CSCSS / Enterprise Technology + Security Services2. CSCSS delivers and leverages its expertise in a variety
of ways to help organizations move in the right direction,
make the right decisions on security investments, save
budget resources, and show a solid return on investment.
The changing factors in business, security, and cost
effectiveness are vital, complex, constantly in play,
and must be clear and concise to have any impact.
These changes are leading the way for the critical
evaluations and innovative thought leadership that will
shape and steer your business SECURELY.
CSCSS / ENTERPRISE TECHNOLOGY +
SECURITY GROUP
Information assurance, risk management,
cyber resilience, cybersecurity programs,
multi-layer cyber capabilities
and technologies
C ETS
3. Why C/ETS?
C/CETS is the IT security industry’s foremost resource
for addressing many of the cybersecurity, technology,
and business risk issues faced today. As IT infrastructure,
security, and operations (IS&O) begin to blend, organizations are
looking to implement solutions that deliver agility, cost
effectiveness, and benefits.
CSCSS is a globally-positioned, non-profit cybersecurity
and research group. We offer world-class credibility and are
uniquely able to provide objective, independent insight on
virtually any area of IT security and risk management.
We deliver refined standards-based processes and proven
methodologies that provide the foundation for unbiased,
practical, and actionable insight.
Information Assurance (IA)
The CSCSS Enterprise Technology + Security Group (C/ETS)
focuses on providing information systems assurance and
information security engineering and architecture services to
assist in the design and development of information services,
technologies, communications, products, and systems that
ensure the certification and accreditation requirements of
relevant national security authorities are met.
Trending the Future in IA – Cyber Strategy
CSCSS, working with its interagency and international partners,
leverages the opportunities of cyberspace while working to
mitigate the risks. We are focused on respecting and protecting
the privacy, civil liberties, freedom of expression, and innovation
that have made cyberspace an integral part of global prosperity
and securitywhile managing the intrinsic uncertainties and
vulnerabilities that directly and drastically impact information
assurance, defensive readiness, and national security.
In developing its strategy for cyberspace, CSCSS has focused
primarily on a number of fundamental aspects of the cyber
threat. These include external threat actors, insider threats,
supply chain vulnerabilities, and threats to global internet
operational and economic capabilities.
Our Mission
n Manage cyberspace risk through efforts such as increased
training, information assurance, greater situational
awareness, workforce education, and creating secure and
resilient network environments
n Drive information assurance and security through
Confidentiality, Integrity, and Availability by engaging and
leveraging our collaborative partnerships
n Build resilient cyber frameworks and self defenses while
maintaining an innovative approach to information security
development
n Work closely with collaborative partners, public-private
industry, academia, and the security community to rapidly
deliver innovative, resilient, and secure capabilities where
they are needed the most
We Deliver
C/ETS delivers a multi-disciplinary, standards-based approach
with focused, practical industry knowledge into the issues
affecting your mission-critical decisions and, ultimately, your
bottom line and return on investment.
C/ETS provides services that go beyond simple technology to
provide an innovative, strategic approach to the business of
managing information security, information assurance, and
essential business processes and assets.
AREAS OF DELIVERY
n Information assurance
n Security strategic planning
n Security: Executive situational awareness briefings
n Defining security objectives
n Industry best practices
n Standards delivery
n Security audit/information assurance testing
n Security training
n Security maturity/metrics programs
n Baseline security program frameworks
n Security GRC management
n Security: Program review and recommendations
n Security program presentations for
senior/executive management
n Documentation (GRC, audit, general security,
and project management)
n Custom research, benchmarks,
and industry reports
All trademarks or registered trademarks are properties of their respective owners. Copyright © 2013 The Centre for Strategic Cyberspace + Security Science. All rights reserved
4. Industry Focus
Industry focus is fundamental to GICSR’s approach. We provide
multi-disciplinary teams of audit, business risk management,
security, and technology advisory professionals focused on the
needs of key industry sectors.
Leveraging our global reach, our skills and talents, we deliver
industry-specific services providing real value to our clients. To
do this we invest continuously to build our knowledge base of
the industries we serve. We bring value by having a systematic
understanding of key industries.
C/ETSFOCUSES EFFORTS WITHIN INDUSTRY
ORGANIZATIONS THROUGH:
n Evaluation of organizational security programs
n Security research/security trend analysis
n Alignment of security programs with business
goals and objectives
n Corporate profitability and security:
ROSI (Return on Security Investment)
n Development of "lean" security programs
n Optimizing security programs
n Security best practices and standards
implementation
n Enhancing security awareness and education
n Developing meaningful security/ maturity
metrics program
n Creating integrated risk management
programs
n Discovering and effectively complying
with GRC
n Security vendor selection
n Defining strategic security plans
n Projecting emerging issues in security
and security technology
CSCSS Enterprise Technology + Security Group (C/ETS)
We work closely with industry clients helping them mitigate
risks and make the solid decisions required in lean operating
environments while seizing opportunities for pragmatic change
and return on security, service, and technology investment.
Together with CSCSS Defence Intelligence Group, CSCSS
Cybercrime Intelligence Service and C3i Group, we provide
monitoring and analysis activity delivering threat warnings,
attack alerts, and bulletins that focus on the prevention of IA
security issues.
IA Strategic Leadership
C/ETS provides strategic guidance and leadership in information
assurance. Our experience, expertise, and background in
security makes it possible for us to deliver independently-
focused tactical IA solutions and frameworks that help mitigate
security threats and reduce security and business risk.
IA Client and Partner Support
The IA mission within C/ETS spans industry verticals and
supports clients while leveraging the efforts of our collaborative
partners across government and industry to provide guidance,
ensure the availability of IA solutions, and broaden IA
knowledge and skills.
C/ETS Core Competencies
C/ETS has extensive information security architecture and
engineering knowledge and experience. We have developed
strong relationships with national security authorities and
standards groups through CSCSS’s collaborative partnerships
to assist in product certification and system accreditation.
IN SUPPORT OF FORMAL CERTIFICATION AND
ACCREDITATION ACTIVITIES, STIAC INFORMATION
SECURITY ENGINEERS PROVIDE:
n Security architecture design, implementation,
and review
n Security policy design, implementation, and review
n Threat risk and vulnerability analysis
n Input on security-related test procedures and
performance of high-level penetration testing
n Secure operating system configuration
n Security-relevant documentation
n Security accreditation plans and security
impact analysis
n Network and telecom security and cryptography
n Security management/risk management
n Security management practices
n Security architecture and models
n Development/planning aspects of operational
and physical security
n Access control systems and methodologies
n Security-focused application and systems development
n Security consultation services (focusing in all
knowledge areas of operation as well as business
continuity/disaster response planning, law intrusion
investigation, and ethics)
All trademarks or registered trademarks are properties of their respective owners. Copyright © 2013 The Centre for Strategic Cyberspace + Security Science. All rights reserved
5. Business, Industry, and Academic Outreach
Providing key leadership and balancing cybersecurity and
information assurance while protecting and delivering cyber
innovation, critical business entities, intellectual property, and
National Security Systems demands close collaboration between
public-private sector institutions, government, and academia to
raise the information assurance “bar”. To do this we will leverage
existing programs within CSCSS such as C3i Group and the
CSCSS Defence Intelligence Group (C/DIG), CSCSS Cybercrime
Intelligence Service and our collective resources.
Through our collaborative partnerships with government
agencies, academia, and the public- private sector, our focus and
mission advocate improvements in IA education and training, as
well as in cybersecurity awareness and workforce education.
Outreach and inclusion benefits the whole spectrum of
information technology. They represent and reflect major focus
areas for information assurance and may also provide
opportunities to industry for IA research and innovation, as well
as cybersecurity awareness, education, and delivery.
Strategic Vendor Partners Program
Our faculty of analysts research hardware, software, and service
providers, independently reviewing vendors that provide
innovative technologies to build and manage security services,
secure information environments, and risk management
services. This research provides an unbiased, independent
assessment of vendor products, service, and technology
differentiators and challenges.
CSCSS / ENTERPRISE
TECHNOLOGY + SECURITYC ETS
All trademarks or registered trademarks are properties of their respective owners. Copyright © 2013 The Centre for Strategic Cyberspace + Security Science. All rights reserved
About CSCSS
The Centre for Strategic Cyberspace + Security Science / CSCSS
is a multilateral, international not-for-profit organization that
conducts independent cyber-centric research, development,
analysis, and training in the areas of cyberspace, defence
intelligence, cyber security, and science while addressing the
threats, trends, and opportunities shaping international security
policies and national cyberspace cyber security initiatives.
CSCSS, as a strategic leader in cyberspace, works jointly with
key partners to address, develop, and define cyber technologies,
cyber defence force capabilities, information dominance, and
concept operations. We deliver practical recommendations and
innovative solutions and strategies to advance a secure
cyberspace domain.
Internationally, CSCSS operates in the United Kingdom, Europe,
United States, South America, Australia, and Canada.
CSCSS Collaborative Partners
The Centre for Strategic Cyberspace + Security Science operates
in a collaborative partnership with agencies and organizations
that share our commitment to the advancement of Cybersecurity,
National + International Security, Cyber Education and
Awareness, and Cybersecurity Research and Initiatives.
Contact Us
For more information on the C3i Group, the Centre for Strategic
Cyberspace + Security Science, its programmes or to find out
how we can help you please contact us.
CSCSS / Centre for Strategic Cyberspace + Security
Washington D.C + 571.451.0312
London, United Kingdom +44 2035141784
North America +877.436.6746
Middle East +855.237.8767
Australia +61 2.8003.7553
Email cets@cscss.org
CENTRE FOR STRATEGIC
CYBERSPACE + SECURITY SCIENCECSCSS
CSCSS.org