Risk Management Consulting
Security Architecture Design and Implementation
Certification & Accreditation
Training and Awareness
Continuity of Operations/Disaster Recovery
Our team has provided Cyber and Information Security programs across the federal sector, NC Utilities and commercial venues to enhance the client’s capability to achieve effective operational results without reducing effectiveness due to restrictive communication protocols. The following sections summarize these capabilities and provide the foundation for Golden to build a tailored approach to safeguard and protect your vital assets.
National Institute Standards and Technology (NIST) Framework:
Golden Svcs' cyber experts have extensive experience participating in the collaborative development of the NIST Framework. Our team has effectively implemented the Framework that consists of standards, guidelines, and practices to promote the protection of critical infrastructure to protect critical assets. Golden Svcs' team members leverage the prioritized, flexible, repeatable, and cost-effective Framework approach to provide clients the capability to manage Cybersecurity risk to the lowest possible level.
As an industry leader Golden Svcs provides the foundation and understanding to work with FISMA clients to provide insight for how the NIST Framework can be used in collaboration to provide defense in depth and reduce client risk.
Risk Management Consulting:
With the ever-increasing reliance organizations have on their information infrastructure it is important to understand and manage the potential risks that exist to that infrastructure. A risk assessment is a comprehensive analysis of all factors that impact the overall operation of your information infrastructure and its impact on your ability to operate. Risk assessment is not just important with existing information infrastructures but should also be performed before designing and implementing new information infrastructures.
Golden Svcs team members have conducted risk assessments for Federal Government and Corporate entities. Our team members were picked by a Federal Government agency to perform a requirements study for their next generation supercomputers. The customer was interested in determining where to locate their next generation supercomputer system that would minimize risk. This study included sizing requirements, location requirements, energy pricing, Federal cyber security requirements, and the impact of environmental events.
Security Architecture Design and Implementation:
Whether you have an existing information system in which you wish to remediate risks or you are planning a new information system, Golden Svcs can design a security architecture taking into account existing preferences in operating system, software and service providers. Both comprehensive and component specific designs can be developed. Architecture can be designed to be NIST compliant.
Golden Svcs team members have provided detailed security architecture studies to multiple federal customers. In one study the customer wished to determine solutions for providing an integrated approach for Common Directory Services, Patch Management, Auditing, and Secure Transmission of information. This study took into account existing software, near term future software acquisitions, current and future Federal requirements, difficulty of implementation, inter-operation across the organization and cost. In another study, the customer wanted a security review of its border gateway routers’ security configuration settings and a design of an improved configuration that would reduce risk. We successfully performed the study and provided comprehensive results to facilitate the client’s success.
Active monitoring of the information infrastructure is required to maintain a secure system. This includes monitoring of audit logs, configuration files, system integrity intrusion detection systems output, and internal traffic flow. Golden Svcs can provide monitoring services as well as consulting on the various software options for automating the process.
Golden Svcs extensive experience provide the foundation for our team to provide capabilities to design, build, and operate Security Operation Centers (SOC) that will provide real-time situational awareness for the information infrastructure. Golden staff members have extensive experience in SOC development, implementation, and operations.
Cyber Security is a highly dynamic field with new vulnerabilities being discovered daily. Each of these vulnerabilities has the potential of significantly affecting the security of your system. Vulnerability scanning and patch management is essential to maintain a security information infrastructure. Golden Svcs has conducted vulnerability assessments for both Federal Government and Corporate entities. Golden can provide vulnerability scanning as well as patch management services for clients.
A penetration test differs from a vulnerability assessment/test in that in a penetration test the vulnerabilities are not only assessed but they are also exploited to validate they are accessible. Further, a penetration tests determine how far a hacker can penetrate your defense and can validate the potential damage can be done to your system. Golden performs penetration tests for both federal agencies and corporations.
Certification& Accreditation (C&A):
Our Certification and Accreditations program is designed for systems that must meet federal cyber security requirements. The C&A is based on the NIST 800-53 and 800-53A standards and includes; risk assessment, vulnerability assessment, testing, and critical systems penetration test.
Golden Svcs team members have performed numerous Certification and Accreditation’s for Federal customers and for companies that require NIST certification.
Training and Awareness:
Training and cyber security awareness seminars are essential in creating awareness of cyber security issues and their impact on organizational functionality. Untrained employees are easily susceptible to social engineering attacks and are less likely to detect insider attacks. Golden’ team members have extensive experience in providing professional seminars, complete courses of instruction, and designing comprehensive training programs/plans.
Continuity of Operations/Disaster Recovery (COOP/DR):
Having a continuity of operation plan (COOP) is essential in ensuring critical operations that can continue in the advent of an environmental and/or cyber event that brings down your primary information systems. Golden can develop a comprehensive plan to ensure continuity of operations and minimize time to reconstitute the primary information systems. Additionally, we can evaluate your existing plan and provide value added recommendations to enhance effectiveness and mitigate vulnerabilities.
Golden Svcs' goal is to provide a diverse yet focused portfolio of services executed through a team of professional associates who are vested in our goal and dedicated to provide quality services at a market competitive value. Our associates are recognized experts in their professional field and bring tremendous background, experience and knowledge to enhance our client’s capability. Golden Svcs provides comprehensive physical& cyber security services that include:
Golden Svcs provides a comprehensive range of cyber security services to identify and mitigate risk in your information infrastructure from cyber-attack and environmental disasters. These services include the complete life cycle from risk analysis, developing a secure architecture, developing an integrated cyber security software suite, policy and procedure development, implementation, monitoring, and compliance testing. Dr. Stephen Batsell leads the Golden Svcs team and is a renowned subject matter expert with over 20 years’ experience in cyber security, information assurance, and related topics.
Copyright 2013 - 2017 - Golden Svcs, LLC. All rights reserved.