We help our partners Think about their systems polices, standards, guidance and procedures plus all the planning necessary to ensure a right-sized security posture.
We Do system enclave implementation / integration, inventory development, hardware / firmware configuration / penetration testing, vulnerability testing, gap assessments and incident response.
We Learn through vulnerability research in our 1,650 sf hands-on lab where we simulate and test the complex interconnectivity of IT, FRCS, and other MDE present in today?s healthcare and military facilities.
We Teach cybersecurity through speaking events, immersive sessions, webinar series and written publications.
Past Performance Cybersecurity Standards Development for FRCS and MDE: Defense Health Agency, Falls Church, VA. Developed the enterprise policy for system isolation architecture as well as assessment and continuous monitoring guidance standards.
Risk Management Framework Document Development for Enterprise Architecture of FRCS and MDE: Defense Health Agency, Falls Church, VA. Produced the documentation for DHA to obtain a type-accredited ATO for the enterprise isolation architecture of FRCS and MDE.
FRCS and MDE Security Control Overlay Development: Created a medical facility tailored overlay, for use in eMASS, that coordinates security controls prescribed by CNSSI 1253 with FDA?s HSR Tool, HIPAA (NIST SP 800-66 Rev1) and the existing Privacy and ICS overlays (not yet published in eMASS) for all systems.
FRCS Information Assurance Practices Development: BUMED Navy Medicine West, San Diego, CA. Generated the standards and best practices for FRCS within NMW?s most recent Information Assurance Guidance document.
Differentiators Pioneered the adaptation of traditional ICS methodologies to MDE and FRCS
All team members required to an hold advanced degree in cybersecurity, professional licensure or CISSP/GICSP certification. Recruitment is by existing team member referral only
Core focus area is in project scope for enterprise solutions, not simply "butts in seats"
All team members possesses CAC and necessary underlying security investigations
Senior team members regularly speak and author publications within the industry