"Many executives are defining cyber as the risk that will define our generation." Dennis Chesley, Global Risk Consulting Leader
Cyber intrusions are becoming more commonplace, more dangerous, and more sophisticated. Today’s hackers have become so sophisticated that they can overcome even the best network security measures. This leaves our nation’s critical infrastructures, including both private and public sector networks, as well as DoD weapons systems and associated networks vulnerable to adversary targeted attacks.
Gormat is a leading provider of cyber security services that collectively help support the DoD, Intel Community and Federal Govt clients. Our experts, comprised of former NSA Blue and Red Teams members, excel in identifying and mitigating cyber vulnerabilities of major weapons systems, nuclear command control and communications (NC3), critical infrastructures (Industrial Control Systems/Supervisory Control and Data Acquisition (ICS/SCADA)) and integrated networks.
Gormat's cybersecurity efforts are not conducted in a vacuum. We take obvious pride in collaborating and exploring partnerships with other computer security companies, law enforcement and technical experts to help develop the best ways to bolster our cyber security practices.
Specifically, our focus will be to:
- advance strategic cybersecurity by testing/assessing near full spectrum cybersecurity operations, planning, communication and decision-making among major Combatant Commands
- conduct cyber vulnerability platform assessments (CVPA) and adversarial assessments against selected afloat, ashore and space-borne systems
- discover associated adversary intent and capabilities through all-source intelligence research and assessment of nation state intent and capability to execute cyber effects against specific U.S. DoD weapons/ICS systems
- conduct threat-based, cybersecurity architecture assessments (NSCSAR/DODCAR) via employment of a Threat Framework composed of NTOC’s Adversary Lifecycle Analysis model, Lockhead Martin’s Cyber Kill Chain, and Mitre’s Adversarial Tactics, Techniques & Common Knowledge matrix
- providing cyber risk and threat identification by proactively and continuously monitoring the internal and external landscape for relevant events, risks and threats related to malicious code, vulnerabilities and attacks
- providing enterprise risk and threat communication efforts regarding potential threats and remediation efforts - including the ability to provide effective analysis and actionable intelligence based on relevant security events
- design, develop, implement and update exploitation and protection methods
- evaluate operating systems, network configurations, network architectures and topologies for potential technical and operational vulnerabilities based off of threat intelligence