Akytech has successfully provided Information Assurance (IA) services and support to several federal clients. We follow an organized and proven Information Assurance (IA) and security response process based on the FISMA, NIST, and DIACAP protocols. We analyze the IA requirements and develop/contribute to system security architecture, including detailed security design, configuration, implementation (hardware, software) hardening, and the dynamic threat risk matrix from ongoing vulnerability assessments. We implement and validate security controls as an important part of each project lifecycle stage.
We pay rigorous and continuous attention to the security of the systems we manage to meet the organization’s security target requirements and IA controls. Our compliance, governance, and risk management approach proactively identify and eliminates threats and vulnerabilities, continuously ensures alignment, minimizes program cost, and prevents security breaches.
Our Approach
Akytech integrates, coordinates, and supports cybersecurity activities related to the secure transmission and storage of electronic information, implementation of cybersecurity policy/procedures, development and implementation of processes and mechanisms by which sensitive information and services are protected. We provide user awareness training, risk management, and internal and external auditing. Additional support includes establishing procedures supporting IT security requirements; conducting risk assessments to identify threats/vulnerabilities; providing cybersecurity planning, reporting, and implementation; maintaining and supporting cybersecurity infrastructures; performing vulnerability risk assessments and managing risks with the Plan of Action & Milestones (POA&M) process; supporting Information Assurance and Certification and Accreditation; supporting Identity Credentialing and Management using Public Key Infrastructure (PKI) technologies, and providing training.
Akytech adheres to organizational standards like the DoD directives and NIST guidelines on a broad range of system and application security practices. We deliver a portfolio of IA services that protect the availability, integrity, confidentiality, non-repudiation, and authentication of stored, processed, and transmitted data.
We have C&A experts with excellent knowledge and experience in the criteria, processes, and timeliness factors required to implement a compliant C&A program. Whether an effort is in the initial startup phase or closing on an ATO milestone, our knowledgeable C&A experts can augment existing project teams to ensure potential C&A pitfalls are avoided. We bring past success certifying and accrediting applications per agency standards, including Department of Defense Information Assurance Certification and Accreditation Process (DIACAP). Our C&A team members have worked as program security leads for government and contractual organizations guiding program personnel through the certification process per NIACAP and NIST Risk Management Framework guidance.
Our support services include:
- Program Planning
- Program Development
- Life Cycle Implementation & Support
- Program Governance
- Compliance Verification Assessment
We have established and practiced procedures supporting federal IT security requirements; conduct risk assessments to identify threats/vulnerabilities for existing/planned requirements supporting federal mandates; provide cyber security planning, reporting, and implementation; maintain and support cyber security infrastructures; perform vulnerability risk assessments and manage risks with the Plan of Action & Milestones (POA&M) process; support information assurance and certification and accreditation; support Identity Credentialing and Management using Public Key Infrastructure (PKI) technologies; as well as provide training.