Enterprise Security Management
Homeland Security Consultants Enterprise Security Management (ESM) services provide a complete cyber security implementation for your enterprise. From development of cyber security policies, procedures, and business processes to full scale implementations of security infrastructure. HSC provides a clear view of the larger picture while being able to drill down into the details; providing strategic guidance and tactical solutions.
With over a century of combined experience, we provide tried and true methods that have proven to work in highly complex information technology environments. Homeland Security Consultants applies our lessons learned to rapidly address cyber security challenges affecting the enterprise. We understand that each environment is unique and our dynamic approach allows us to rapidly assess and provide appropriate solutions to meet the needs of today’s rapidly evolving IT landscape.
Whether an existing cyber security program is in place or just getting started, Homeland Security Consultants provides effective guidance and services aimed at strengthening the cyber security posture of your organization, agency, or business.
Homeland Security Consultants conducts the following process when engaging in Enterprise Security Management services:
1. Work with executives to identify clear cyber security objectives and performance targets.
2. Develop a Cybersecurity Enterprise Evaluation Plan based on business/mission priority, risk appetite, and budget.
3. Evaluate business processes to determine existing risk management maturity.
4. Evaluate technical cybersecurity implementations to determine threat identification capability.
5. Evaluate technical cybersecurity implementations to determine attack resiliency.
6. Provide actionable cybersecurity program improvement targets for executive review.
7. Implement cybersecurity program improvements.
8. Monitor progress of cybersecurity program improvements.
We apply this framework when conducting security assessments against the enterprise to implement solutions that best protect multiple assets as opposed to developing one-off solutions that fail to address the overall security posture within the enterprise framework. This cost savings approach provides streamlined security solutions that help the customer achieve compliance and efficiency when protecting their enterprise systems.
HSC has performed the following Enterprise Security Management activities:
- Real time security event monitoring for networks, operating systems, and applications using Security Information and Event Management (SIEM) platforms
- Real Time security event monitoring for Database activity
- Centralized Management of Credentials
- Secure communications standards – FIPS140-2 compliant solutions
- Strong Authentication Solutions
- Vulnerability scanning, Penetration Testing, Security Test and Evaluation (ST&E).
- FISMA Certification and Accreditation
- Enterprise Level Threat Assessment
- Real Time System Security Analysis
Past Experience – Continuous Monitoring
HSC personnel were involved with DHS mission critical system infrastructure upgrade enabling application and network level Security and Event Management (SIEM), initiating an Incident Response and Reporting capability which integrated with component Security Operations Center to provide threat trends affecting the enterprise. Developed architecture and provided engineering support for near real time continuous monitoring (situational awareness) capability of system level baseline checking, vulnerability reporting, and threat vector discovery, analysis, and remediation capability.
HSC has long been a proponent of leveraging technical implementations to address Federal Information System Management Act (FISMA) compliance mandates. HSC has served on agency wide Continuous Monitoring Engineering Working Groups to shape and implement full scale production Continuous Monitoring capabilities. HSC has also lead enterprise implementation efforts for various Continuous Monitoring capabilities.
HSC is capable of providing the following services related to automated Enterprise Security Management to achieve threat visibility within the enterprise:
- Continuous Monitoring Monthly Reporting
- Software Assurance
- Vulnerability Management
- Event Management
- Malware Detection
- Asset Management
- Configuration Management
- Network Management
- Incident Management
- Patch Management
- License Management
- Information Management
- Compliance Management
- Identity, Credentialing, and Access Management
|Government customers may purchase cybersecurity professional services through Homeland Security Consultants GSA Schedule 70 Contract Vehicle. Click Here|