superior information security delivered with exceptional value. A strong security posture starts with a smart business decision. In today s complex enterprise environments,
More informationNICE and Framework Overview
NICE and Framework Overview Bill Newhouse NIST NICE Leadership Team Computer Security Division Information Technology Lab National Institute of Standards and Technology TABLE OF CONTENTS Introduction to
More informationBuilding a Mobile App Security Risk Management Program. Copyright 2012, Security Risk Advisors, Inc. All Rights Reserved
Building a Mobile App Security Risk Management Program Your Presenters Who Are We? Chris Salerno, Consultant, Security Risk Advisors Lead consultant for mobile, network, web application penetration testing
More informationAmit Garg BERKELEY RESEARCH GROUP, LLC 1800 M Street, N.W. 2 nd Floor Washington, D.C. 20036. Direct: 202.747.3483 agarg@thinkbrg.
Curriculum Vitae Amit Garg BERKELEY RESEARCH GROUP, LLC 1800 M Street, N.W. 2 nd Floor Washington, D.C. 20036 Direct: 202.747.3483 agarg@thinkbrg.com SUMMARY Amit Garg brings over 17 years of information
More informationPREMIER SERVICES MAXIMIZE PERFORMANCE AND REDUCE RISK
MAXIMIZE PERFORMANCE AND REDUCE RISK 1 BROCHURE COMPLEXITIES IN MISSION CRITICAL SYSTEMS CONTINUE TO INCREASE Mission critical communications systems have become increasingly complex as more features and
More informationEric Hess, CEO, KeyPoint Government Solutions OPM Data Breach: Part II House Committee on Oversight and Government Reform June 24, 2015
Eric Hess, CEO, KeyPoint Government Solutions OPM Data Breach: Part II House Committee on Oversight and Government Reform June 24, 2015 Chairman Chaffetz, Ranking Member Cummings, and Members of the Committee,
More informationApplication Security 101. A primer on Application Security best practices
Application Security 101 A primer on Application Security best practices Table of Contents Introduction...1 Defining Application Security...1 Managing Risk...2 Weighing AppSec Technology Options...3 Penetration
More informationDHS, National Cyber Security Division Overview
DHS, National Cyber Security Division Overview Hun Kim, Deputy Director Strategic Initiatives Information Analysis and Infrastructure Protection Directorate www.us-cert.gov The strategy of DHS, as defined
More informationALM Virtual Corporate Counsel Managing Cybersecurity Risks and Mitigating Data Breach Damage
ALM Virtual Corporate Counsel Managing Cybersecurity Risks and Mitigating Data Breach Damage VENABLE LLP Attorneys at Law Washington, DC/New York/San Francisco/Los Angeles/Baltimore/Virginia/Delaware November
More informationEverything You Wanted to Know about DISA STIGs but were Afraid to Ask
Everything You Wanted to Know about DISA STIGs but were Afraid to Ask An EiQ Networks White Paper 2015 EiQ Networks, Inc. All Rights Reserved. EiQ, the EiQ logo, the SOCVue logo, SecureVue, ThreatVue,
More informationPrevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management
Prevent cyber attacks. SEE what you are missing. See Your Network MAP. Prevent Cyber Attacks. Driven by the need to support evolving business objectives, enterprise IT infrastructures have grown increasingly
More informationBig Data, Big Risk, Big Rewards. Hussein Syed
Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data
More informationEMERGENCY SUPPORT FUNCTION (ESF) 14 LONG TERM RECOVERY AND MITIGATION
EMERGENCY SUPPORT FUNCTION (ESF) 14 LONG TERM RECOVERY AND MITIGATION Primary Agency: Chatham Emergency Management Agency Support Agencies: American Red Cross Chatham County Building Safety & Regulatory
More informationVendor Management. Outsourcing Technology Services
Vendor Management Outsourcing Technology Services Objectives Board and Senior Management Responsibilities Risk Management Program Risk Assessment Service Provider Selection Contracts Ongoing Monitoring
More informatione-discovery Forensics Incident Response
e-discovery Forensics Incident Response NetSecurity Corporation Inno Eroraha, President 22375 Broderick Drive Suite 235 Dulles, VA 20166 SBA 8(a) Certified SDB GSA Contract # GS-35F-0288Y VA DCJS # 11-5605
More informationLessons from Defending Cyberspace
Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat
More informationerisks Policyholder s Guide to Privacy & Security Breach Response Planning
erisks Policyholder s Guide to Privacy & Security Breach Response Planning Professional Indemnity Financial Institutions Directors & Officers Management Liability Medical Malpractice Media Liability Level
More informationIT-CNP, Inc. Capability Statement
Securing America s Infrastructure Security Compliant IT Operations Hosting Cyber Security Information FISMA Cloud Management Hosting Security Compliant IT Logistics Hosting 1 IT-CNP, Inc. is a Government
More informationLooking at the SANS 20 Critical Security Controls
Looking at the SANS 20 Critical Security Controls Mapping the SANS 20 to NIST 800-53 to ISO 27002 by Brad C. Johnson The SANS 20 Overview SANS has created the 20 Critical Security Controls as a way of
More informationWork With Genesis Insurance Company
IN F O R M AT ION TEC HNOLOGY (IT ) SECURIT Y AT GEN ES I S security peace of mind You re covered. Access Control Application Security Business Continuity and Disaster Recovery Planning Cryptography Information
More informationRisk Management Framework (RMF): The Future of DoD Cyber Security is Here
Risk Management Framework (RMF): The Future of DoD Cyber Security is Here Authors: Rebecca Onuskanich William Peterson 3300 N Fairfax Drive, Suite 308 Arlington, VA 22201 Phone: 571-481-9300 Fax: 202-315-3003
More informationNIST Cybersecurity Framework & A Tale of Two Criticalities
NIST Cybersecurity Framework & A Tale of Two Criticalities Vendor Management & Incident Response Presented by: John H Rogers, CISSP Advisory Services Practice Manager john.rogers@sagedatasecurity.com Presented
More informationCIP Supply Chain Risk Management (RM15 14 000) Statement of Jacob S. Olcott Vice President, BitSight Technologies January 28, 2016
CIP Supply Chain Risk Management (RM15 14 000) Statement of Jacob S. Olcott Vice President, BitSight Technologies January 28, 2016 My name is Jacob Olcott and I am pleased to share some observations on
More informationCyber and Data Risk What Keeps You Up at Night?
Legal Counsel to the Financial Services Industry Cyber and Data Risk What Keeps You Up at Night? December 10, 2014 Introduction & Overview Today s Discussion: Evolving nature of data and privacy risks
More informationCybersecurity Throughout DoD Acquisition
Cybersecurity Throughout DoD Acquisition Tim Denman Cybersecurity Performance Learning Director DAU Learning Capabilities Integration Center Tim.Denman@dau.mil Acquisition.cybersecurity@dau.mil Cybersecurity
More informationDOWNTIME BREACHES DATA LOSS. SYMANTEC TECHNICAL SERVICES HELP YOU AVOID THEM.
DOWNTIME BREACHES DATA LOSS. SYMANTEC TECHNICAL SERVICES HELP YOU AVOID THEM. Symantec Technical Services 2015 Symantec Corporation. All rights reserved. Go ahead, you ve got There s More to Protect By
More informationWhite Paper on Financial Institution Vendor Management
White Paper on Financial Institution Vendor Management Virtually every organization in the modern economy relies to some extent on third-party vendors that facilitate business operations in a wide variety
More information2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy
2015 Michigan NASCIO Award Nomination Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy Sponsor: David Behen, DTMB Director and Chief Information Officer Program Manager: Rod Davenport,
More informationState Governments at Risk: The Data Breach Reality
State Governments at Risk: The Data Breach Reality NCSL Legislative Summit August 5, 2015 Doug Robinson, Executive Director National Association of State Chief Information Officers (NASCIO) About NASCIO
More informationCHAPTER 2016-138. Committee Substitute for Committee Substitute for Committee Substitute for House Bill No. 1033
CHAPTER 2016-138 Committee Substitute for Committee Substitute for Committee Substitute for House Bill No. 1033 An act relating to information technology security; amending s. 20.61, F.S.; revising the
More informationExperience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.
Experience the commitment WHITE PAPER Information Security Continuous Monitoring Charting the Right Course May 2014 cgi.com 2014 CGI GROUP INC. During the last few months of 2013, six federal agencies
More information¼ããÀ ããè¾ã ¹ãÆãä ã¼ãîãä ã ããõà ãäìããä ã½ã¾ã ºããñ à Securities and Exchange Board of India
CIRCULAR CIR/MRD/DP/13/2015 July 06, 2015 To, All Stock Exchanges, Clearing Corporation and Depositories. Dear Sir / Madam, Subject: Cyber Security and Cyber Resilience framework of Stock Exchanges, Clearing
More informationSocial Media Security Training and Certifications. Stay Ahead. Get Certified. Ultimate Knowledge Institute. ultimateknowledge.com
Ultimate Knowledge Institute ultimateknowledge.com Social Media Security Training and Certifications Social Media Security Professional (SMSP) Social Media Engineering & Forensics Professional (SMEFP)
More informationSTATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE
STATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE HOUSE OVERSIGHT AND GOVERNMENT REFORM COMMITTEE S INFORMATION TECHNOLOGY SUBCOMMITTEE AND THE VETERANS
More informationQatar Computer Emergency Team
Cyber Security Division Qatar Computer Emergency Team An initiative Introduction Qatar aims to fully exploit information and communications technology to become one of the most successful knowledge-based
More informationExecutive Order 13636: The Healthcare Sector and the Cybersecurity Framework. September 23, 2014
Executive Order 13636: The Healthcare Sector and the Cybersecurity Framework September 23, 2014 Executive Order: Improving Critical Infrastructure Cybersecurity It is the policy of the United States to
More informationNGA Paper. Act and Adjust: A Call to Action for Governors. for cybersecurity;
NGA Paper Act and Adjust: A Call to Action for Governors for Cybersecurity challenges facing the nation. Although implementing policies and practices that will make state systems and data more secure will
More informationManaged Services. Business Intelligence Solutions
Managed Services Business Intelligence Solutions Business Intelligence Solutions provides an array of strategic technology services for life science companies and healthcare providers. Our Managed Services
More informationCYBERSECURITY RISK MANAGEMENT
CYBERSECURITY RISK MANAGEMENT Evan Wolff Maida Lerner Peter Miller Kate Growley 233 Roadmap Cybersecurity Risk Overview Cybersecurity Trends Selected Cybersecurity Topics Critical Infrastructure DFARS
More informationInformation Security Program CHARTER
State of Louisiana Information Security Program CHARTER Date Published: 12, 09, 2015 Contents Executive Sponsors... 3 Program Owner... 3 Introduction... 4 Statewide Information Security Strategy... 4 Information
More informationSecure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities
Secure Content Automation Protocol (SCAP): How it is increasingly used to automate enterprise security management activities Sean Barnum sbarnum@mitre.org September 2011 Overview What is SCAP? Why SCAP?
More informationHealthcare Management Service Organization Accreditation Program (MSOAP)
ELECTRONIC HEALTHCARE NETWORK ACCREDITATION COMMISSION (EHNAC) Healthcare Management Service Organization Accreditation Program (MSOAP) For The HEALTHCARE INDUSTRY Version 1.0 Released: January 2011 Lee
More information