CYBERSECURITY

Cybersecurity is everyone’s issue today, not just the CIO.  Defending networks is no longer about eliminating cyber attacks--it’s about having the agility to respond immediately and neutralize the effects or attacks. We can do a network cybersecurity assessment and offer solutions to ensure your network is secure and compliant with the Cybersecurity National Action Plan.

GSA IT Schedule 70 contract --- GS35-F387DA

The SST Team fully supports the OMB’s Presidential Cybersecurity National Action Plan. Our solutions are in-line with the General Services Administration (GSA) Special Item Number (SIN) on the IT Schedule 70 contract vehicle that can offer cybersecurity services that Federal agencies can quickly leverage to assess and protect their IT assets and infrastructure. The SST Team’s cloud based behavioral cybersecurity services will offer the solutions required by the IT 70 SIN, entitled “Highly Adaptable Cybersecurity Services” (HACS). We can provide the Penetrating Testing, Incident Response Teams, Cyber Hunting, and the Risk and Vulnerability Assessments required for OMB’s directive and can work with all Government agencies on all of these requirements. Also, we can provide the necessary training in these areas to Government employees.

We are authorized by GSA for the below cybersecurity categories:

• SIN 132-45A: Penetrating Testing

• SIN 132-45B: Incident Response

• SIN 132-45C: Cyber Hunt

• SIN 132-45D: Risk and Vulnerability Assessment (RVA)

Our team is a strategic partner for organizations before, during, and after a cybersecurity attack. We regularly respond to security breaches for organizations of all sizes, working with them to develop highly customized response and remediation plans that balance the business and security needs of the company. SST can also work with you to improve your overall security preparedness, leveraging our intelligence capabilities to identify the attackers most likely to target you. We can quickly determine the scope of an attack, immediately start remediation, and resume business operations faster.

We help our customers understand how to build cyber resiliency into software, hardware and architecture, ensuring your organization can anticipate attacks, withstand them, recover and prevent more. Helping you complete your mission by foiling someone else’s is our focus.  We can provide Cybersecurity Assessment and Response Teams that focus on Incident Response, Penetration Testing, and Hunting.

Learn how we build resilience into every part of your business with:

• Cross Domain Information Sharing

• Insider Threat and Counterintelligence Solutions

• Network Monitoring / Auditing

• Real-time Network Traffic Analysis

• Encryption Hardware

• Behavioral Software Monitoring

We help clients implement solutions that reduce the risks of data theft, reputation damage, and operational outages. Our team of top cybersecurity specialists has helped intelligence and military clients successfully defend the most aggressively attacked infrastructure. We adapt our proven strategies for organizations of all sizes across various industries. Collaborating with our subject matter experts in specific markets, our cybersecurity teams design programs, advise on policies, and work on site to implement custom, scalable solutions.  Whether securing an energy grid, transportation system, defense network, or private healthcare information, wehelp our clients mount a sophisticated cybersecurity defense.

Best cybersecurity practices for mitigating IP theft, IT sabotage, and fraud:

1. Have top executive leadership support with proper funding.

2. Conduct a cyber-assessment of the enterprise.

3. Clearly document and consistently enforce policies and controls.

4. Incorporate insider threat awareness into periodic security training for all employees.

5. Beginning with the hiring process, monitor and respond to suspicious or disruptive behavior.

6. Anticipate and manage negative issues in the work environment.

7. Know your assets.

8. Implement strict password and account management policies and practices.

9. Enforce separation of duties and least privilege.

10. Define explicit security agreements for any cloud services and monitoring capabilities.

11. Institute stringent access controls and monitoring policies on privileged users.

12. Institutionalize system change controls.

13. Use a security information and event management (SIEM) system to log, monitor, and audit employee actions.

14. Monitor and control remote access from all end points, including mobile devices.

15. Develop a comprehensive employee termination procedure.

16. Implement secure backup and recovery processes.

17. Develop a formalized insider threat program.

18. Establish a baseline of normal network device behavior.

19. Be especially vigilant regarding social media.

20. Close the doors to unauthorized data exfiltration (spy, leaker, saboteur, and sloppy employee).

Embedded System Firmware Auditing & Analysis

Vulnerabilities impacting computing devices today extend well pass viruses and other malware of the past.  Hackers are using hardware based exploits and backdoors built into system motherboards, peripheral and other embedded to take permanent control of a targeted device.  To  understand if a computer or other embedded system has been compromised, it is often necessary to audit the firmware stored on the various embedded microchips and option ROMS.  Using state of the art diagnostic hardware and software, we can dump the stored binaries from firmware chips and compare them to system base lines.  If a system is discovered to be using unknown firmware, we can assist with performing the analysis on the non-standard firmware to assess the impact or work to restore the firmware to baseline to ensure effective operations of the system.  Auditing a sample of systems is often a smart step in detecting an advanced persistent threat or to determine if the subject hardware has been compromised.