Security Operations

Compass provides a wide variety of Security Operations expertise to assist an organization’s Information Security Program, ranging from Enterprise-level concurrent staffing of dozens of highly qualified security experts to individualized, custom staffing for specific security operations needs. We can help build, mature, and staff Security Operation Centers (SOCs) for our clients, including, Information Security Program/Project Management Offices (PMO).

Compass-icon

Vulnerability Management
Compass-icon

Incident Response
Compass-icon

Data Loss Prevention
Compass-icon

CISO-as-a-Service

Vulnerability Management

A solid vulnerability management program (VMP) consists of a blend of seasoned security experts working with automated tools at different levels (network, application, database, etc.) to provide solid defense-in-depth. 

A VMP also has a solid foundation set in policies, processes and procedures and has the ability to be proactive – able to identify, report and mitigate vulnerabilities before they are exploited, and reactive – able to identify potentially vulnerable IT assets in support of incident response and Cyber Hunt activities.  

Compass also manages and implements federal agencies’ Continuous Diagnostics and Mitigation (CDM) Programs. We offer a wide breadth of security professionals capable of working with top scanning tools to provide:

  • Network-level Vulnerability scanning and analysis
  • Application-level Vulnerability scanning and analysis
  • Database-level Vulnerability scanning and analysis
  • Configuration Management compliance scanning and analysis
  • Hardware and Software Asset Management scanning (HWAM / SWAM) and analysis
    • Network Asset Management (NAC)
  • Penetration Testing and Vulnerability Assessment
  • Vulnerability Management policy, procedure and process creation
  • Vulnerability Remediation (patching, configuration change management)
  • Automated Risk Management (Identification, tracking, remediation, acceptance) 
  • Status Reporting at various levels (C-level, Technical level, business unit level, etc.)

Incident Response

An Incident Response Program (IRP) has clear-cut policies, procedures and processes in place that clearly dictate how a security incident should be handled, from initial identification to analysis to containment to closure. It includes defining clear lines of responsibility and reporting to the C-level and the technical teams who are a part of the investigation. 

It requires organizations to be able to identify, respond-to and handle information security incidents as they occur, but is also proactive and able to identify potential incidents based on data received from external sources or other areas of the organization’s Information Security Program.

Compass has experience in:

compass-logo-icon-teal

Building the IRP Program so it is properly staffed with trained individuals, automated tools and has clear policies, procedures and guidelines

compass-logo-icon-teal

Incident Detection and Analysis

compass-logo-icon-teal

Incident Handling (Containment, Eradication and Recovery)

compass-logo-icon-teal

Cyber Hunt (Proactively looking for potential indicators of compromise or organizational weaknesses)

compass-logo-icon-teal

Post Incident Activities (lessons learned and adjustments to the Program to minimize the likelihood and impact of another incident in the future)

Data Loss Prevention

Data Loss Prevention (DLP) focuses specifically on identifying and protecting the data that is most important to an organization, typically personally identifiable information (PII), financial data or other sensitive/confidential data (such as pre-published research).

Protections need to be put in place to minimize the likelihood of unintentional disclosure of this data outside the controlled internal environment and also protect against targeted attacks that are trying to identify and exfiltrate the data.

Compass has deep experience architecting, implementing and staffing DLP Programs of various sizes, working with the top DLP tools in the market. We can provide DLP services that include:

  • Data at Rest
  • Data in Motion
  • Data in Use
shield-check

CISO-as-a-Service (CaaS)

Many smaller organizations understand that they need to be proactive in regards to Information Security, but are under-staffed or do not have the breadth of expertise required to adequately address their security needs.  

Compass’ CaaS helps organizations understand their IT security risks and compliance requirements without having to make deep investments into full-time security staff.  

We provide part-time senior level Program Manager staffing, along with access to a deep talent pool of security experts who are trained in all the security disciplines.  

We support the C-level executive with CISO-level expertise and also provide technical, analytical and security documentation services on an as-needed basis. We learn the priorities and goals of each business, including the role of IT, by attending executive meetings, conducting interviews, and reviewing security documentation.   

Typical services can include the following:

  • Strategic support, including Risk Management and IT Security Compliance 
  • Information Security Program Management and Development
  • Security Documentation creating, updates and management
  • Security Operations Support (part-time)

Benefits and Outcomes of Engagements

Integrated Security Operations

Ensure your Information Security Program is working in a cohesive manner and avoid stovepiped Programs. Maximize ROI within matrixed organization that has clear lines of accountability.

Defense In Depth

Arrange your Information Security Program to maximize your protections through different tools, services, policies and capabilities.  Make it more difficult for the bad guys to successfully infiltrate your network and reach your critical data.

Mature Vulnerability Scanning

Provide vulnerability and configuration compliance scanning at multiple levels: network, application and database.

Protect your data

Implement DLP to add an extra layer of defense around your most critical data.  Identify the ‘crown jewels’ of your business and set protections to reduce the likelihood of successful attacks.

Save money while remaining diligent on IT Security

Allow Compass to provide part-time senior IT Security Program Managers and technical staff to allow smaller companies to remain focused on core business and not sink unnecessary funds into IT Security.

Establish a Proactive AND Reactive Information Security Program

Get ahead of IT Security by understanding where highest IT Risks reside (likelihood and impact).  Proactively implement and monitor defenses, while also establishing capabilities to quickly and effectively react when inevitable hacks or breaches occur, minimizing the damage.

hand-earth

Real World Examples

  • NIH OCIO Security Operations

    +

    Since the start of our company in 2011, Compass Federal has been providing Information Security Operations support to the National Institutes of Health (NIH), Office of the Chief Information Officer (OCIO) Enterprise Information Security Program. 

    Responsibilities & Accomplishments

    • We have helped build and mature what was a small, niche Program into a full Security Operations Center that supports all 27 NIH Institutes and Centers (ICs). 
    • We developed and staffed the NIH Vulnerability Management Program, deploying and managing all the scanning and DLP tools and conducted over 30 Penetration Tests annually. 
    • We manage the NIH A&A and Risk Management Program and led the development of the NIH Continuous Diagnostics and Mitigation (CDM) Program.  
    • We helped build the first Information Security Program Management Office (PMO) that integrated the different Security Programs into a cohesive business unit.

  • CISO-as-a-Service

    +

    Compass provides CISO-as-a-Service for several smaller commercial organizations who are required to produce annual Security Controls Assessments and maintain Security Documentation to remain compliant with FISMA requirements on their federal grants and/or contracts. 

    Responsibilities & Accomplishments

    • Our seasoned Program Manager serves in the role of a part-time Chief Information Security Officer (CISO), meeting on a weekly basis with senior managers to understand their priorities and to provide proactive advice on how to best implement IT Security tools, techniques and best practices.  
    • We manage A&A and Compliance efforts by creating security documentation and managing security audits.  
    • We make recommendations on new vulnerability and configuration management scanning tools to help these organizations understand where their IT assets reside and the current risk posture of their organization.  
    • We manage Plans of Actions and Milestones (POAM) remediation activities to reduce the risks and make the companies more security.

Please contact us to discuss ways to understand your organization’s IT risks and to help strengthen and build your Information Security Program.

Contact Us