Cybersecurity is one of the core service lines within Business Integra (BI), and our company’s security service portfolio covers the full landscape of information security needs of our clients. We have the very best information security resources in the business that have supported just about every industry imaginable. We are currently supporting the FAA, the NRC, the IRS, NASA, the Centers for Medicare and Medicaid Services (CMS), the National Association of Child Care and Resource and Referral Agencies (NACCRRA), and DOS with their incident response, threat hunting, information security, security validation, FEDRAMP compliance, cloud security, and vulnerability management objectives. In addition, Business Integra was proudly selected as a prime cybersecurity provider for Navy SPAWAR. We have offerings in all aspects of information security such as penetration testing, enterprise security architecture, security policy development, implementation services, and federated identity management; furthermore, we have specialized abilities in security automation, threat hunting, and applied threat intelligence and experience implementing the NIST Cybersecurity Framework (CSF) for hybrid and traditionally structured enterprises.
In the environment of persistent, advanced cybersecurity stresses and attacks, cyber resiliency combines a strategic, flexible approach: anticipate, withstand, recover, and adapt.
To be effective, cyber resiliency must be applied and communicated across all levels of an organization. Cyber resiliency, as documented in the NIST 800 series of publications, supports the link between risk management decisions and the organization’s risk management strategy. At every level, cyber resiliency elevates the importance of communication, informed action, and reporting. The result is that dynamic risks are continually and safely managed, operations are secured, and trust is maintained.
What does it mean to put a strategy for cyber resiliency into practice?
Cyber resiliency requires a comprehensive risk management strategy:
- Frame the cyber threats
- Set strategies to achieve cyber resiliency goals
- Select factors to prioritize and interpret cyber resiliency objectives at the mission/business level and at the system level
Security Automation Adoption Service
The Need For Speed: Automated malware attacks like WannaCry, NotPetya, and as far back as SQL Slammer (2003) spread globally and were executed at a phenomenal rate, nearing machine speed (near light speed). If some attacks have spread across the entire globe in under 10 minutes, how much of our network can be compromised while our Change Control Boards are consulted for approved responses? The answer, “All of it”.
- Can be fully automated.
- Can benefit from human-triggered automation.
- Are not appropriate for automation but could benefit from automated data enrichment.
We design, build, test and implement these new capabilities, and offer complete training and on-demand support. We also offer the operation of the Automated Courses of Actions (ACOA) as a service – AaaS. Our customers then benefit from a much faster containment of attacks and malware spread, and it frees their analysts from administration tasks, in order to focus on security-related tasks more fully.
Threatelligent Hunting: Business Integra Intelligence-Driven Threat Hunting (BIT Hunting)
The best detection tools don’t matter without threat hunting.
Would you build a dome around a city as the only measure to keep mosquitoes out? No. Because some mosquitoes are already living inside, and there are other vectors like rivers that allow them in. So even a perfect perimeter detection and prevention capability – if there were one – is not enough. It is imperative to continue looking for what is already there and what has come in using unexpected vectors. Business Integra’s Threatelligent Hunting (BIT Hunting) integrates into your security operations processes and is fed by your tools and logs, as well as by the threat intelligence feeds that are available in your environment. The Business Integra Threatelligent Hunting solution is also equipped to feed directly to your security infrastructure, meaning that as soon as a new vector of attack, malware component, or vulnerability is discovered, your defenses will be updated to keep that from happening in the future. BIT Hunting is available as a service or as a Turn-Key deliverable.
Insider Threat Deterrence Program – Detect protect and Correct cycle
At BI, we take an integrated approach to our cyber work – a contextually aware, intentionally-engineered solution. We anticipate potential threats and prepare for response to them using varied resources that morph and shift to change the attack surface. Strategy, Recovery, and Adaption techniques are customized to the situational needs of the customer. Strategy options for withstanding threats include absorption, automatic repairs, deflection of certain events, or discarding system elements were beneficial to the reduction of threats without negatively affecting other assets. Recovery strategies employed are varied as well, including reversion, reconstitution, and replacement. Correction of controls to compensate for identified vulnerabilities and redefinition of system requirements/architecture/configuration/processes are used as adaptation strategies.
In the management of a customer agency’s risk levels, the limitation on cyber resiliency solutions depends on an individual organization’s risk mitigation philosophy, the types of external coordination they’ll participate in, and whether and how deception can be used. Together, these strategies and supporting techniques make the organization agile, resilient, and coordinated in an era of persistent and sophisticated cyber risk. Throughout the system’s life cycle, trust is protected.
Applied Threatelligence (Operationally Applied Threat Intelligence)
Threat intelligence shines a light in the darkness when it comes to knowing your enemy. But few organizations know how to make a tangible difference in their security with threat intelligence. Business Integra’s threatelligent offerings monitor and consolidate threat feeds to find the adversaries that can hurt you severely. They also apply that information directly to your individual operations and tool sets and give you very specific directions on what to do to protect your organization. These services not only make you more secure but also serve as excellent sources of budget justification. Business Integra can advise on how to cover areas of your organization that do not yet have sufficient defensive capabilities. These offerings are also one of the inputs to the Business Integra Intelligence Driven Threat Hunting service. All Business Integra offerings are available as services or as Turn-Key deliverables.
SOC Optimization Service – Detect, Protect, and Correct
SOC Optimization is a BI offering that leverages expertise in global best practices for security operations, such as the NIST Cybersecurity Framework, the ISD 35, the CIS 20 and others in order to evaluate your organization for areas of increased effectiveness and reduced costs. We align our recommendations with the cyber kill chain steps and provide a plan that will take your organization from its current state to its optimal state. We also synchronize the roll-out timeline to your budget and priorities, whether those priorities come from our Threat Intelligence Service recommendations or from your own leadership. If needed, Business Integra also offers delivery options that offload the majority of SOC Transformation duties from your staff, allowing them to continue normal duties while our experts set up your new Information Security capabilities and processes. Our staff will train and support your staff in transitioning to the Turn-Key new SOC tools and methods, or they can remain in place as long as needed.