S-CAP Automating Security

The work that the National Cyber Security Division of the U.S. Department of Homeland Security, NIST, Mitre and others have performed on S-CAP is nothing short of “amazing”.  Through standardization of cybersecurity information abstraction, enumerations standards such as Common Vulnerabilities and Exposures (CVE), languages such as Open Vulnerability and Assessment Language (OVAL), and repositories like OVAL Repository are enabling the automation of tedious, manual tasks thereby enabling better breadth of coverage more cost effectively.

Argosy applies these standards to our client engagements and cybersecurity system designs to provide 24×7 expanded protection and coverage for enterprise-wide solutions to cybersecurity risk management and protection.  More concepts and application of S-CAP can be found in Argosy’s Improving FISMA Effectiveness and Efficiency Through the Security Content Automation Program (SCAP) published in cooperation with the Industry Advisory Council.

Mobility – Smart Phones

Mobile Smart Devices like the iPhone and iPad (collectively referred to as IOS devices, the operating system from Apple), Android OS, BlackBerry and PalmOS devices all present individual challenges when creating secure, interactive applications that are more than just bookmarks to existing desktop webpages.  There is also a “war of technology” going on between Apple and the non-Apple camps around the Adobe Flash virtual machine for animation and video.

Argosy develops secure e-Business applications for the IOS, Android and BlackBerry OS environments.  We focus on utilizing the common denominator of technology  and target specific functionality that can be leveraged and easily maintained across this evolving landscape of mobility devices. Contact Argosy for more information and to discuss the specific requirements of your mobility application.

FISMA C&A

The USA federal government standard for cybersecurity readiness, evaluation and testing is based on the Federal Information Security Management Act (FISMA).  The standards (e.g. SP800-53) and practices applied to federal government networks are now beginning to extend into commercial application through federal prime contractors such as the Medicare Administrative Contractors (see the CMS Acceptable Risk Safeguards (ASR) and Core Security Requirements (CSR) and the Business Partner System Security Manual (BPSSM)) and the expanded HIPAA Security requirements from the ARRA HITECH regulations.

Argosy is at the forefront of customary and standard practices for securing federal and commercial healthcare information through our work at CMS, with the Medicare Administrative Contractors, commercial Providers and Health Information Exchanges.  Argosy’s work as the federal contractor responsible for “writing the book” on HIPAA Security enforcement from 2004 through 2006 has uniquely position Argosy as the industry expert on the regulatory implementation of FISMA in combination with HIPAA Security and Privacy regulations.  Combined with Argosy’s expertise in cybersecurity testing automation, this integrated expertise enables Argosy’s Clients to achieve the highest levels of cybersecurity readiness and regulatory compliance, as cost effectively as possible.

Cloud & Virtualization

Cloud computing, combined with virtualization, are providing a revolutionary combination of technologies that are dramatically lowering the Total Cost of Ownership (TCO) for e-Business and Cybersecurity services and sites alike.  The underlying concepts of cloud computing; loosely federated, late binding of network connected applications has been around for some time.  Those of you who remember CORBA technology understand these concepts.  What is new are the standards to open these interfaces to “web services” directories that identify the location, functionality and interface details of these distributed services that span multiple vendor platforms.  Virtualization has enabled multiple virtual machines to be instantiated, on-demand if required (e.g. Amazon Web Services) with configured applications that can be utilized to process information as needed, where needed.

Argosy has been designing and developing virtualized “web services” across cloud environments for clients since the earliest days of CORBA.  Argosy can bring the extreme benefits of information processing agility with lower TCO using these services to your application requirements and environment.