Our experts create, document, coordinate, integrate and manage all protection efforts to defend and protect every aspect of our customers’ programs against vulnerabilities and points of failure. From acquisition support to defining access controls to establishing strategies for classifying and handling information, we understand that protecting critical programs, systems and missions requires a methodical, proven approach to determining, documenting and managing what needs to be protected and how.
ENSCO Cybersecurity Program Planning includes:
- Program Protection Planning — Document technology, components and information throughout acquisition, design, development, delivery and sustainment according to DoDI 5000.02 PPP Outline & Guidance and NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations policies and principles
- Policy/Procedure Review — Access control policy, business continuity/ disaster recovery, data breach and disclosure policy, end-user agreements and acceptable “use” policy, acquisition policy, remote access, web application security policy, cyber incident handling, Risk Management Framework, and Information Technology Infrastructure Library (ITIL)
- Cyber Supply Chain Risk Management (C-SCRM) — Provide strategies and continuous assessment to reduce risk from threats and vulnerabilities of acquired and deployed assets according to NIST SP 800-161 Supply Chain Risk Management Practices for Federal Information Systems and Organizations policies and principles
- Chief Information Security Officer (C|CISO) as a service — Provide certified leadership roles for organizations unable to permanently field this executive position. C|CISO will provide critical knowledge and security decision-making in an advisory role. Gain executive cybersecurity counsel for recommendations in cybersecurity enterprise strategy, control and mitigations, policy design, and long-term technology roadmaps
Our extensive knowledge of DoD Policies & Instructions includes Protection of Mission Critical Functions to Achieve Trusted Systems and Networks, Operation of the Adaptive Acquisition Framework, Critical Program Information (CPI) Identification and Protection Within Research, Development, Test, and Evaluation. We leverage this knowledge and experience to provide military-grade protection to commercial businesses.