Cyber

Cyber for the Real World

In 2021, a Ransomware attack on Colonial Oil closed over 80% of Washington DC gas stations - no one in government or Congress could get into work. (Fortunately, it was the Shut Down. Bad planning for the Russian cuprits. ) How is this relevent in 2025?

The Colonial Oil attack came from one compromised password.

Simple 'Cyber Hygiene'

Implement NIST password rules. 60% of passwords from large data breaches are resused in attacks.

Update system files regularly, with a focus on PowerShell, the No. 1 language for US cyber attacks.

Don't trust multi- or two-factor authentication! Large REITs using Real Page are able to bypass it.

What do NYPD, the White House Office of Science & Technology, Oil Pipelines, and US beer bottlers have in common?

Extreme concern about ransomware. At last year's FInancial Times / White House cyber security summit across the street from the White House, CTO and executive leaders from these and other market segments voiced this as their top cyber fear.

But what these top industry leaders did not know was that ransomware is not the right focus. Cyber Hygiene is. Because without poor hygiene, ransomware can't get it. We can't focus on the ends in cyber. We have to focus on the means. Just like stopping smugglers. Look for the tactics, not the byproducts.

We help US Cabinet Agencies, other government, and private sector clients review, design, and innovate their cyber and infrastructure security

We'll help you design a cyber-ready foundation today, that is resilient and flexible enough to last through many tomorrows.

Cyber Security & Architecture

Tools and practices for a cyber-ready foundation across global enterprise - for government and private sectors. We don't try to do it all, for our clients. That's not our focus. We help clients consider, evaluate, and design or implement the cyber security policies and software that suits them best.

We are not a software provider, we are a strategy and innovation solution provider.

And if you use our services, you'll get the best in innovative cyber insight possible.

Endpoint Security

Defining, monitoring, and managing endpoints across IOT arenas

White House Advisory

2023-24 US National Cyber Framework, US Homeland Security, US DOD

FedRamp & NIST

Government & vendor poam and compliance strategy and evaluations

FY 2025 CIO FISMA

Navigating civilian compliance and privacy laws for agencies & financial institutions

How are we different from other cyber or IT consultants?

Simple. We don't try to BE every other firm. Cyber is a vast IT discipline, and we stick to what we specialize in: technology & engineering innovation; and national security strategy. And because we are not trying to sell our own product, we don't push clients into cyber solutions that might not be the best fit. Instead, we partner with the industry's leading cyber providers - Sophos, Nesus, Fire Eye, IBM and others - to bring you optimal solutions for your budget and specific needs.

Innovation for National Security

We partner with a range of cyber security software and hardware providers to bring our public or private sector clients the scope and range of continuity of service they need to fulfill their mission. Our sweet spot is national intellligence, defense and national security; and this is the foundational view we bring to act as executive advisor, audit or design lead.

Learn more

National Intelligence & DOJ

We were the first US government contractor to detect a Chinese cyber intrusion into a US Department of Energy Lab - Argonne Lab in Washington DC.

The team used a local DC home network and Howard University DOE interface - with a non-US citizen student newly arrived in the US as its primary actor. We discovered the team had access the US DOE Covid servers, and was uploading xml and other scripting under guise of academic work, and downloading scraped, real-time data and analysis. Crypto cover was also involved. We discovered the break-in during routine endpoint monitoring, and discovery of an all-Chinese (mainland China) device network.

We offer clients a strong foundation in sanctions, supply chain, and affiliated cyber intelligence and analytics. Other cyber work has supported US DOJ Huawei and Russian indictments, since 2020.

Learn more

Cyber Risk & Policy Assessment

By leveraging unified visibility across clouds, identities, and endpoints, we advise clients on software and automated monitoring tools - such as Crowd Strike or Nesus - to effectively hunt threats everywhere, and track lateral movement across domains.

Learn more

SOX & NYSE Cyber Compliance

Disclosures play an important role in communicating with the investor community and stakeholders more broadly. In the quarter century since cyber risk became a core item on the board agenda, directors have recognized that it is an ever evolving issue, requiring constant diligence and a focused approach to enable effective oversight. The past year has seen an increase in the sophistication in cyber threats, which has prompted companies to improve their cybersecurity frameworks, but also helped adversaries improve the sophistication of attacks.

Item Link

the DC

Strategic Group

PARTNERS

The Intelligence Community

ORNL - Batelle

Office of Naval Research (ONR)

The Brookings Institution

Harvard Innovation Labs

British Medical Journal

UK Research & Innovation (UKRI)

Oracle

SOLUTIONS

GET IN TOUCH

Stay current with our latest insights, or request a quote:

Contact Us

Washington DC l London