SlideShare a Scribd company logo

MCGlobalTech Cyber Capability Statement

William McBorrough, profile picture
William McBorrough

MCGlobalTech is an information security and IT infrastructure management consulting firm that provides a wide range of cybersecurity services aimed at addressing complex security challenges. With over 25 years of experience, their offerings include full life-cycle security support, security assessments, continuous monitoring, and risk management, tailored to meet the unique needs of clients in various sectors. The company emphasizes strong values and innovative solutions to ensure client satisfaction and strong security postures while maintaining compliance with regulatory requirements.

Business
Related topics:
Information Security Risk-Management
1 of 10
Downloaded 12 times
1
2
3
4
5
6
7
8
9
10
Mission Critical Global Technology Group Cybersecurity Capability Statement MCGlobalTech 1325 G Street, NW Suite 500 Washington, D.C 20005 | Phone: 202.355.9448 | www.mcglobaltech.com
1 MCGlobalTech 2015 Proprietary Material Table of Contents ABOUT MCGLOBALTECH.................................................................................2 FULL LIFE-CYCLE SECURITY SUPPORT ........................................................3 CYBER SECURITY ASSESSMENTS .................................................................3 SECURITY AUTHORIZATION ............................................................................4 SECURITY CONTINUOUS MONITORING .........................................................4 SECURITY RISK MANAGEMENT ......................................................................5 SECURITY ENGINEERING.................................................................................6 SECURITY ARCHITECTURE SERVICES ..........................................................6 NETWORK SECURITY........................................................................................6 MCGLOBALTECH’S MANAGEMENT EXPERIENCE........................................7 CERTIFICATIONS ...............................................................................................8 CORPORATE DESIGNATIONS..........................................................................8 NAICS CODES ....................................................................................................8 CONTACT INFORMATION .................................................................................9
2 MCGlobalTech 2015 Proprietary Material Staff Skills Success About MCGlobalTech Mission Critical Global Technology Group (MCGlobalTech) is an Information Security and IT Infrastructure Management Consulting firm founded by industry leaders who combine decades of experience in industries such as finance, health care, manufacturing, insurance, education, federal, state and local government agencies. The Principals at MCGlobalTech have provided Information Security services to private sector industries, state and federal government agencies for over 25 years. MCGlobalTech provides security services and solutions to solve a myriad of complex security challenges facing our clients. Through our corporate and personal work experiences and the extensive experience of our partners, MCGlobalTech delivers leading edge, cost-effective security solutions to meet any budgetary requirements. Our mission is to be a trusted provider of information technology services and solutions with core competencies in cybersecurity, information assurance, security engineering, risk management and security program and project management. Our proven methodologies and scalable solutions help our clients achieve maximum return on their investment. At MCGlobalTech, we believe that strong values create long-term relationships with our customers, employees, partners and the communities we serve. At the heart of everything we do, our corporate values are: • Providing customer satisfaction • Delivering innovative solutions • Empowering staff for success • Maintaining technical excellence MCGlobalTech consultants provide a number of innovative services and solutions to produce a comprehensive risk based protection strategy to protect our client’s data and mission critical systems. By partnering with MCGlobalTech, you can be assured of a tailored security program that fits your unique business requirements instead of a cookie cutter – canned solution. MCGlobalTech also partners with other service providers such as industry- focused corporations, technology vendors and security organizations to enhance and balance our portfolio of services. The time and cost savings achieved from the MCGlobalTech proven Assess-Plan- Implement-Monitor, (APIM) service delivery methodology allows organizations to spend more energy and resources in addressing their specific risks. Our professionals assist organizations in applying the results of vast industry knowledge base to their unique business requirements so that potential gaps can be identified
3 MCGlobalTech 2015 Proprietary Material and addressed accordingly. Security should never exceed the cost of the actual asset you are trying to protect! If your business can benefit from this type of innovative partnership, add MCGlobalTech to your team of professionals. Full Life-Cycle Security Support MCGlobalTech provides full life-cycle information security support to ensure that federal agencies and commercial companies meet their regulatory and business security requirements. Our security life cycle services provide support from system conception to system operation. Our services can be procured as a complete package or individually depending on where you are in your system's life cycle. Cyber Security Assessments MCGlobalTech has specialized services and solutions that pertain to security assessments. MCGlobalTech provides a variety of assessment services that include Attack & Penetration, Testing and Validation, Risk Assessments and Vulnerability Assessment/Management. MCGlobalTech has a core team of subject matter experts that perform these services on an exclusive basis to all of our clients. MCGlobalTech has developed detailed methodologies and processes for assessing the following technical areas: • System Level (workstation and servers) • Network Level (firewall, routers, switches, IDS, VPN, etc.) • Applications (web-based) • Wireless • Telephony A top-to-bottom assessment of external and internal access is performed to assess the effectiveness of the organization's current posture in addressing its security risks and exposures. Assess Plan Implement Monitor Security Requirements Definition Security Design and Engineering Security Test, Validation and Reporting Security Documentation and Response
4 MCGlobalTech 2015 Proprietary Material Security Authorization (Assessment and Authorization) Security Continuous Monitoring The primary goal of MCGlobalTech’s Security Authorization (SA) Program is to ensure that Federal Agencies are able to meet their customer’s needs with a well- defined SA process. Thus, using the 80/20 rule, 80% of the needs of the stakeholders can be addressed in a clear and concise S&A process. Systems enter a repeatable, established and fully documented S&A process, pass through the process using clearly defined procedures and automated scanning and exit consistently. Drawing on our extensive experience, MCGlobalTech can address the remaining 20% of stakeholders needs by providing guidance and recommendations involving management, operational and technical controls and activities. Accomplishments realized by MCGlobalTech’s SA program include the following: • System Baseline Security Requirements • Providing Stakeholders the ability to better measure the progress of SA engineering and re-engineering activities • Identifying and completing critical deliverables over a period of time in a systematic and rational manner • Obtaining feedback and deliverables acceptance prior to working on additional activities or deliverables • Ensuring resources are concentrated on completing tasks associated with the current phase, providing focus and advancing progress • Providing a model that can be published to stakeholders, detailing the organized flow of engineering/reengineering activities being performed in SA Program • Standardization, consistency, efficacy and efficiency in initiating and completing Assessments and Authorizations Critical components of MCGlobalTech’s SA program process includes: • System Characterization (FIPS 199) • Security Self-Assessments (NIST SP 800-26) • Security Risk Assessments (NIST SP 800-30) • System Security Plans (NIST SP 800-18 and NIST SP 800-53) • Security Test and Evaluations (NIST SP 800-53) • Plan of Actions and Milestone (POA&M) MCGlobalTech’s Security Continuous Monitoring (SCM) program is designed to help Federal Agencies and commercial clients meet existing Government regulations including the Federal Information Security Management Act (FISMA), ISO 27000, PCI DSS, HIPAA, SOX and all other federal security requirements or directives. The SCM gives organizations the ability to respond to both internal and external audits and existing and new security threats and SCM Internal & External Audits Federal Guidelines and Directives Threats and Vulnerabilities
5 MCGlobalTech 2015 Proprietary Material Security Risk Management vulnerabilities. MCGlobalTech’s SCM program will not only enable proactive responses to Federal information technology security regulatory requirements but will also help organizations improve the management of their security risks. The MCGlobalTech SCM program is designed to review the security posture of an agency on a recurring basis. The audit and vulnerability scanning will occur on a monthly and/or quarterly basis and will include a full baseline assessment at the beginning of each fiscal year. The program is designed to measure an organization’s security posture over time. This will allow management to understand whether the security of the network is improving or declining and determine what areas to focus available resources. MCGlobalTech’s Security Risk Management (SRM) Program incorporates processes that describe the procedural steps to identify, capture, escalate, mitigate, and manage business risks and material weaknesses. Our SRM program provides our clients with a means to enhance systems security and operational performance and facilitate informed decision-making. The SRM program is a metrics-based program that measure risks and performance throughout the life cycle in an iterative approach – before, during and after. The SRM process principal goal is to protect the client and its ability to perform its mission, not just its IT assets. Additionally, MCGlobalTech’s SRM coordinates the synchronization of potential impairment to operations with effective levels of security controls and mitigations. The SRM allows for managing security risk (to include interdependencies), developing policies, ensuring policy compliance, monitoring the adequacy of the certification and accreditation process, and managing and prioritizing risks identified through a consolidation of Plans of Action and Milestones (POA&M’s) for effective resource utilization (funding and time sensitivity). The benefits of MCGlobalTech’s SRM include: • Eliminating material weaknesses • Streamlining responses to internal and external data calls (GAO, IG, ad hoc reports) • Effectively address risks and risk drivers across the enterprise • Establishing a basis for prioritization of an effective resource utilization • Facilitating accountability through assignment, management and tracking risk mitigation activities • Establishing a centralized repository of reusable data Monthly/Quarterly Checks Malicious Code Hackers Baseline Assessment Monthly/Quarterly Checks Full Assessment Monthly/Quarterly Checks
6 MCGlobalTech 2015 Proprietary Material • Facilitating and monitoring policy implementation and effectiveness • Supporting security decision-making through establishment of an integrated security readiness/preparedness dashboard Security Engineering Security Architecture Services Infusing security principles and disciplines into the business continuum is critical to accomplishing the mission of private sector entities and government agencies. Implementing inter-reliant security assurance engineering within the current production is a proven method for affecting progressive change within client organizations. Most organizations are continually seeking government and industry practices to improve their business operations. Security assurance engineering leverages applicable agency and industry practices that prescribe methodologies to improve and ensure the business continuum. To address the vast and continually changing technology landscape, MCGlobalTech employs specific industry-proven technology practices. MCGlobalTech’s security assurance engineering process utilizes security technology best practices, security systems integration and lessons learned, to provide proven security guidance to system and application developers. Above all, MCGlobalTech’s security assurance engineering program focuses on and is driven by business and mission requirements. Requirements provide the guidance of what to do (how to apply the practices and standards) and facilitate synchronization of the security requirements and functional business requirements enabling the client’s mission. MCGlobalTech’s assurance engineering program consists of: • Security Requirements Definition • Security Requirements Implementation • Security Requirements Testing and Validation • Security Requirements Documentation and Monitoring Security Architecture Services addresses systemic causes of vulnerabilities to ensure that the cost of system failure, recovery, business interruption, and reputation impact is diminished. Our enterprise-level, top down approach considers business, operational and IT strategies to design security solutions. MCGlobaltech implements a six phased approach to develop a security architecture design that is spread across data, application and infrastructure architectures to achieve compliance with legislation and industry regulations. . • Develop Security Policy Definition • Identify System Security Requirements • Develop Technical Security Specifications • Design the System Security Architecture • Implementation of Target Security Architecture • Implementation of Security Practices to Maintain Secure State Network Security Network Security Services addresses management and control of enterprise technology through implementation of leading edge security administration, remote access, network security monitoring and access control solutions. MCGlobalTech’s technology integration solutions are designed to facilitate the implementation of mission critical solutions. Thus, we consider each of our integration solutions to be critical success elements that reflect the core technological competencies required solution. These elements include:
7 MCGlobalTech 2015 Proprietary Material MCGlobalTech’s Management Experience • Firewall/router Solutions • Intrusion Detection/Prevention Solutions • Virtual Private Network Solutions • Remote Access Solutions • Anti-Virus solutions • Encryption Solutions MCGlobalTech’s leadership team is comprised of subject matter experts that have performed in senior management positions within some of the most respected organizations in both government and commercial industry. One of MCGlobalTech’s critical success factors is leveraging this knowledge across all of our clients. The following is a sample of organizations that have contributed to the backgrounds of our leadership organization: Federal Clients Clients Information Assurance Vulnerability Management Security Risk Management Security Engineering Penetration Testing Network Security DHS ● ● ● ● ● ● DOL ● ● ● ● IRS ● ● ● ● NASA ● ● ● DOT ● ● ● DOD ● ● ● ● ● FBI ● ● VA ● ● USAID ● ● ●
8 MCGlobalTech 2015 Proprietary Material Certifications Corporate Designations NAICS Codes Commercial Clients Clients Security Program Management Security Risk Management Security Engineering Penetration Testing Vulnerability Management FISERV ● ● ● ● Verisign ● ● CarMax ● ● Freddie Mac ● Booz Allen ● ● ● ● ● Hawaiian Healthcare ● ● Bancroft ● ● Lydall ● ● IBM ● ● Walgreens ● ● MCGlobalTech professionals maintain a number of professional and technical certifications to include: • Certified Information Systems Auditor (CISA) • Certified Information Systems Security Professional (CISSP) • Certified Information Security Manager (CISM) • Certified Ethical Hacker (CEH) • Certified in Risk and Information Systems Control (CRISC) • Certificate of Cloud Security Knowledge (CCSK) • Certified Business Continuity Professional (CBCP) • CheckPoint Certified Systems Engineer (CCSE) • Information Technology Infrastructure Library (ITIL v3) • Program Management Professional (PMP) • Minority Owned Small Business • Self-Certified Small Disadvantage Business • Cage Code: 76X97 • DUNS #: 967264701 518210, 541512, 541513, 541519
9 MCGlobalTech 2015 Proprietary Material Contact Information MCGlobalTech 1325 G Street, NW Suite 500 Washington, D.C 20005 Phone: 202.355.9448 Email: info@mcglobaltech.com www.mcglobaltech.com

More Related Content

PDF
MCGlobalTech Cyber Capability Statement_Final
William McBorrough
 
PDF
Securing the Supply Chain
Ignyte Assurance Platform
 
PPTX
TA security
kesavars
 
PDF
Integrated Technology Solutions for Drug Safety
Covance
 
PDF
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Alan Yau Ti Dun
 
PPTX
NIST IT Standards for Local Governments 2010
Donald E. Hester
 
PDF
What's Next : A Trillion Event Logs, A Million Security Threat
Alan Yau Ti Dun
 
PDF
Comodo SOC service provider
paulharry03
 
MCGlobalTech Cyber Capability Statement_Final
William McBorrough
 
Securing the Supply Chain
Ignyte Assurance Platform
 
TA security
kesavars
 
Integrated Technology Solutions for Drug Safety
Covance
 
Cybersecurity Assurance at CloudSec 2015 Kuala Lumpur
Alan Yau Ti Dun
 
NIST IT Standards for Local Governments 2010
Donald E. Hester
 
What's Next : A Trillion Event Logs, A Million Security Threat
Alan Yau Ti Dun
 
Comodo SOC service provider
paulharry03
 

What's hot (19)

PDF
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...
Alan Yau Ti Dun
 
PPSX
Does audit make us more secure
EnterpriseGRC Solutions, Inc.
 
PDF
Adaptive & Unified Approach to Risk Management & Compliance-via-ccf
awish11
 
PDF
Security in the Software Development Life Cycle (SDLC)
Frances Coronel
 
PDF
Cybersecurity Preparedness Trends and Best Practices
Tony Moroney
 
PPTX
Security assessment isaca sv presentation jan 2016
EnterpriseGRC Solutions, Inc.
 
PPTX
Cybersecurity Frameworks and You: The Perfect Match
McKonly & Asbury, LLP
 
PDF
TrustedAgent GRC for Vulnerability Management
Tuan Phan
 
PDF
Structured NERC CIP Process Improvement Using Six Sigma
EnergySec
 
PPT
Use of the COBIT Security Baseline
Barry Caplin
 
PDF
Regulatory Considerations for use of Cloud Computing and SaaS Environments
Institute of Validation Technology
 
DOCX
CMGT 411 Entire Course NEW
shyamuopfive
 
PDF
Security Framework for Digital Risk Managment
Securestorm
 
PDF
RSPL Brochure
Regulogix Solutions
 
PDF
Internal Audit Solution
MetricStream Inc
 
PDF
Expert letter kp is for security management
Tiniey Cayang
 
PDF
Agiliance Risk Vision
agiliancecommunity
 
PPTX
OneAudit™ - Assess Once, Certify to Many
ControlCase
 
PDF
TrustedAgent GRC for Public Sector
Tuan Phan
 
Auditing & Assessing The Risk Of Cloud Service Providers at Auditworld 2015 ...
Alan Yau Ti Dun
 
Does audit make us more secure
EnterpriseGRC Solutions, Inc.
 
Adaptive & Unified Approach to Risk Management & Compliance-via-ccf
awish11
 
Security in the Software Development Life Cycle (SDLC)
Frances Coronel
 
Cybersecurity Preparedness Trends and Best Practices
Tony Moroney
 
Security assessment isaca sv presentation jan 2016
EnterpriseGRC Solutions, Inc.
 
Cybersecurity Frameworks and You: The Perfect Match
McKonly & Asbury, LLP
 
TrustedAgent GRC for Vulnerability Management
Tuan Phan
 
Structured NERC CIP Process Improvement Using Six Sigma
EnergySec
 
Use of the COBIT Security Baseline
Barry Caplin
 
Regulatory Considerations for use of Cloud Computing and SaaS Environments
Institute of Validation Technology
 
CMGT 411 Entire Course NEW
shyamuopfive
 
Security Framework for Digital Risk Managment
Securestorm
 
RSPL Brochure
Regulogix Solutions
 
Internal Audit Solution
MetricStream Inc
 
Expert letter kp is for security management
Tiniey Cayang
 
Agiliance Risk Vision
agiliancecommunity
 
OneAudit™ - Assess Once, Certify to Many
ControlCase
 
TrustedAgent GRC for Public Sector
Tuan Phan
 
Ad

Similar to MCGlobalTech Cyber Capability Statement (20)

PPTX
MCGlobalTech Enterprise Risk Management Program
William McBorrough
 
PPTX
MCGlobalTech Service Presentation
William McBorrough
 
PPTX
MCGlobalTech Consulting Service Presentation
William McBorrough
 
PDF
Enhancing Trust Through SOC 2 Audit- by ispectra technologies
elizabethrdusek
 
PPTX
Enhancing Trust Through SOC 2 Audit- ispectra
elizabethrdusek
 
PDF
MCGlobalTech Commercial Cybersecurity Capability Statement
William McBorrough
 
PPTX
The quality assurance checklist for progressive testing
Maitrikpaida
 
PPTX
The Quality Assurance Checklist for Progressive Testing
Cygnet Infotech
 
PDF
Kmicro Cybersecurity Offerings 2020
Manuel Guillen
 
PDF
Certified Cybersecurity Compliance Professional.PREVIEW.pdf
GAFM ACADEMY
 
PDF
The Demystification of successful cybersecurity initiatives.
FitCEO, Inc. (FCI)
 
PDF
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
FitCEO, Inc. (FCI)
 
PDF
Sample Risk Assessment Report- QuantumBanking.pdf
SathishKumar960827
 
PPTX
Security management concepts and principles
Divya Tiwari
 
PDF
Information technology and information security services
Dejan Majkic
 
PDF
safe-software-deployment-how-software-manufacturers-can-ensure-reliability-fo...
ICT Frame Magazine Pvt. Ltd.
 
PPTX
CMMC Breakdown
Ignyte Assurance Platform
 
PPTX
2022-customer-planning-template Rapid7 PPTX
ssuser05c3d6
 
PDF
Comparative study of Cyber Security Assessment Tools
IRJET Journal
 
PDF
Retail Security solution
Ssgstubbs
 
MCGlobalTech Enterprise Risk Management Program
William McBorrough
 
MCGlobalTech Service Presentation
William McBorrough
 
MCGlobalTech Consulting Service Presentation
William McBorrough
 
Enhancing Trust Through SOC 2 Audit- by ispectra technologies
elizabethrdusek
 
Enhancing Trust Through SOC 2 Audit- ispectra
elizabethrdusek
 
MCGlobalTech Commercial Cybersecurity Capability Statement
William McBorrough
 
The quality assurance checklist for progressive testing
Maitrikpaida
 
The Quality Assurance Checklist for Progressive Testing
Cygnet Infotech
 
Kmicro Cybersecurity Offerings 2020
Manuel Guillen
 
Certified Cybersecurity Compliance Professional.PREVIEW.pdf
GAFM ACADEMY
 
The Demystification of successful cybersecurity initiatives.
FitCEO, Inc. (FCI)
 
TheDemystification_of_SuccessfulCyberSecurity_VIMRO_LB_VH_MHF_10_11_15
FitCEO, Inc. (FCI)
 
Sample Risk Assessment Report- QuantumBanking.pdf
SathishKumar960827
 
Security management concepts and principles
Divya Tiwari
 
Information technology and information security services
Dejan Majkic
 
safe-software-deployment-how-software-manufacturers-can-ensure-reliability-fo...
ICT Frame Magazine Pvt. Ltd.
 
CMMC Breakdown
Ignyte Assurance Platform
 
2022-customer-planning-template Rapid7 PPTX
ssuser05c3d6
 
Comparative study of Cyber Security Assessment Tools
IRJET Journal
 
Retail Security solution
Ssgstubbs
 
Ad

More from William McBorrough (17)

PPTX
MCGlobalTech CMMC Managed Compliance Service
William McBorrough
 
PDF
MCGlobalTech Managed Security Compliance Program
William McBorrough
 
PPTX
Cybersecurity Career Information by Next Gen Cyber
William McBorrough
 
PDF
Improving Cyber Readiness with the NIST Cybersecurity Framework
William McBorrough
 
PPTX
MCG Cybersecurity Webinar Series - Risk Management
William McBorrough
 
PPTX
MCG Cybersecurity Webinar Series - Risk Management
William McBorrough
 
PDF
MCG_OnePageBrochure_Final
William McBorrough
 
PDF
Information Security Continuous Monitoring within a Risk Management Framework
William McBorrough
 
PDF
MCGlobalTech Capability Statement
William McBorrough
 
PPTX
Managing Security Risks in Manufacturing
William McBorrough
 
PPTX
Cyber Crime Threat Landscape - A Focus on the Financial Industry
William McBorrough
 
PPT
Protecting Customer Confidential Information
William McBorrough
 
PPTX
Need for Improved Critical Industrial Infrastructure Protection
William McBorrough
 
PDF
Need for Improved Critical Industrial Infrastructure Protection
William McBorrough
 
PDF
No National 'Stand Your Cyberground' Law Please
William McBorrough
 
PDF
FCC Report on Google Street View Wi-Fi Data Snooping
William McBorrough
 
PPT
Cloud Computing - Security Benefits and Risks
William McBorrough
 
MCGlobalTech CMMC Managed Compliance Service
William McBorrough
 
MCGlobalTech Managed Security Compliance Program
William McBorrough
 
Cybersecurity Career Information by Next Gen Cyber
William McBorrough
 
Improving Cyber Readiness with the NIST Cybersecurity Framework
William McBorrough
 
MCG Cybersecurity Webinar Series - Risk Management
William McBorrough
 
MCG Cybersecurity Webinar Series - Risk Management
William McBorrough
 
MCG_OnePageBrochure_Final
William McBorrough
 
Information Security Continuous Monitoring within a Risk Management Framework
William McBorrough
 
MCGlobalTech Capability Statement
William McBorrough
 
Managing Security Risks in Manufacturing
William McBorrough
 
Cyber Crime Threat Landscape - A Focus on the Financial Industry
William McBorrough
 
Protecting Customer Confidential Information
William McBorrough
 
Need for Improved Critical Industrial Infrastructure Protection
William McBorrough
 
Need for Improved Critical Industrial Infrastructure Protection
William McBorrough
 
No National 'Stand Your Cyberground' Law Please
William McBorrough
 
FCC Report on Google Street View Wi-Fi Data Snooping
William McBorrough
 
Cloud Computing - Security Benefits and Risks
William McBorrough
 

Recently uploaded (20)

PDF
COST SHEET- Tender and Quotation unit 2.pdf
MANJU N
 
PPTX
Amazon (Business Studies) management studies
AbhirupVerma
 
PPT
340036916-American-Literature-Literary-Period-Overview.ppt
carinaherdiles611
 
PDF
Training And Development of Employee .pdf
nivethavm864
 
PPTX
Business Ethics - An introduction and its overview.pptx
Keerthana Chinnathambi
 
PPTX
job Avenue by vinith.pptxvnbvnvnvbnvbnbmnbmbh
kaniece
 
PDF
Nidhal Samdaie CV - International Business Consultant
Nidhal Samdaie
 
PDF
pdfcoffee.com-opt-b1plus-sb-answers.pdfvi
thaoonguyenn2311
 
PPTX
5 Stages of group development guide.pptx
keerthanashanmugam201
 
PDF
Elevate Cleaning Efficiency Using Tallfly Hair Remover Roller Factory Expertise
farsookmon97766765
 
PDF
20250805_A. Stotz All Weather Strategy - Performance review July 2025.pdf
FINNOMENAMarketing
 
PDF
WRN_Investor_Presentation_August 2025.pdf
cmagee4
 
DOCX
unit 2 cost accounting- Tender and Quotation & Reconciliation Statement
MANJU N
 
PPTX
Belch_12e_PPT_Ch18_Accessible_university.pptx
Haitham327103
 
PDF
SIMNET Inc – 2023’s Most Trusted IT Services & Solution Provider
sidnik500
 
PPTX
HR Introduction Slide (1).pptx on hr intro
suhanidwivedi227
 
PDF
Laughter Yoga Basic Learning Workshop Manual
yeechensee
 
PDF
How to Get Funding for Your Trucking Business
Jake Thornhill
 
PDF
Power and position in leadershipDOC-20250808-WA0011..pdf
meghavinikumar2006
 
PDF
Traveri Digital Marketing Seminar 2025 by Corey and Jessica Perlman
Corey Perlman, Social Media Speaker and Consultant
 
COST SHEET- Tender and Quotation unit 2.pdf
MANJU N
 
Amazon (Business Studies) management studies
AbhirupVerma
 
340036916-American-Literature-Literary-Period-Overview.ppt
carinaherdiles611
 
Training And Development of Employee .pdf
nivethavm864
 
Business Ethics - An introduction and its overview.pptx
Keerthana Chinnathambi
 
job Avenue by vinith.pptxvnbvnvnvbnvbnbmnbmbh
kaniece
 
Nidhal Samdaie CV - International Business Consultant
Nidhal Samdaie
 
pdfcoffee.com-opt-b1plus-sb-answers.pdfvi
thaoonguyenn2311
 
5 Stages of group development guide.pptx
keerthanashanmugam201
 
Elevate Cleaning Efficiency Using Tallfly Hair Remover Roller Factory Expertise
farsookmon97766765
 
20250805_A. Stotz All Weather Strategy - Performance review July 2025.pdf
FINNOMENAMarketing
 
WRN_Investor_Presentation_August 2025.pdf
cmagee4
 
unit 2 cost accounting- Tender and Quotation & Reconciliation Statement
MANJU N
 
Belch_12e_PPT_Ch18_Accessible_university.pptx
Haitham327103
 
SIMNET Inc – 2023’s Most Trusted IT Services & Solution Provider
sidnik500
 
HR Introduction Slide (1).pptx on hr intro
suhanidwivedi227
 
Laughter Yoga Basic Learning Workshop Manual
yeechensee
 
How to Get Funding for Your Trucking Business
Jake Thornhill
 
Power and position in leadershipDOC-20250808-WA0011..pdf
meghavinikumar2006
 
Traveri Digital Marketing Seminar 2025 by Corey and Jessica Perlman
Corey Perlman, Social Media Speaker and Consultant
 

MCGlobalTech Cyber Capability Statement

  • 1. Mission Critical Global Technology Group Cybersecurity Capability Statement MCGlobalTech 1325 G Street, NW Suite 500 Washington, D.C 20005 | Phone: 202.355.9448 | www.mcglobaltech.com
  • 2. 1 MCGlobalTech 2015 Proprietary Material Table of Contents ABOUT MCGLOBALTECH.................................................................................2 FULL LIFE-CYCLE SECURITY SUPPORT ........................................................3 CYBER SECURITY ASSESSMENTS .................................................................3 SECURITY AUTHORIZATION ............................................................................4 SECURITY CONTINUOUS MONITORING .........................................................4 SECURITY RISK MANAGEMENT ......................................................................5 SECURITY ENGINEERING.................................................................................6 SECURITY ARCHITECTURE SERVICES ..........................................................6 NETWORK SECURITY........................................................................................6 MCGLOBALTECH’S MANAGEMENT EXPERIENCE........................................7 CERTIFICATIONS ...............................................................................................8 CORPORATE DESIGNATIONS..........................................................................8 NAICS CODES ....................................................................................................8 CONTACT INFORMATION .................................................................................9
  • 3. 2 MCGlobalTech 2015 Proprietary Material Staff Skills Success About MCGlobalTech Mission Critical Global Technology Group (MCGlobalTech) is an Information Security and IT Infrastructure Management Consulting firm founded by industry leaders who combine decades of experience in industries such as finance, health care, manufacturing, insurance, education, federal, state and local government agencies. The Principals at MCGlobalTech have provided Information Security services to private sector industries, state and federal government agencies for over 25 years. MCGlobalTech provides security services and solutions to solve a myriad of complex security challenges facing our clients. Through our corporate and personal work experiences and the extensive experience of our partners, MCGlobalTech delivers leading edge, cost-effective security solutions to meet any budgetary requirements. Our mission is to be a trusted provider of information technology services and solutions with core competencies in cybersecurity, information assurance, security engineering, risk management and security program and project management. Our proven methodologies and scalable solutions help our clients achieve maximum return on their investment. At MCGlobalTech, we believe that strong values create long-term relationships with our customers, employees, partners and the communities we serve. At the heart of everything we do, our corporate values are: • Providing customer satisfaction • Delivering innovative solutions • Empowering staff for success • Maintaining technical excellence MCGlobalTech consultants provide a number of innovative services and solutions to produce a comprehensive risk based protection strategy to protect our client’s data and mission critical systems. By partnering with MCGlobalTech, you can be assured of a tailored security program that fits your unique business requirements instead of a cookie cutter – canned solution. MCGlobalTech also partners with other service providers such as industry- focused corporations, technology vendors and security organizations to enhance and balance our portfolio of services. The time and cost savings achieved from the MCGlobalTech proven Assess-Plan- Implement-Monitor, (APIM) service delivery methodology allows organizations to spend more energy and resources in addressing their specific risks. Our professionals assist organizations in applying the results of vast industry knowledge base to their unique business requirements so that potential gaps can be identified
  • 4. 3 MCGlobalTech 2015 Proprietary Material and addressed accordingly. Security should never exceed the cost of the actual asset you are trying to protect! If your business can benefit from this type of innovative partnership, add MCGlobalTech to your team of professionals. Full Life-Cycle Security Support MCGlobalTech provides full life-cycle information security support to ensure that federal agencies and commercial companies meet their regulatory and business security requirements. Our security life cycle services provide support from system conception to system operation. Our services can be procured as a complete package or individually depending on where you are in your system's life cycle. Cyber Security Assessments MCGlobalTech has specialized services and solutions that pertain to security assessments. MCGlobalTech provides a variety of assessment services that include Attack & Penetration, Testing and Validation, Risk Assessments and Vulnerability Assessment/Management. MCGlobalTech has a core team of subject matter experts that perform these services on an exclusive basis to all of our clients. MCGlobalTech has developed detailed methodologies and processes for assessing the following technical areas: • System Level (workstation and servers) • Network Level (firewall, routers, switches, IDS, VPN, etc.) • Applications (web-based) • Wireless • Telephony A top-to-bottom assessment of external and internal access is performed to assess the effectiveness of the organization's current posture in addressing its security risks and exposures. Assess Plan Implement Monitor Security Requirements Definition Security Design and Engineering Security Test, Validation and Reporting Security Documentation and Response
  • 5. 4 MCGlobalTech 2015 Proprietary Material Security Authorization (Assessment and Authorization) Security Continuous Monitoring The primary goal of MCGlobalTech’s Security Authorization (SA) Program is to ensure that Federal Agencies are able to meet their customer’s needs with a well- defined SA process. Thus, using the 80/20 rule, 80% of the needs of the stakeholders can be addressed in a clear and concise S&A process. Systems enter a repeatable, established and fully documented S&A process, pass through the process using clearly defined procedures and automated scanning and exit consistently. Drawing on our extensive experience, MCGlobalTech can address the remaining 20% of stakeholders needs by providing guidance and recommendations involving management, operational and technical controls and activities. Accomplishments realized by MCGlobalTech’s SA program include the following: • System Baseline Security Requirements • Providing Stakeholders the ability to better measure the progress of SA engineering and re-engineering activities • Identifying and completing critical deliverables over a period of time in a systematic and rational manner • Obtaining feedback and deliverables acceptance prior to working on additional activities or deliverables • Ensuring resources are concentrated on completing tasks associated with the current phase, providing focus and advancing progress • Providing a model that can be published to stakeholders, detailing the organized flow of engineering/reengineering activities being performed in SA Program • Standardization, consistency, efficacy and efficiency in initiating and completing Assessments and Authorizations Critical components of MCGlobalTech’s SA program process includes: • System Characterization (FIPS 199) • Security Self-Assessments (NIST SP 800-26) • Security Risk Assessments (NIST SP 800-30) • System Security Plans (NIST SP 800-18 and NIST SP 800-53) • Security Test and Evaluations (NIST SP 800-53) • Plan of Actions and Milestone (POA&M) MCGlobalTech’s Security Continuous Monitoring (SCM) program is designed to help Federal Agencies and commercial clients meet existing Government regulations including the Federal Information Security Management Act (FISMA), ISO 27000, PCI DSS, HIPAA, SOX and all other federal security requirements or directives. The SCM gives organizations the ability to respond to both internal and external audits and existing and new security threats and SCM Internal & External Audits Federal Guidelines and Directives Threats and Vulnerabilities
  • 6. 5 MCGlobalTech 2015 Proprietary Material Security Risk Management vulnerabilities. MCGlobalTech’s SCM program will not only enable proactive responses to Federal information technology security regulatory requirements but will also help organizations improve the management of their security risks. The MCGlobalTech SCM program is designed to review the security posture of an agency on a recurring basis. The audit and vulnerability scanning will occur on a monthly and/or quarterly basis and will include a full baseline assessment at the beginning of each fiscal year. The program is designed to measure an organization’s security posture over time. This will allow management to understand whether the security of the network is improving or declining and determine what areas to focus available resources. MCGlobalTech’s Security Risk Management (SRM) Program incorporates processes that describe the procedural steps to identify, capture, escalate, mitigate, and manage business risks and material weaknesses. Our SRM program provides our clients with a means to enhance systems security and operational performance and facilitate informed decision-making. The SRM program is a metrics-based program that measure risks and performance throughout the life cycle in an iterative approach – before, during and after. The SRM process principal goal is to protect the client and its ability to perform its mission, not just its IT assets. Additionally, MCGlobalTech’s SRM coordinates the synchronization of potential impairment to operations with effective levels of security controls and mitigations. The SRM allows for managing security risk (to include interdependencies), developing policies, ensuring policy compliance, monitoring the adequacy of the certification and accreditation process, and managing and prioritizing risks identified through a consolidation of Plans of Action and Milestones (POA&M’s) for effective resource utilization (funding and time sensitivity). The benefits of MCGlobalTech’s SRM include: • Eliminating material weaknesses • Streamlining responses to internal and external data calls (GAO, IG, ad hoc reports) • Effectively address risks and risk drivers across the enterprise • Establishing a basis for prioritization of an effective resource utilization • Facilitating accountability through assignment, management and tracking risk mitigation activities • Establishing a centralized repository of reusable data Monthly/Quarterly Checks Malicious Code Hackers Baseline Assessment Monthly/Quarterly Checks Full Assessment Monthly/Quarterly Checks
  • 7. 6 MCGlobalTech 2015 Proprietary Material • Facilitating and monitoring policy implementation and effectiveness • Supporting security decision-making through establishment of an integrated security readiness/preparedness dashboard Security Engineering Security Architecture Services Infusing security principles and disciplines into the business continuum is critical to accomplishing the mission of private sector entities and government agencies. Implementing inter-reliant security assurance engineering within the current production is a proven method for affecting progressive change within client organizations. Most organizations are continually seeking government and industry practices to improve their business operations. Security assurance engineering leverages applicable agency and industry practices that prescribe methodologies to improve and ensure the business continuum. To address the vast and continually changing technology landscape, MCGlobalTech employs specific industry-proven technology practices. MCGlobalTech’s security assurance engineering process utilizes security technology best practices, security systems integration and lessons learned, to provide proven security guidance to system and application developers. Above all, MCGlobalTech’s security assurance engineering program focuses on and is driven by business and mission requirements. Requirements provide the guidance of what to do (how to apply the practices and standards) and facilitate synchronization of the security requirements and functional business requirements enabling the client’s mission. MCGlobalTech’s assurance engineering program consists of: • Security Requirements Definition • Security Requirements Implementation • Security Requirements Testing and Validation • Security Requirements Documentation and Monitoring Security Architecture Services addresses systemic causes of vulnerabilities to ensure that the cost of system failure, recovery, business interruption, and reputation impact is diminished. Our enterprise-level, top down approach considers business, operational and IT strategies to design security solutions. MCGlobaltech implements a six phased approach to develop a security architecture design that is spread across data, application and infrastructure architectures to achieve compliance with legislation and industry regulations. . • Develop Security Policy Definition • Identify System Security Requirements • Develop Technical Security Specifications • Design the System Security Architecture • Implementation of Target Security Architecture • Implementation of Security Practices to Maintain Secure State Network Security Network Security Services addresses management and control of enterprise technology through implementation of leading edge security administration, remote access, network security monitoring and access control solutions. MCGlobalTech’s technology integration solutions are designed to facilitate the implementation of mission critical solutions. Thus, we consider each of our integration solutions to be critical success elements that reflect the core technological competencies required solution. These elements include:
  • 8. 7 MCGlobalTech 2015 Proprietary Material MCGlobalTech’s Management Experience • Firewall/router Solutions • Intrusion Detection/Prevention Solutions • Virtual Private Network Solutions • Remote Access Solutions • Anti-Virus solutions • Encryption Solutions MCGlobalTech’s leadership team is comprised of subject matter experts that have performed in senior management positions within some of the most respected organizations in both government and commercial industry. One of MCGlobalTech’s critical success factors is leveraging this knowledge across all of our clients. The following is a sample of organizations that have contributed to the backgrounds of our leadership organization: Federal Clients Clients Information Assurance Vulnerability Management Security Risk Management Security Engineering Penetration Testing Network Security DHS ● ● ● ● ● ● DOL ● ● ● ● IRS ● ● ● ● NASA ● ● ● DOT ● ● ● DOD ● ● ● ● ● FBI ● ● VA ● ● USAID ● ● ●
  • 9. 8 MCGlobalTech 2015 Proprietary Material Certifications Corporate Designations NAICS Codes Commercial Clients Clients Security Program Management Security Risk Management Security Engineering Penetration Testing Vulnerability Management FISERV ● ● ● ● Verisign ● ● CarMax ● ● Freddie Mac ● Booz Allen ● ● ● ● ● Hawaiian Healthcare ● ● Bancroft ● ● Lydall ● ● IBM ● ● Walgreens ● ● MCGlobalTech professionals maintain a number of professional and technical certifications to include: • Certified Information Systems Auditor (CISA) • Certified Information Systems Security Professional (CISSP) • Certified Information Security Manager (CISM) • Certified Ethical Hacker (CEH) • Certified in Risk and Information Systems Control (CRISC) • Certificate of Cloud Security Knowledge (CCSK) • Certified Business Continuity Professional (CBCP) • CheckPoint Certified Systems Engineer (CCSE) • Information Technology Infrastructure Library (ITIL v3) • Program Management Professional (PMP) • Minority Owned Small Business • Self-Certified Small Disadvantage Business • Cage Code: 76X97 • DUNS #: 967264701 518210, 541512, 541513, 541519
  • 10. 9 MCGlobalTech 2015 Proprietary Material Contact Information MCGlobalTech 1325 G Street, NW Suite 500 Washington, D.C 20005 Phone: 202.355.9448 Email: info@mcglobaltech.com www.mcglobaltech.com