The term “cyber” is broad. Cybersecurity is one important component of the cyber landscape which includes cloud, IoT, and various enterprise services. CyNtelligent Solutions, LLC (CyNtell) provides intelligent solutions for cyber compliance. Whether your organization has industry regulations to comply with and/ or internal policies to adhere to, CyNtell helps you implement, maintain and validate compliance. Our focus areas for compliance are Cybersecurity, Privacy, Business Continuity Management (BCM), and Information Technology Service Management (ITSM). We have the following capabilities with regard to both the public and private sectors:
Strategic: Governance, Risk & Compliance (GRC) | Technology Architecture & Strategy | Policy Development, Validation, & Refinement | Certification Audits
Tactical: Project Management | Facilitated Risk & Business Impact Assessments | BC and DR Planning | Cloud Migration & Implementation | Virtualization Planning
Operational: Risk & Vulnerability Assessments | Penetration Testing | Office 365 & Azure Support | Security Awareness Training | Staff Augmentation | Outsourcing
Our Approach to Solutions
Our solutions are directly derived from industry-accepted standards and best practices. Some of the most widely used and well known of these are listed below.
ISO/IEC 27001 (also known as ISO 27001) is the international standard that describes best practice for an information security management system (ISMS), a systematic approach to managing confidential or sensitive corporate information so that it remains secure.
U.S. NIST standards provide guidance for Cybersecurity for almost all government agencies and for government regulated public service providers. NIST SP 800-39 provides overall guidance on risk management for information systems where NIST SP 800-30 focuses exclusively on conducting a risk assessment, which is a rudimentary phases in risk management. NIST SP 800-53 provides the controls guidance for various cybersecurity processes including the Cybersecurity Framework (CSF), Federal Risk Management Framework (RMF), and cloud specific Federal Risk and Authorization Management Program (FedRAMP).
ISO/IEC 29100 is the international privacy framework that defines privacy terminology, and roles and responsibilities for processing PII. It provides a description of safeguards and privacy principles.
ISO/IEC 27018, in direct relation to 29100, is the defined code of practice for protection of public cloud-based PII.
Business Continuity Management (BCM)
ISO/IEC 22301 specifies requirements to plan, establish, implement, operate, monitor, review, maintain and continually improve a documented management system to protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise.
ISO/IEC 27031 provides guidance for private, governmental, and non-governmental organizations in information and communications technology readiness for business continuity.
IT Service Management (ITSM)
ISO 20000 allows IT organizations to ensure the alignment between ITSM processes and overall business strategy, which in turn ensures the best service for the customer and value for the service provider.
ITIL advocates that IT services are aligned to the needs of the business and support its core processes. It provides guidance to organizations and individuals on how to use IT as a tool to facilitate business change, transformation and growth.