Cybersecurity Services

  • Home
  • Cybersecurity Services

HERE TO SERVE

Comprehensive cybersecurity support, integrated with IT operations and the organization's mission

Second Renaissance cybersecurity services are focused on the public sector’s  State and Local governments. We believe that cybersecurity and the organization’s mission are connected, and that bringing well-rounded expertise to the table unlocks greater levels of value for our customers.

We deliver creative data-driven solutions including cybersecurity program management, governance, risk management framework (RMF) support, Project Management Office (PMO) support, DevSecOps advisory services, cloud security expertise, network security and Zero-Trust Security engineering services, and Data Analytics support to a wide range of mission-critical customers.

Banner

Cybersecurity Capabilities that are comprehensivequalityaffordablerelevant

Let's break down everything that goes into our cybersecurity capability offerings. Second Renaissance's core cybersecurity capabilities  include cybersecurity program and strategy management, assessment services (including penetration testing), managed security operations, and cybersecurity training.

Cybersecurity Program Strategy

Second Renaissance supports CISO and Federal executive customers in the development of comprehensive cybersecurity program strategies, based on their organizations’ unique mission. When the mission needs do not require specific overarching frameworks, Second Renaissance recommends the use of the NIST Risk Management Framework (RMF) as the basis for a comprehensive cybersecurity program. The foundation for recommended strategic plans organizes activities into three tiers – governance, information flow, and environment of operation.

  • Governance elements are often overlooked but are necessary for a resilient organization. Second Renaissance works with clients to build a Risk Management Strategy that includes policy, investment strategy, and key performance indicators (also referred to as a dashboard). The strategy will outline risk tolerance within the organization, and key stakeholder roles across the organization. With a Risk Management Strategy articulated, the organization can focus on Tier 2 – Information Flow.
  • Information Flow, also referred to as Mission/Business Processes, is the middle tier of the strategy. In Information Flow, cybersecurity is woven into the flow of business within the organization – from Enterprise Architecture to development and operations practices, and even acquisitions. When this tier of the strategy is overlooked, cybersecurity operates as a stand-alone organization. A stand-alone cybersecurity organization can be tasked with securing the organization’s information but cannot effectively perform its duty.
  • Environment of Operation is most often referred to as the NIST RMF, though it is only a portion of the RMF designed for individual information systems. Within the third tier, Second Renaissance works with customers to prioritize activities and streamline processes, including methods for testing and documenting system security.

Second Renaissance performs information systems Security Assessments to evaluate information systems security processes, practices, and overall system resilience.

Our assessment program and methodology are designed to be flexible in conducting periodic assessments with differing scopes and timelines. While the methodology only has three phases – Planning, Execution, and Post-Execution – the processes and templates we’ve developed for each phase are robust and numerous. Our Security Assessment Methodology is aligned to NIST 800-115, and is flexible enough to accommodate all information security assessment requirements.

Security Assessment Types

  • Policy and Standards Compliance Assessment
  • Cloud Security / FedRAMP Assessment
  • HITRUST Assessment
  • Penetration Test
  • Compromise Assessment
  • PCI Compliance Assessment
  • Privacy Compliance Assessment
  • HIPAA Compliance Assessment
  • Industrial Control Systems (ICS) Assessment

Second Renaissance has developed a Managed Security Operations Center (M-SOC) Service, also known as a Virtual SOC (VSOC) to address our customer needs to rapidly build, deploy, and scale SOC services. The M-SOC was designed from 15 years of experience managing government 24×7 support, and with an understanding of the latest tools and techniques within cybersecurity operations. Our M-SOC Service includes all facilities, tools, and personnel required to monitor customer IT assets including websites, applications, databases, data centers, networks, desktops, and other endpoints. Our M-SOC service helps prevent, protect, and recover from malicious threats and attacks to customer infrastructure and applications on a 24x7x365 basis.

Second Renaissance M-SOC Services include everything needed to build and execute services within a SOC:

  • Build services establish an operating environment that enables network security monitoring and management.
    • SIEM Content Management
    • Network Security Management
    • Security Engineering
    • Log Architecture and Enrollment
  • Execute services put tools and processes to work to monitor and secure customer organizations.
    • Event Management and Active Defense
    • Incident Handling and Response
    • Threat Hunting

Second Renaissance’s  M-SOC is powered by our M-SOC Toolkit™, which includes our go-to group of tools that enable Managed SOC services delivery from a geographically dispersed nature, while maintaining confidentiality, integrity, and availability of customer information.

Second Renaissance couples out-of-the-box products with experienced cybersecurity trainers to develop and deliver tailored cybersecurity training programs that maximizes results. For end user cybersecurity training, results mean decreased susceptibility to phishing, increased understanding of cybersecurity requirements and responsibilities, and faster response to potential incidents. Second Renaissance leverages out-of-the-box interactive training and automated phishing testing services, combined with tailored customer-specific training and testing telemetry to form comprehensive and cost-effective Cybersecurity Awareness Training programs.

User Testing With Telemetry

Telemetry for training management and knowledge retention is a key aspect of our Cybersecurity Training approach. Without telemetry, we would not have vital feedback of how well the training materials impacted the user population. We measure training effectiveness through multiple testing mechanisms including automated phishing testing, as well as pre and post-training quizzes, and self-scored capabilities assessments. By building a results-oriented training program, Second Renaissance ensures our customers can quantify the resilience of its users, and can see the demonstrated improvement over time to the organization’s knowledge and ability to handle incidents, adhere to security requirements, and avoid exposure to threats. Second Renaissance builds training programs with results in mind from beginning to end.

Case Studies

Learn more about our cybersecurity offerings from our Case Studies

Timely PenTest

Reeling after a data breach, a soon-to-be client had been taken by surprise when a threat actor exploited a network access point they didn't know about. The client wanted a penetration test to make sure there were no other unmanaged access points. The Second Renaissance team was able to perform a...

GRC for Local Gov

Second Renaissance revamped a city’s Governance, Risk, and Compliance (GRC) solution from top to bottom. Prior to the engagement, the city had partially implemented Telos Xacta without any processes documented or consistently implemented. We performed a full tool analysis including budget and capabilities, and recommended tool solutions based on the...

Incident Response

Second Renaissance provides Incident Response Preparation and Forensic Services to multiple confidential government entities.  IR services include preparing customers before an attack, as well as rapid response as the  contracted IR Forensic Service provider in light of a data breach. Due to the nature of Incident Handling, we cannot disclose...

Cybersecurity Training

Second Renaissance elevates the knowledge and readiness of our customers through cybersecurity workshops and hands-on training. We have partnered with places like the West Virginia Department of Environmental Protection and the University of North Carolina Wilmington to bring cybersecurity IT training to a wide range of student learners. Our training events are...

Ready to put us to work? Great! Let our sales team know and we can get started. We love onboarding new small business partners and helping you achieve your business dreams.

Contact Us Today