Government

Security Innovation has delivered a variety of services and technologies for the U.S. Government and its contractors including SAIC, the State of Florida, Harris Corporation, Northrop Grumman and Lockheed Martin. The company has been funded on several Federal Government sponsored research projects including a renowned, ground-breaking study that resulted in our How to Break Software Security  methodology which has been rolled out to numerous agencies in the form of training and services.

We have a proven record in meeting complicated federal and state requirements while helping government clients achieve their IT security objectives. We assist agencies in two principal areas: keeping both complex and antiquated systems secure and ensuring that policies are written and implemented properly.

Legacy & Sensitive Systems Security

Government systems range from creaky old mainframe applications to state-of-the-art embedded software for weapons guidance and high-speed flight. Each end of this spectrum provides its own challenge – most legacy systems were not designed with security in mind at all, and weapons systems have zero-error tolerances and tight requirements on security to protect intellectual property and other sensitive data. We use our deep expertise and sophisticated technology to identify information security threats and design problems of government systems, while our awareness and technical training programs help federal and municipal organizations meet mandatory professional development and internal education requirements.

Policies, Vendor Management and Regulations

Common criteria and other regulations put pressure on agencies to ensure their policies and test plans are properly documented and executed. Our Policy Analysis and Policy Improvement programs help organizations by providing a broad and detailed look at internal and external requirements and making sure that policies are written so they are actionable and clearly understood by all personnel.

We also work with government procurement teams to optimize purchasing and deployment decisions with respect to security – everything from helping teams understand the vulnerabilities they may be inheriting when they purchase software, to re-working service level agreements (SLA’s) to ensure that security is considered at every phase of an outsourcing function. We help ensure that clients understand these threats and how to best mitigate them in their environments.