Cyber Information Technologies
There is a great need for cybersecurity consulting services. All of the large Federal
Departments, many State and Local level organizations, and many foreign entities have general cybersecurity requirements with regard to their internal operations, and additionally many have a responsibility to protect the larger systems around them. All of these organizations continue to be targets for information security, cyber espionage, cyber-crime, as well as terrorist and nation-state cyber-attacks.
GALLANT KNIGHTS Information Technology (IT) team has more than 40 years of experience in developing and implementing cyber-strategies. Our clients look to our multi-disciplinary team to help define their capabilities and position them as market leaders for more contract opportunities. Our goal is to make companies more profitable - and be a long-term asset and partner. There are six possible short term plays we can offer to address the clients’ cyber concerns. These may be aimed broadly across the organization in question, or in specific sub-component within that organization. They are as follows:
Cyber Security Executive Level Quick Look:
A small team of our senior consultants will work with executives to take a quick snapshot of Cyber Security issues, both strengths, and weaknesses. This begins with a one day in brief process (discussion with leadership) to set the stage and identify the organizational environment. It is followed by several days of interviews, inspections, and review of materials. The engagement concludes with an out brief/ presentation of recommendation.
2-3 Consultants- Approximately 1 week
Special Cyber Security Educational Seminar
An interview of Cyber Security leading practices for a specific sector audience-describing best security practices for their area. This would be a wide-ranging menu to avoid any appearance of pushing products and services in an inappropriate manner of one vendor. Could be done in one day or over several weeks depending on the target audience locations and size. Could also require some research inside the client organization to match up the best practices available with the needs/ culture client.
3-5 Consultants- 2 weeks preparations/ Presentation time would vary
Cyber Security Health Check
Short four-phase engagement to give the target organization a quick snapshot of their cybersecurity environment and overall integrity across 11 dimensions (Security Strategy & Planning, Define Security, Manage Leadership, Manage Performance, Manage Reward & Recognition, Manage Progression of Systems, Connect, Develop, Deploy, System Measurement, and Change & Sustain) and to provide some basic recommendations for improvement. This is a multiple week engagement utilizing four consultants and possibly one or two other SME's as needed.
4-5 Consultant- 4 to 6 weeks
Comprehensive Cyber Assessment
Holistic, detailed assessment and analysis across the client organization. Reviews including policies, processes, governance, technologies, human resource competencies, and capacity. Specific areas analyzed include governance strengths and weaknesses, vulnerability level and specific weaknesses, resilience level (includes continuity of operations), physical security of infrastructure, level of training and awareness in the workforce, state of their networks (OS, HW, Apps, etc.), mission and goal of the organization. This will result in the identification of major gaps, level of acceptable risk (to be developed throughout this process with the client). and proposal of a general methodology to address the identified gaps.
6-10 Consultants- 8 to 10 weeks
Complete Cyber Security Strategy Delivery Consultation
Includes the development and implementation or oversight of an integrated cybersecurity strategy. Goes far beyond the identification of vulnerabilities, gaps, and recommendations and includes the detailed roadmap for institutionalizing high levels of discipline essential to improving the security of the cyber environment. The recommendations include Policy, Doctrine, Organization, Training, Material, Leadership, Personnel, and Facilities. For our practitioners, this means governance, business practices, SOP development, training program, and proposed organizational structure for agencies and programs. Level of effort depends on the scope and availability of prior assessment work to leverage. If assessments have not been done, assume we will need to lead off with a Comprehensive Cyber Assessment.
6-10 Consultants- Depends on the scope (4-6 months is a good median)
Quick Hit Security Strategy Development (Specific Area of Responsibility)
A team of specialists to assist in the development of a realistic and workable strategy for securing a defined sector over which a department has a responsibility. It would clearly be based on the best practices, but would be much more comprehensive and would lead to a comprehensive strategy document to govern the design and growth of the targeted sector. This would be a mid-sized consulting engagement involving some senior consultants.
3-4 Senior Consultants- 2-3 months