Policy & Governance
Cybersecurity Risk Management involves identifying, analyzing, and mitigating or accepting cybersecurity risks to your organization. This begins with a cyber risk assessment, and leads to the establishment or audit of a cybersecurity risk management program. The National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) is a comprehensive, flexible, risk-based approach to risk management. We can help your organization implement any and all of these steps, from drafting a high level organizational security plan down to system specific security plans, developing and recommending implementation or transition plans, as well as audit and assessment services for existing programs and documents. Anything you need, we are here to help.
Compliance Assessment services are offered against government regulations and legal requirements for information systems. Specifically, we have experienced certified Cybersecurity Maturity Model Certification (CMMC) Registered Practitioner (RP) and Registered Practitioner Advanced (RPA). Our organizational RPO and C3PAO certification is pending as of October 2022, so we are only doing pre/post assessment consulting at this time, and not actual assessment. We are prohibited from doing both consulting AND assessment for the same organization, but can make recommendations for partners if you select Syndo to assist you with one or the other.
Cybersecurity Program Development
The NIST Cybersecurity Framework helps organizations understand and reduce cybersecurity threats, vulnerabilities, and impacts. We can help you work through the process, or do it for you, to develop your own Framework Profile for your organization.
Policy Development & Assessment is an important level of doctrine and implementation that is between strategy that is addressed in a program. It is not as specific as the tactics addressed in policy, but addresses operations. In terms of time this looks like 5 years, 1 year, and 1 day. While not as detailed as process documentation, policy documentation is important for onboarding new personnel, as well as familiarizing employees who have been around with the broad strokes of what programmatic changes will have on their week to week business operations. This can be as simple as a 1 page acceptable use policy that all employees are required to agree to, or a 60 page instruction manual covering the key authorizations required for multiple processes in a data center.
Process Development & Implementation
Standard Operating Procedures can be difficult to keep up to date if the scope gets too broad or deep. Let us help with developing Cybersecurity related process documentation tailored specifically to your organization based on industry best practice and the NIST Cybersecurity Framework.
Training is critical for cybersecurity, as Phishing consistently remains the top infection vector for attackers according to IBM's X-Force Threat Intelligence Index 2022. We can assist with training and assessments to keep your organization and employees protected against evolving threats from bad actors.
Detection & Response
Cybersecurity Incident Detection Tuning is essential, as tuning out too many events and logs may leave you blind, and tuning out too few will inundate your security appliances to the point they are not useful during live incident detection and response. Our experts have years of experience working with different collectors, aggregators, and correlation engines on some of the largest networks in the world.
Cybersecurity Incident Response
Programs, policy, procedure, training, and a well funded security infrastructure are still vulnerable to advanced attackers, and we are standing by to work with you or other partners to conduct rapid and complete incident response, securing your environment, cataloging and reversing all actions and impacts from an attacker, and restoring your environment back to full operating capability so you can back to doing business.
Digital Forensics is the practice of the scientific body of knowledge and technology used in connection with the detection of crime. Along information technology, the field changes rapidly. We seek out and retain experts with decades of experience with top government and private sector organizations, and are ready to discreetly assist your organization in gathering as much evidence as possible to maintain for internal records or assist you with Cyber Information Sharing and Collaboration and / or law enforcement for criminal prosecution.
Malware Analysis gives us additional information about the scope of an intrusions after the fact, and helps attribute intention, identify additional behaviors, and enumerate all activity to fully secure an environment following a compromise. On premise solutions such as the open source Cuckoo Sandbox, or CrowdStrike's Falcon Sandbox well, as do web based solutions such as VirusTotal and AnyRun. Manual dynamic analysis however in a virtual environment still yields further information for those with expertise, and we are standing by with all tools at our disposal to get the most comprehensive, concise, and meaningful reporting back to your organization.