PPC's Cyber Security consulting services offer Systems Integration, Information Assurance, Systems Engineering, and Software Engineering for our Federal government customers to improve efficiency, security and mission effectiveness.
Cyber Security and Information Assurance Consulting
Overview of PPC's Cyber Security and Information Assurance
Since 1997, PPC's Cyber Security & Information Assurance mission has been to be project-focused and committed to providing world-class services that ensure customer satisfaction - consistantly exceeding 97 percent. Our staff has exceptional technical expertise, security clearances, industry certifications, and a unique ability to work with customers to solve complex problems in the design, implementation, operation, maintenance, and management of mission-critical systems. We tailor and customize our solutions to meet customer requirements, realizing that every customer mission is unique.
PPC is performing on contracts at many locations across the United States. Sites in the US include numerous DoD and Civilian offices. From Systems Integration to Information Assurance; Systems Engineering to Software Engineering, we deliver the services and IT solutions our customers require to improve efficiency, security and mission effectiveness. We are focused on customer success!
We offer mission-critical solutions and support to our federal government customers that includes:
- Regulatory Review and Guidance
- Regulatory Compliance Support
- Lifecycle Suppport of Security Technologies
- Cyber Security
- Information Assurance
- Vulnerability Analyses/Intrustion Detection
- Systems Inventory
- Risk Assessment and Threat Analysis
- Privacy Management
- Certification and Accrediation
Regulatory Review and Guidance Consulting
- We apply a consistent and solid review methodology together with expert guidance to evaluate, monitor and report on the effectiveness and compliance of its IT controls and services to ensure regulatory compliance.
- We assist in the development in regulatory reviews and impact assessments, in addition to policies, procedures, guidelines and standards.
- We support work group representation on regulatory compliance.
- We identify, coordinate, and manage waivers and exceptions required to ensure compliance with regulations such as FISMA, HSPD-12, HIPAA, Sarbanes-Oxley (SOX), and OMB-130.
Regulatory Compliance Support Consulting
- NIST Special Publication 800 series
- FIPS 199 and 200
- DoDD 8500.1, Information Assurance
- DODI 8500.2, Implementation Assurance ImplementationSecurity Architecture
- Leverage PPC Standardized Information Assurance Model (SIAM) to manage the migration of security architectures with automated inventory and asset control tools and that centralize security services and their management
- Partner with customers to develop a target security architecture and measure its migration and operationCertification and Accreditation (C&A)
- Support DITSCAP to DIACAP transition
- National Information Assurance Certification and Accreditation (NIACAP)
- NIST 800-53 and 800-37
Lifecycle Support of Security Technologies Consulting
- We provide research, assessment, concept development, architecture development, engineering, and operational support for operational security technologies and emerging tools while mitigating and lowering risk to current systems.
- We support piloting and testing of emerging technologies.
- We research and assess emerging security technologies to reduce mission implementation risk.
- We support security designs to evaluate and infuse new products and solutions into the targeted security architecture.
- We provide network emulation software to configure a test environment
Cyber Security Consulting
PPC performs cyber security controls on Network Forensics, Threat Mitigation, Penetration Testing, Intrusion Detection, Mobile Security Testing, Cloud Security Testing, Proactive and Reactive Cyber Security Solutions.
- Check Point,
- EMC (including Legato, Documentum,Dantz)
Information Assurance Consulting
We fully incorporate Confidentiality, Integrity, and Availability (CIA) Triad Model.
We employ a "big picture" view of security incidents and events to get out in front of vulnerability threats.
Vulnerability Analyses/Intrusion Detection Consulting
- Identify external and internal malicious behavior and potential data compromise
- Employ vulnerability assessment tools such as Foundstone and eEye Retina
- Leverage standardized enterprise-wide approach to security operations and managing computer security incidents
Systems Inventory Consulting
- We implement standardized and repeatable lifecycle processes for defining, identifying and inventorying the systems architecture and perform configuration management to improve the security of data collection tools
- We work in partnership with customers to develop a target security architecture and measure its operation and migration
- We leverage PPC Standardized Information Assurance Model (SIAM) to manage the migration of security architectures with automated inventory and asset control tools such as CA's Unicenter, NetEISS and vulnerability assessment tools such as Foundstone and eEye Retina
- Our Information Assurance experts follow all inventory and categorization federal standards
- We Comply with FIPS 199, NIST SP 800-60, SP 800-53(A), 800-30, 800-37, FIPS 200, and DITSCAP/DIACAP publications to conduct system inventory and categorization activities
Risk Management and Threat Analysis Consulting
- We strive to achieve and deliver security architectures with low residual risk and with increased capabilities for improved threat warning, pattern recognition, trend identification, and behavior analysis. Our Information Assurance engagements result in delivering systems that promptly identify external/internal malicious behavior and potential data loss, and leverage our established security processes, procedures and guidelines to mitigate any and all possible respective threats.
- We are currently providing information assurance services to the Department of Defense (DoD)
- We leverage our standardized enterprise-wide approach to security operations, and handling and management of computer security incidents
- We develop security architectures that centralize security services and their management
Privacy Management Consulting
- We protect sensitive and personal information against unlawful disclosure, meeting requirements of federal privacy laws (Privacy Act of 1974, e-Government Act of 2002, and OMB 06-16)
- We provide end-to-end solutions that ensure confidentiality and integrity of data, availability of information and systems, and user accountability
- We draw from our experience in providing Privacy Impact Assessments (PIAs) and System of Record Notification (SORNs)
Certification and Accreditation Consulting
(FISMA and DITSCAP/DIACAP)
- We apply PPC team mature processes, discipline and hands-on "know how" to execute C&A efforts (DITSCAP/DIACAP, NIACAP, NIST (800-53, 800-37))
- We have prepared and maintained over 500 System Security Authorization Agreements (SSAA)
- We provide security planning, C&A process development to ensure that management understands and can make informed operational and policy compliance risk decisions
- We develop and review security policies and procedures
- We perform security testing and evaluations (ST&E)
- We define accreditation boundaries
- We evaluate management, operational, and technical controls
- We create and track Plans of Actions and Milestones (POA&Ms)