MCGlobalTech Consulting Service Presentation

Mission Critical Global Technology Group

Information Security and Technology Management Consulting

Rationale for MCGlobalTech Security Services

• Open technologies and networked systems used by industry are a likely target for malicious cyber activities because they are easily accessible, have a wide installation base and detailed information is available on the Internet.

• Internet-based attacks can wreak havoc on your organization. You are connected with customers, vendors, suppliers and governments, and are entrusted with vast amounts of sensitive data such as intellectual capital, proprietary information, etc.

• Your organization can be a leader in responding to new cybersecurity threats. Strong governance and a mature information security program that draws on industry-driven best practices can significantly improved cybersecurity posture.

The protection of IT infrastructure is critical to the manufacturing, industrial, healthcare, science and defense industries. All organizations must protect their systems from attacks that can negatively affect operations, services and put proprietary information at risk. An organization’s information security posture can be increased through our Enterprise Security Maturity Program. We help you better understand and comply with industry standards and federal regulations.

The Security ChallengeInformation Security challenges all organizations face:

• Organizations in practically every industry are under immense pressure to improve quality, reduce complexity, increase efficiency and better manage IT expenses;

• Information Systems and data exchanges are vital components to meet these growing challenge, however, the adoption of technology introduces an abundance of security risks;

• Growing risks and liabilities, including unauthorized access, data breaches, regulatory violations, new technology implementation, etc.;

• Strong IS governance, oversight, and a thorough understanding of regulatory requirements, industry standards, and best practices is required to reduce and mitigate the risk of successful cyber crimes;

General obstacle to overcome these challenges include but not limited to:

• Redundant and inconsistent requirements and standards;

• Confusion surrounding implementation and acceptable minimum controls;

• Inefficiencies associated with varying interpretations of control objectives and safeguards;

• Increasing scrutiny from regulators, auditors, underwriters, customers and business partners;

• Lack of highly trained cyber security staff to address information security needs.

Overcoming The Challenges

To effectively manage information security, a strong Information Security strategy must be put in place. The strategy should focus on three elements – People, Process and Technology.

• People are the cornerstone to every security program. Having proper leadership, competent security staff and trained users ensures security is adequate considered in all business operations.

• Process ensures the appropriate security practices and procedures are developed, implemented and maintained to support in support of a well-defined security governance framework.

• Technology ensures that the appropriate security controls are in place to protect your environment from all assessed threats, vulnerabilities, and resulting risks.

The recognized importance of information security and compliance has seen significant growth in recent years. With the integration of networked business systems, comes the risk of malicious software and the malicious acts of cyber criminals. With constantly changing technology and the Internet, the security risks are greatly increasing. All industries have challenges mitigating security issues.

Corporate Overview

Mission Critical Global Technology Group is a minority owned, small business founded by industry leaders  who take an agile, innovative and practical approach to problem solving in the ever changing world of information technology and security. Our experts combine many decades of  experience in industries such as Finance, Health Care, Manufacturing, Insurance, Education, Federal, State and Local Government agencies. Our expertise, professionalism and client-focused approach are distinguishing characteristics of our company.

Vision

Our vision is to build a Global Information Security and Technology Infrastructure Management Firm based on quality people, quality processes and passion for benefiting our clients.

Mission

We dedicate ourselves to the mission of providing the highest quality, meticulously planned, customized and innovative information technology and information security solutions to assist client organizations increase productivity, protect investments and comply with applicable security regulations through research, innovation, and expert consulting services.

Consulting ServicesGovernance Risk Compliance or Management

MCGlobalTech assesses the gaps between your existing security posture, regulatory requirements, industry standards and best practices. We provide expert services in implementing necessary cost-effective controls and procedures unique to your business environment. We will assist you with achieving and maintaining compliance through assessments, remediation, continuous monitoring, and staff training.

Our expertise include but are not limited to the following federal regulations and Industry Standards.

• HIPAA COBIT• GLBA SAS70• FISMA NIST• PCI ISO 27001,2• ISA99

Enterprise Information Security Solutions and Services (Security Management Program)

MCGlobalTech  Enterprise Security Assessment methodology  comprises of a full information security program review. This includes all procedural, technical and non-technical security initiatives of the organization as a whole. Our methodology allows for a comprehensive Network, Systems and Applications security audit. The goal is investigate and identify all internal and external  threats and  vulnerabilities. We help our clients develop, implement, and maintain reality-based effective and cost-friendly risk management strategies.

Consulting ServicesCloud Computing Security Services

MCGlobalTech helps you navigate the ever expanding maze of cloud computing security options required for your remote applications, systems and infrastructure hosting needs. With the current lack of industry security standardization, each cloud provider provides a differing level of security controls. We help you audit your existing in house and remote infrastructure; and design minimum system security requirements to protect your sensitive data that is hosted outside your organization’s security boundaries. Cloud Computing Security Services Include the following services:

• Cloud Vendor Security Assessment

• Cloud Migration Assistance

• Cloud Infrastructure Security Assessment & Mitigation Service

Information Technology Infrastructure Management Consulting

MCGlobalTech provides executive level IT management consulting to help you manage and address your IT infrastructure needs. We will help you align your information technology infrastructure organization with your operational and strategic business goals. Our Information Technology Management Consulting Services include:

• Business/ IT Alignment Consulting IT Governance Consulting

• Virtual/Interim CIO Services Program Management

Management

MCGlobalTech Full Lifecycle Service DeliveryFour Customizable Phases

IS/IT Team

Stakeholders

Enterprise Information

Technology/Security Program

Management

Day-to-Day Operations and Management

P1: Assessment

Work with stakeholders

Develop Gap AnalysisP2: Planning

P3: Implementation

P4: Continuous Monitoring

Recommendation / Gap Remediation Plan of Action

People / Process /

Technology Integration

Assess Current IT / IS Posture

Monitor Performance / Controls / Metrics

MCGlobalTech Full Lifecycle Service Delivery

Assessment

Deliverables

Gap remediation project plan

Assessment gap analysis and recommendations based on regulations, standards, and best practices for industry

Executive reporting of gap remediation progress

Key Activities

Review governance model, policies, procedures, standards and practices

Baseline assessment of current security posture

Baseline assessment of IT infrastructure

Develop gap remediation Implementation project plan in accordance with organization stakeholders

Program management of gap remediation plan

Remediation tracking

Develop Information Security Program

Improve IT infrastructure management

Our standard approach includes:

A security framework; A maturity model assessment; A gap analysis based on industry

standards and best practices; A service deliverance model that

includes governance, policies, InfoSec Program;

Recommendations; Remediation assistance.

ProjectKeyActivates

Week 1

Week 2

Week3

Week

4

Week 5

Week6

Week 7

Week8

Week 9

Initiation Scope Fact Finding Assessment

Planning Gap Analysis Remediation / Strategy InfoSec Prog.

Implementation PM Assist Reporting

Example Engagement Project Plan

The timeline will vary according to the type, scope and complexityof client business, IT infrastructuremanagement and security requirements

Implementation

PlanningContinuous Monitoring

Monitor security program & operations

Monitor IT infrastructure management

Recommend continual program & operations improvements

Periodic assessment & continuous advisory support

Process Improvement

MCGlobalTech Positioning Statement• Managing security risks, compliancy to federal regulations and industry standards,

classifying information, IT governance and policy development, requires organizations to better understand and control governance, processes, and security measure, while supporting existing business operations.

• Organizations are starting to take steps to implement integrated solutions to address this need and this trend is likely to continue or accelerate in the years to come. Therefore, an independent Information Security Program Assessment should be performed to determine the organization's security posture, security gaps, and necessary corrective actions.

Services offered to help you better manage your Security and IT Infrastructure: 

• Security Governance, Risk & Compliance Assessment Services

• Enterprise Information Security Management Services

• Cloud Computing Security Management Services

• IT Infrastructure Management Services

MCGlobalTech Summary Cont.Core Competencies

Governance & Compliance

Enterprise Information Security

(EIS)

Cloud Computing Security Services

IT Infrastructure Management

Services

IS Governance & Policy Review

CIO / Director Level Advisory

Develop / Review Cloud Security Governance & Policies

IT Infrastructure Management Assessment

Security Strategy & Process Development

Enterprise Information Security Program Implementation

Develop Cloud Computing Security Program

IT Infrastructure Gap Analysis

Federal Regulation Compliance Assessment(i.e., FISMA, NIST, GLBA, HIPAA)

Enterprise Information Policy Review

Perform Deep Dive Cloud Security Assessment

IT Infrastructure Management Planning

Industry Standards Compliance Assessment(i.e., PCI DSS, ISO 27001,2, ISA99, etc.)

Security Measure & Controls Assessment Against Industry Standards

Security GAP Analysis IT Infrastructure Management Remediation

Security Measure & Controls Assessment Against Industry Federal Regulations

Manage / Implement GAP Remediation / Continuous Monitoring

IT Infrastructure Management Monitoring /Improvement

Contact Us

Mission Critical Global Technology Group1776 I Street, NW

9th FloorWashington, District of Columbia 20006

Phone: 571-249-3932Email: [email protected]

 William McBorrough

Morris CodyManaging Principal

Managing [email protected]

[email protected]  

Contact Us

Mission Critical Global Technology Group1325 G Street, NW

Suite 500Washington, District of Columbia 20005

Phone: 202.355.9448Email: [email protected]

 Eugene E. Dorns

Morris CodyManaging Principal

Managing [email protected]

[email protected] (202) 355-9448 x102

(202) 355-9448 x100(703) 868-1873 (cell)

(302) 740-2022 (cell)