Law & Forensics Defense Industrial Base practice has a team of specialists measure defense contractors’ capabilities, readiness, and sophistication in the required areas of cybersecurity. We evaluate the existing security posture, system controls, processes and identify the desired level of maturity to meet required cybersecurity standards.
Our Services
Decades of collective experience doing cybersecurity. And of course working out of the box and solving problems…
Cybersecurity Assessment
- Conduct assessments on your current state of compliance, determine your required level of future compliance respective to CMMC-AB and other federal and DoD contracting guidelines.
- Author and prepare a clear, concise plan to meet that goal ahead of CMMC or other DoD contracting audit requirements.
Tabletops
- Create and develop robust tabletops to test a company’s existing cybersecurity controls and processes and develop specific tabletop scenarios for particular DoD or federal government engagements.
- Work with companies to identify gaps and issues identified from the tailored tabletop and remediate these gaps.
- Present results of tabletops to senior leadership and board members to demonstrate the current state of the cybersecurity program.
Consulting
- Understand the goals of your organization and the current level of cybersecurity maturity.
- Review IT security policies, procedures, and other technical documents.
- Interview key business and technology stakeholders, assess the controls and processes and review the entire workflow of existing systems.
- Work with organizations to assess their readiness beyond the information security and IT teams. Evaluate the organization from a high level and distinguish the responsibilities of all systems to develop the desired maturity level to help the organization excel.
Case Studies by Industry
Aerospace and Defense Firm
Industry/Sector: Aerospace and Defense Firm
Type of Service: Create, Deliver, and Deploy an Incident Response Plan
Description: Retained by a global Aerospace and Defense company to create an incident response plan. Efforts included:
- Created an incident response plan that allowed senior IT, audit, legal, and information security stakeholders to recognize and deal with a cybersecurity incident like a data breach or cyberattack, and deploy the incident response plan across the entire enterprise and tested it using tabletop scenarios.
- Ensured that the information security team was trained to regularly train the staff with incident response responsibilities and developed the appropriate reporting and escalation procedures in coordination with the IT, audit, compliance, and legal teams.
- Worked with the IT and information security organization to set up alerts from intrusion detection, intrusion prevention, and file integrity monitoring systems.
- Assisted the legal and information security and technology stakeholders and staff with policy creation or modification to support the incident response plan.
Defense Sector
Defense Sector