We provide exactly what you need for mission success.
- reducing your exposure to cyber threats
- cyber training for executives through practitioners
- creating security policies, procedures, and processes
- securely configuring your systems
- compliance with DFARS 252.204-7012/NIST 800-171, HIPAA, and other regulations/standards
- readiness for CMMC
- advisory services for risk-based decisions
Security Architecture / Engineering
IoT devices and cyber physical systems (CPS) offer unparalleled efficiencies and opportunities in multiple industries, from energy, to transportation, healthcare, and other critical infrastructure sectors. However, these devices and systems, without proper security and privacy controls integrated throughout the development lifecycle, can introduce serious financial and even safety risks to consumers, and reputational and financial risk to those bringing such devices and systems to market. Security architecture and engineering provides a structured approach to efficiently and effectively managing these risks.
Vulnerability, Threat, and Risk Assessments
Regular system and environment risk assessments from internal and external perspectives and access points enables proactive hardening and risk mitigation. Assessments can include vulnerability scanning, multiple levels of penetration testing to include social engineering tests, and mock exercises.
While the periphery of systems and environments have traditionally been the focus of security hardening, as insider threats expand, the importance of developing secure applications within the core of these environments grows in significance. Whether the software is in its inception phase, or already deployed and operational, software assurance enables risk mitigation and protection against multiple attack vectors.
Security Training and Education Courses
An educated workforce is an effective workforce, and this is particularly true with security training and education. Whether the focus is on physical, technical, or operations security, the outcome is an informed workforce that is less susceptible to insider threats and attack vectors designed to exploit human factors.
Program Security and Critical Infrastructure
Personnel, operations, industrial, physical security, counterintelligence, and cybersecurity engineering support for defense programs enables situational awareness throughout the life cycle of each program. Includes Supply Chain Risk Management (SCRM) and preparation for Committee on Foreign Investment in the United States (CFIUS) reviews.
Critical Infrastructure Protection (CIP) programs also create systems that withstand and recover from natural or man-made disasters and security incidents – a cornerstone of stability and resiliency for the U.S. Government. TCecure’s CIP programs are deployed across all sectors, with the ability to engage diverse communities of interest.
Strategic planning and expert advice that incorporates multidisciplinary perspectives empowers well informed, risk-based business and management decisions and investments.
- 541511 – Custom Computer Programming Services
- 541690 – Other Scientific and Technical Consulting Services (primary)
- 541512 – Computer System Design Service
- 541199 – All Other Legal Services
- 541519 – Other Computer Related Services
- 541611 – Administrative Management and General Management Consulting Services
- 541618 – Other Management Consulting Services
- 541990 – All Other Professional, Scientific, and Technical Services
- 561499 – All Other Business Support Services
- 561612 – Security Guards and Patrol Services
- 561621 – Security Systems Services (except Locksmiths)
- 611430 – Professional and Management Development Training
- 541930 – Translation and Interpretation Services
- Federal Civilian Law Enforcement Client – Telecommunications Cybersecurity
- Federal Defense Client – Physical, Program, and Personnel Security; All-Source Intelligence; Risk Management Framework Support (Steps One through Six)
- Federal Defense Client – Risk Management Framework Implementation (Steps One through Three)
- Federal Civilian Client – Risk Management Framework Step Six Continuous Monitoring Independent Assessments
- Multiple Federal Clients – Risk Management Framework, Basic Program Security, Information Security Continuous Monitoring, and Windows 10 Audit Training
- State of Maryland Clients – Cybersecurity Framework Assessment; Consulting
- New York State Clients – RMF Vulnerability Scanning and Assessments
- Commercial Clients – General Consulting; Security Policy Development for Telecommunications Company; DFARS/NIST SP 800-171 Assessments