Consulting Services

Project-Based Services & Consulting to Improve Your Security Posture

Cyber Security Advisory Services (CSAS) provides clients with affordable professional cybersecurity services and advice. Cyber Security Advisory Services gives you the visibility and insight you need to improve your cyber security posture, prepare you for an upcoming audit or certification, or put processes and controls in place to identify and mitigate risk.

Consulting Services are project-based engagements to ensure proper consideration is given to maintaining an acceptable level of risk and compliance within an organization.

Your organization will benefit from Cyber Security Advisory Services if:
  • You are subject to industry or vendor compliance requirements, such as CMMC, HIPPA, or PCI DSS
  • You do not have a dedicated IT security team or full-time CISO
  • You need to protect sensitive information that may be handled by both internal employees or third-party vendors
  • You need to test your cyber breach response plan
  • You are subject to fines or loss or business due to non-compliance
Passive Discovery Assessment:

A passive discovery assessment aligns technical assessment activities with cyber security controls to uncover and prioritize cyber security vulnerabilities, threats, and risks as relevant to the client’s business model. We provide customized recommendations, also known as safeguards, that are specific, measurable, and practical to implement. We work to drive the notion of prioritizing the most important risks and keeping the focus on what needs to be done immediately.

A typical assessment entails the following:

Technical Assessment

  • a. Uncovering threats and risks associated with firewall and intrusion detection capabilities
  • b. Discovery and classification of assets connected to the wire
  • c. Vulnerability scanning of hosts and applications
  • d. Analysis, and reporting

Controls Assessment

  • a. Decide what controls framework to assess against
  • b. Determine the target state of security controls client are looking to attain
  • c. Use a variable data collection and verification process to do a detailed breakdown of the target controls

Risk Analysis

  • a. Identify the highest risks to the business-critical processes
  • b. Determine if the risk is the highest priority risk
  • c. Help the client assign appropriate risk to identified vulnerabilities and threats
  • d. Ensure that prioritization aligned to business needs can be made with more clarity to available budgets and resources
Domain-Specific Program Development:

The development of high-value cyber security domain programs is common within large enterprise or government agencies where the organization is structured in relation to security capabilities: Incident Response, Data Protection, Threat Intelligence, or Situational Awareness. In certain cases, a customized or hybrid program may be required beyond a single domain-specific program.

Domain-specific programs can include:

Data Protection Program
Data Protection Framework and Implementation Planning

Threat Awareness Program
Development of Threat Awareness and Advanced Forensics Capabilities
Design and deployment of Treat Intelligence Platform (TIP)

Incident Response (IR) Program
Design the practical IR guidelines, processes, and procedures to respond to incidents effectively and efficiently

Cybersecurity Controls Maturity Assessment:

A maturity assessment helps clients evaluate the current state of cybersecurity policies, practices, procedures, and controls defined within their chosen controls framework.

A typical assessment entails the following:

Assess

  • a. Document the client’s current state of deployed and institutionalized Cyber Security controls, practices, and processes as defined in the framework
  • b. Understand procedures for minimizing risk

Identify gaps between current state and the agreed upon target state

Recommend actions and priorities to support necessary functionality and close gaps with high-level project estimates regarding Level of Effort (LOE) for each track, including:

  • a. Time
  • b. Technical resource needed
  • c. Technologies
  • d. Capital Costs
  • e. Total Cost of Ownership (TCO)
  • OPTIONAL: Risk Analysis, per domain

*Additional time and cost will be added to the project if a Risk Analysis is part into the scope of services

CMMC Readiness Assessment & Remediation Services:

The Cybersecurity Maturity Model Certification (CMMC) Readiness Assessment is a pre-audit readiness exercise that evaluates all in-scope processes, practices, and controls against a target Maturity Level (ML). The target level may not be known initially and is dependent on gaining a thorough understanding of the type of information the client processes and handles in respect to Department of Defense contracts.

Atlantic Data Security is a Registered Provider Organization (RPO) with the CMMC Accreditation Board. As an RPO, we are part of the CMMC ecosystem and provide advice, consulting, and recommendations to our clients.

An overview of the CMMC Readiness Assessment:

Assess

  • a. Document the client’s current state of deployed and institutionalized Cyber Security controls, practices, and processes as defined in the framework
  • b. Understand procedures for minimizing risk

Identify gaps between current state and the target ML state

Recommend actions priorities to support necessary functionality and close gaps with high-level project estimates regarding Level of Effort (LOE)

  • a. Time
  • b. Technical resources needed
  • c. Technologies
  • d. Costs
  • e. Remediate controls to close gaps
  • f. Prepare client to meet audit

As an approved RPO, we are now offering a complimentary, self-administered CMMC Readiness Assessment “Lite” . This is a pre-audit readiness assessment to evaluate in-scope processes, practices, and controls against a target Maturity Level (ML).

Click here for more information to view the Self-Administered Assessment form



Our Latest Articles

Atlantic Data Security included on the 2022 Inc. 5000 List

Award Press Release

Atlantic Data Security Recognized as No. 87 on the 2022 CRN® Fast Growth 150 List

Award Press Release

Rip and Replace

Blog

Atlantic Data Security Announces Hiring of Cristelle Michael as Vice President of Marketing

Press Release

CRN Recognizes Atlantic Data Security on 2022 Solution Provider 500 List

Award Press Release

Atlantic Data Security continues its investment to accelerate market expansion with the appointment of Scott Kasper as Executive Vice President and General Manager

cybersecurity
Request a Meeting with Us
Skip to content