Cybersecurity and Information Assurance

STGS protects critical information and data networks ensuring vital data remains protected from unauthorized interceptors through secure network solutions, cross-domain interfaces and cyber-hardening tools. At STGS, we ensure security compliance for a variety of infrastructures and employ cyber models to security requirements during every phase of a project.

STGS is proud to have our application accepted and be a candidate
for the CMMC Certified Third-Party Assessor Organization (C3PAO). The CMMC will require a third-party assessment by certified assessors to ensure that the Defense Industrial Base (DIB) systems are approved to store Controlled Unclassified Information (CUI) and Federal Contract Information (FCI). The DoD has estimated that 300,000 companies will need CMMC certification, creating a large demand for audit assessors.  Companies will need to locate a Certified Third-Party Assessor Organization (C3PAO) who is authorized to manage and perform the assessment process and the security assessments.  This process should start rolling out to the DIB later in 2021.

Reach out to STGS if you’d like to stay in the loop discussing timelines and opportunities.
 

Capabilities
  • Cybersecurity Engineering 
  • Risk Management Framework (RMF) 
  • Cybersecurity Testing and Evaluation (T&E) 
  • Computer Network Defense (CND)
  • Systems Risk and Threat Analysis 
  • Vulnerability Management
  • NIST 800-53 Compliance
  • NIST 800-171 Compliance 
 
 
Specific Examples
  • Develops and distributes cybersecurity and IA policies  
  • Serves as IA Manager, Information Systems Security Manager, Information Security Officer, eMASS Administrator, COMSEC/TEMPEST Custodians, and Local Registration Authority for Common Access Card/ Public Key Infrastructure tokens 
  • Provides technical assistance to system owners in the completion of Risk Management Framework (RMF) Assessment and Authorization (A&A) process and System Security Plans (SSP) 
  • Implements vulnerability management programs which include security scanning, compliance monitoring and assessment; and antivirus and patch management programs 
  • Provides cybersecurity incident response/remediation activities 
  • Ensures security requirements are met during design, configuration, and security testing of technical solutions