MCGlobalTech Service Presentation
Download as PPTX, PDF1 like492 views
Mission Critical Global Technology Group (MCGlobalTech) provides information security and IT infrastructure management consulting services. They help organizations comply with industry standards and federal regulations to strengthen their security posture. MCGlobalTech assesses clients' security gaps and develops customized solutions involving governance, processes, and technology controls. Their full lifecycle of services includes assessment, planning, implementation, and continuous monitoring.
MCGlobalTech Service Presentation
- 1. 1 Mission Critical Global Technology Group (MCGlobalTech) Information Security and IT Infrastructure Management Consulting
- 2. 2 Rationale for MCGlobalTech Security Services The protection of IT infrastructure is critical to the manufacturing, industrial, healthcare, science and defense industries. All organizations must protect their systems from attacks that can negatively affect operations, services and put proprietary information at risk. An organization’s information security posture can be increased through our Enterprise Security Maturity Program. We help you better understand and comply with industry standards and federal regulations. • Open technologies and networked systems used by industry are a likely target for malicious cyber activities because they are easily accessible, have a wide installation base and detailed information is available on the Internet. • Internet-based attacks can wreak havoc on your organization. You are connected with customers, vendors, suppliers and governments, and are entrusted with vast amounts of sensitive data such as intellectual capital, proprietary information, etc. • Your organization can be a leader in responding to new cybersecurity threats. Strong governance and a mature information security program that draws on industry-driven best practices can significantly improved cybersecurity posture.
- 3. 3 The Security Challenge Information Security challenges all organizations face: • Organizations in practically every industry are under immense pressure to improve quality, reduce complexity, increase efficiency and better manage IT expenses; • Information Systems and data exchanges are vital components to meet these growing challenge, however, the adoption of technology introduces an abundance of security risks; • Growing risks and liabilities, including unauthorized access, data breaches, regulatory violations, new technology implementation, etc.; • Strong IS governance, oversight, and a thorough understanding of regulatory requirements, industry standards, and best practices is required to reduce and mitigate the risk of successful cyber crimes; General obstacle to overcome these challenges include but not limited to: • Redundant and inconsistent requirements and standards; • Confusion surrounding implementation and acceptable minimum controls; • Inefficiencies associated with varying interpretations of control objectives and safeguards; • Increasing scrutiny from regulators, auditors, underwriters, customers and business partners; • Lack of highly trained cyber security staff to address information security needs.
- 4. 4 Overcoming The Challenges The recognized importance of information security and compliance has seen significant growth in recent years. With the integration of networked business systems, comes the risk of malicious software and the malicious acts of cyber criminals. With constantly changing technology and the Internet, the security risks are greatly increasing. All industries have challenges mitigating security issues. To effectively manage information security, a strong Information Security strategy must be put in place. The strategy should focus on three elements – People, Process and Technology. • People are the cornerstone to every security program. Having proper leadership, competent security staff and trained users ensures security is adequate considered in all business operations. • Process ensures the appropriate security practices and procedures are developed, implemented and maintained to support in support of a well-defined security governance framework. • Technology ensures that the appropriate security controls are in place to protect your environment from all assessed threats, vulnerabilities, and resulting risks.
- 5. 5 Corporate Overview Mission Critical Global Technology Group is a minority owned, small business founded by industry leaders who take an agile, innovative and practical approach to problem solving in the ever changing world of information technology and security. Our experts combine many decades of experience in industries such as Finance, Health Care, Manufacturing, Insurance, Education, Federal, State and Local Government agencies. Our expertise, professionalism and client-focused approach are distinguishing characteristics of our company. Vision Our vision is to build a Global Information Security and Technology Infrastructure Management Firm based on quality people, quality processes and passion for benefiting our clients. Mission We dedicate ourselves to the mission of providing the highest quality, meticulously planned, customized and innovative information technology and information security solutions to assist client organizations increase productivity, protect investments and comply with applicable security regulations through research, innovation, and expert consulting services.
- 6. 6 Consulting Services Governance Risk Compliance or Management MCGlobalTech assesses the gaps between your existing security posture, regulatory requirements, industry standards and best practices. We provide expert services in implementing necessary cost-effective controls and procedures unique to your business environment. We will assist you with achieving and maintaining compliance through assessments, remediation, continuous monitoring, and staff training. Our expertise include but are not limited to the following federal regulations and Industry Standards. • HIPAA COBIT • GLBA SAS70 • FISMA NIST • PCI ISO 27001,2 • ISA99 Enterprise Information Security Solutions and Services (Security Management Program) MCGlobalTech Enterprise Security Assessment methodology comprises of a full information security program review. This includes all procedural, technical and non-technical security initiatives of the organization as a whole. Our methodology allows for a comprehensive Network, Systems and Applications security audit. The goal is investigate and identify all internal and external threats and vulnerabilities. We help our clients develop, implement, and maintain reality-based effective and cost-friendly risk management strategies.
- 7. 7 Consulting Services Cloud Computing Security Services MCGlobalTech helps you navigate the ever expanding maze of cloud computing security options required for your remote applications, systems and infrastructure hosting needs. With the current lack of industry security standardization, each cloud provider provides a differing level of security controls. We help you audit your existing in house and remote infrastructure; and design minimum system security requirements to protect your sensitive data that is hosted outside your organization’s security boundaries. Cloud Computing Security Services Include the following services: • Cloud Vendor Security Assessment • Cloud Migration Assistance • Cloud Infrastructure Security Assessment & Mitigation Service Information Technology Infrastructure Management Consulting MCGlobalTech provides executive level IT management consulting to help you manage and address your IT infrastructure needs. We will help you align your information technology infrastructure organization with your operational and strategic business goals. Our Information Technology Management Consulting Services include: • Business/ IT Alignment Consulting IT Governance Consulting • Virtual/Interim CIO Services Program Management
- 8. 8 MCGlobalTech Full Lifecycle Service Delivery Management Four Customizable Phases Stakeholders IS/IT Team Enterprise Information Technology/Security Program Management Day-to-Day Operations and Management P1: Assessment Work with stakeholders Develop Gap Assess Current IT / IS Posture P2: Planning Analysis P3: Implementation P4: Continuous Monitoring Recommendation / Gap Remediation Plan of Action People / Process / Technology Integration Monitor Performance / Controls / Metrics
- 9. 9 MCGlobalTech Full Lifecycle Service Delivery Assessment Planning Implementation Key Activities Deliverables Gap remediation project plan Assessment gap analysis and recommendations based on regulations, standards, and best practices for industry Executive reporting of gap remediation progress Review governance model, policies, procedures, standards and practices Baseline assessment of current security posture Baseline assessment of IT infrastructure Develop gap remediation Implementation project plan in accordance with organization stakeholders Program management of gap remediation plan Remediation tracking Develop Information Security Program Improve IT infrastructure management Our standard approach includes: A security framework; A maturity model assessment; A gap analysis based on industry standards and best practices; A service deliverance model that includes governance, policies, InfoSec Program; Recommendations; Remediation assistance. Example Engagement Project Plan Project Key Activates W e e k 1 W e e k 2 W e e k 3 W e e k 4 W e e k 5 W e e k 6 W e e k 7 W e e k 8 W e e k 9 Initiation Scope Fact Finding Assessment Planning Gap Analysis Remediation / Strategy InfoSec Prog. Implementation PM Assist Reporting The timeline will vary according to the type, scope and complexity of client business, IT infrastructure management and security requirements Continuous Monitoring Monitor security program & operations Monitor IT infrastructure management Recommend continual program & operations improvements Periodic assessment & continuous advisory support Process Improvement
- 10. 10 MCGlobalTech Positioning Statement • Managing security risks, compliancy to federal regulations and industry standards, classifying information, IT governance and policy development, requires organizations to better understand and control governance, processes, and security measure, while supporting existing business operations. • Organizations are starting to take steps to implement integrated solutions to address this need and this trend is likely to continue or accelerate in the years to come. Therefore, an independent Information Security Program Assessment should be performed to determine the organization's security posture, security gaps, and necessary corrective actions. Services offered to help you better manage your Security and IT Infrastructure: • Security Governance, Risk & Compliance Assessment Services • Enterprise Information Security Management Services • Cloud Computing Security Management Services • IT Infrastructure Management Services
- 11. 11 MCGlobalTech Summary Cont. Core Competencies Governance & Compliance Enterprise Information Security (EIS) Cloud Computing Security Services IT Infrastructure Management Services IS Governance & Policy Review CIO / Director Level Advisory Develop / Review Cloud Security Governance & Policies IT Infrastructure Management Assessment Security Strategy & Process Development Enterprise Information Security Program Implementation Develop Cloud Computing Security Program IT Infrastructure Gap Analysis Federal Regulation Compliance Assessment (i.e., FISMA, NIST, GLBA, HIPAA) Enterprise Information Policy Review Perform Deep Dive Cloud Security Assessment IT Infrastructure Management Planning Industry Standards Compliance Assessment (i.e., PCI DSS, ISO 27001,2, ISA99, etc.) Security Measure & Controls Assessment Against Industry Standards Security GAP Analysis IT Infrastructure Management Remediation Security Measure & Controls Assessment Against Industry Federal Regulations Manage / Implement GAP Remediation / Continuous Monitoring IT Infrastructure Management Monitoring /Improvement
- 12. 12 Contact Us Mission Critical Global Technology Group 1776 I Street, NW 9th Floor Washington, District of Columbia 20006 Phone: 571-249-3932 Email: Info@mcglobaltech.com William McBorrough Morris Cody Managing Principal Managing Principal wjm4@mcglobaltech.com mcody@mcglobaltech.com