Cybersecurity and Security Assessments are the focal point of CISEVE's offerings. We can evaluate you, test you and certify you.
An evaluation of where your organization is versus where it needs to be, whether is to satisfy a regulation, contract requirement or you just want to improve your organization’s security posture.
NIST SP8OO-171 SPRS
An industry standard used as a requirement for DoD contractors (DFARS 252.204-7012, 7019 and 7020). The guide breakdowns security requirements for organizations into 14 families with a total of 110 controls that must be implemented.
Cybersecurity Maturity Model Certification (CMMC) is the newest security model being rolled out by the DoD. The model assigns maturity Levels to organizational systems on whether they have FCI only (Level 1) or CUI (Level 2). The requirements are broken down into practices and processes.
Cybersecurity Maturity Model Certification (CMMC) Third-Party Organization (C3PAO) is a DoD designated organization that is authorized to assess and certify organizations within the DoD supply chain.
STATE AND LOCAL
The current Federal Information Security Modernization Act (FISMA) of 2014 requires government agencies to certify and accredit their systems. NIST SP 800-53 is the standard used for the evaluation and assessment of the systems.
Scanning - Pen Testing
Vulnerability Scanning and/or Penetration Testing are great tools for evaluating your organizations weaknesses. Vulnerability Scanning identifies potential weaknesses, while Penetration Testing is the identification and exploitation of system weaknesses.
State and local jurisdictions control and maintain their citizens information which must be protected. They should maintain good cybersecurity hygiene based on a layered Defense in Depth approach.
Industrial control system (ICS) is the general term that includes several types of control systems, including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and Programmable Logic Controllers (PLC) that operate utilities, manufacturing, transportation, and environmental systems.
There are many different ISO Standards out there, sometimes it can be hard to understand which ones are the most suitable for your business. While some are industry-specific, many of the most popular standards are generic and can be implemented into an organization no matter what sector it is in. If you are not certified to any ISO standards and are interested in a certification, or want to add more, please contact us about our ISO Services.