Search for:

Data Security

Data provides a critical foundation for every organization and is a necessity irrespective of whether your information is on premises or in hybrid cloud or in cloud environments. Protecting and using it securely is central to every organization zero trust strategy.

Unfortunately, cyber criminals also see the value of data and seek to exploit security vulnerabilities to put your information at risk.

Data Security vulnerabilities are constantly increasing within the complex, multi-faceted and multi-tenant infrastructure of many organizations. Magnus help your organization protect critical business data from undesired access and mishandling, and secure data from deletion, ransomware and theft. Magnus helps you gain greater visibility and insights to investigate and remediate threats and enforce real-time controls and compliance.

Magnus data security services include:

  • Data security strategy: Improve maturity across people, process and technology
  • Data discovery: Find your most critical data assets, who has access and how they are protected
  • Data loss prevention: Detect, prevent and enforce policy violations to avoid accidental data loss
  • Data security governance: Establish process, metrics and continuous steady-state data discovery and classification
  • Database security monitoring: Helps enforce data protection and compliance policies across multi-tenant environments

Mobile Security

Magnus team has managed the Mobile Security posture of federal agencies both from a policy management / device management (Mobile Device Management) and mobile application vetting perspective. Magnus engineers have worked extensively with The Lookout and IBM MaaS 360 tool suites to deliver this service.

In a recent case study, our Mobile Security engineering team is responsible with mobile secure communications and monitoring of security technologies of 10,000+ devices and have tested and vetted hundreds of applications both on the iPhone and Android platforms. This includes configuration management, application IT security, identity and access management, device management, log analysis, storage management, and remote access for all devices managed.

In addition, Magnus Digital Forensic Engineers have the knowledge and subject matter expertise to provide detailed reports to management to reveal what occurred to bring a device under the umbrella of a forensic investigation. In cases where an Executive Summary is needed for VIP or senior level management, MAGNUS Forensic Engineers have ability to present the details in a manner that is easily digestible for senior management.  In the instance where a deep technical description is needed, MAGNUS Forensic Engineers have the knowledge and experience to present the findings in a detailed manner.  As forensic investigations and e-discovery becomes more important both in government, corporate, and the private sectors, MAGNUS Engineers continue to stay up to date with processes, challenges, new tools, and changes as they come about.

Cyber Management Services

MAGNUS emphasizes quality, service, and intellect while employing cutting-edge technologies to keep clients ahead of the curve. Its strong business values and tested best practices, coupled with a creative technological edge, ensure that it delivers expert consulting services in the areas of Information Security Management, Project Management, and Operation Management.

Cyber Project Management

MAGNUS Project Management provides expert consulting services in principles described by the Project Management Body of Knowledge (PMBOK).

Hence, applying the five processes (Initiation, Planning, Execution, Controlling, Closing) and the nine knowledge areas (Project Integration Management , Project Scope Management , Project Time Management , Project Cost Management , Project Quality Management , Project Human Resource Management , Project Communications Management , Project Risk Management , Project Procurement Management) to all aspects of each clients needs.

Cyber Operations Management

MAGNUS Operations Management offers our clients the full range of consulting services. These services include the development of Operations Strategy concepts, Product and Service Management, Service Delivery & Support, Integration and IT Management.

Additionally by combining our functional Operations Management competencies with specific industry knowledge we are able to serve our clients with customized approaches responding best to their specific requirements and needs. A great deal of our focus is on efficiency and effectiveness of processes. Therefore, MAGNUS Operations Management consulting often includes substantial measurement and analysis of internal processes.

Security Management

MAGNUS Security Management offers our clients a full range of security consulting services tailored specific to their requirements.

MAGNUS Consultants are considered subject matter experts in the aforementioned functional areas and are actively involved with the design, development, procurement and implementation of Information Security solutions.

These services include:

  • Certification & Accreditation
  • Security Architecture
  • Risk Analysis and Assessments
  • Security Policy and Processes
  • System Auditing
  • Security Testing and Evaluation
  • Disaster Recovery Planning
  • Contingency Planning
  • Vulnerability Assessments
  • Penetration Testing
  • Physical Security Survey
  • Security Program Management

Proactive Cyber Security

Hard problems stay solved with MAGNUS. We work diligently and collaboratively with our customers to provide a variety of proactive security assessments and safeguards.

This is a landscape, like many, that is constantly changing. That’s why it’s absolutely critical to choose a security partner constantly on the leading edge, always a step ahead of our customers and potential threats to their operations. That’s exactly what we do at MAGNUS.

Our team performs the full range of proactive assessments and simulations to keep our customers’ informational assets secure – across cloud, mobile or on-premise. Our team of experts works on behalf of customers in the federal government and in the commercial arena alike. These projects involve, for example, preemptively securing thousands of devices; successfully defending against millions of attacks; performing hundreds of vulnerability assessments.

Additionally, we have developed a compliance assurance model that ensures our customers are safe from not only malicious threats, but threats to their ability to operate due to an unknown or unforeseen compliance issue.

Customers Turn to Us For:

  • Technical Security Assessment
  • Investigations
  • Digital Forensics
  • Application Security
  • Penetration Testing
  • Exploitation Analysis
  • Social Engineering
  • Mobile Device Security

Security Operations Center (SOC)

You’re securely up and running. We keep it that way. The MAGNUS team provides the full suite of security operations center services, drawing on years of experience in high-profile, high-stakes environments.

We offer our customers the full range of security operations center services. Whether we’ve built the system or have been engaged to manage it, we successfully and effectively meet our customers’ needs – and then some.

We ensure their applications, databases, servers, networks and other endpoints are secure. We perform continuous monitoring and assessment. But that’s table stakes. We go beyond the traditional SOC engagement to develop strategies and program management protocols that enhance our customers’ SOC objectives.

We measure and analyze – all the time – to ensure continuous improvement. We combine leading-edge industry knowledge and emerging techniques to keep our customers not only secure but aware and on offense. We customize our approach in line with specific requirements and needs. We’re agile, nimble and flexible; we’re also smart, fast and good.

Customers Turn to Us For:

  •  Security Program Management
  •  Security Awareness & Education
  •  System Authorization
  •  Agile Security Awareness
  •  Cyber Threat Intelligence & Analysis
  •  Defense Posture Assessment
  •  Incident Detection & Response
  •  Insider Threat Prevention & Detection

Digital Forensics

Magnus has had a Digital Forensics Practice since 2017 when we started supporting a premier Federal Law Enforcement Agency with its investigations into mobile devices. Initially this was done under the umbrella of our Cyber Security practice, however it was soon determined that this was a unique area with a need for focused skillsets and knowledge of specific tools.

Our Digital Forensics practice today supports Law Enforcement Agencies with its Collection, Examination, Analysis and Reporting of data for Mobile, Tablet, Vehicle GPS, IOT and Drone Investigations. Our digital forensics practitioners have a wide variety of tools in their kit which gives you a sense of the sorts of tasks they can complete:

  • Disk and data capture tools
  • File viewers
  • File analysis tools
  • Registry analysis tools
  • Internet analysis tools
  • Email analysis tools
  • Mobile devices analysis tools

The process models our digital forensics practitioners use can vary, however below are the four basic steps:

  1. Collection, in which digital evidence is acquired. This often involves seizing physical assets, like computers, phones or hard drives; care must be taken to ensure that no data is damaged or lost. Storage media may be copied or imaged at this stage in order to keep the original in a pristine state for reference.
  2. Examination, in which various methods are used to identify and extract data. This step can be divided into preparation, extraction and identification. Important decisions to make at this stage are whether to deal with a system that’s live or dead.
  3. Analysis, in which the data that’s been gathered is used to prove or disprove the case being built by investigators. For each relevant data item, investigators will answer the basic questions about it — who created it? who edited it? how was it created? when did this all happen? — and attempt to determine how it relates to the case.
  4. Reporting, in which the data and analysis are synthesized into a format that can be understood by stakeholders. Being able to create such reports is an absolutely crucial skill in digital forensics.

CISO Support Services

Over the last 15 years, Magnus has provided CISO Support Services to Department of Justice components including Office of Justice Programs, Office of CIO, Office of CISO, USMS CISO and Bureau of Prisons leadership. Magnus team members have served as a principal cyber security advisors / liaison between DOJ HQ OCIO – Cyber Security Branch and DOJ Components / CISO staff and external auditors on all matters relating to the Annual Financial Statement and FISMA Audits of DOJ Components. Additionally, our teams serve as an internal auditor serving as an independent body performing overall assessment of IT controls for the DOJ systems, and recommend and validate corrective actions for deficiencies.

Some of the deliverables for our executive support to the CISOs include:

  • Prepare, record, and track action items for the Authorizing Official (AO) briefings.
  • Provide support needed for penetration testing.
  • Prepare and disseminate risk slides including updates on behalf of CISO office
  • Provide security program management policies, processes, procedures and standards.
  • Develop and apply security procedures and checklists.
  • Ensure compliance with downward directed enterprise security procedures, checklists, and requirements
  • Support the maintenance of the continuity of operations and disaster recovery plan and procedures.
  • Participate and assist, in the annual execution of a continuity of operations and disaster recovery exercise.
  • Provide Operations Backup Sites support.
  • Ensure backup policies, plans and procedures are in alignment with the Federal Information Security Management Act (FISMA).
  • Produce and deliver training documentation on new security products and/or applications to Government and Contractor employees.
  • Develop, maintain and update Security Education, Training, and Awareness plan.

In addition, Magnus Cyber Security Team provides support services for developing a proactive methodology to assess and strengthen internal IT controls and rapidly and effectively respond to, and resolve findings identified during the FISCAM and FISMA audits of systems and subsystems.

Cyber Security Training

MAGNUS Corporation has had extensive experience creating classroom based, online, video based and scenario / role based cyber security training course and modules.  MAGNUS has developed Cyber Security based coursed for various formats using its pool of cyber security SME’s who have real world experience as Cyber Security Practitioners and have advanced cyber certifications including Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), CompTIA Security+, Certified Information Systems Security Professional (CISSP), NIST Cybersecurity Framework (NCSF – Foundation and Practitioner), Certified Information Security Manager (CISM), Certified Cloud Security Professional (CCSP) amongst others.

Over the years MAGNUS has been involved in developing cutting edge training assets. Some of our training combine content creation, interesting interactivities, animations, assessments, graphics, games, quizzes, sound files, over a host of delivery platforms. MAGNUS has successfully delivered Cyber courses across various Federal, Academic and Commercial organizations.

MAGNUS has designed and delivers a 3 Credit course on “Applied Cyber Security Course” at Delaware State University

One of the programs we are most proud about is the “Applied Cyber Security Course” at Delaware State University where MAGNUS Corporation developed and continues to deliver a 3 credit course (going on our 3rd year).  The vision of the Applied Cyber Security Course is to equip students with the practical knowledge and experience to use various key Cyber Technologies that will help to protect valuable data assets and develop next-generation cyber skills to anticipate, monitor and avoid cyber threats. This course is designed preparing students with cutting-edge knowledge and skills through practical, lab-oriented coursework that is designed by industry experts, obtaining hands-on experience and learning from knowledgeable faculty who practice in their fields.

This course is conducted in a combination of instructor led classroom instruction, instructor led web based instruction and online lab environments. The course covers topics like Security Operations Center (SOC), Security Incident  & Event Management (SIEM), Event and Log Collection, Layered Centric Views & Normalization, Intrusion Detection Systems (IDS), Traffic Analysis, Network Monitoring, Network Traffic Forensics, Security Analytics Tools amongst others.

Security Architecture & Engineering

Expertly built systems that perform. That’s where we excel. Our people and our creative technological edge keep our customers ahead of the curve, ahead of the competition, and ahead of threats to their business.

Our team includes Information System Security Officers, Certification and Accreditation Analysts, Information Security Engineers, Security Architects and more. All of whom share a commitment to quality, service and performance. And to you.

These professionals work diligently and collaboratively with customers across the federal government and in the commercial space to build secure information systems that support mission and business critical objectives. The same is true whether the solutions are on-premise, in the cloud or on mobile.

The team has a range of technical and professional certifications, including: CISSP, CISSP-ISSAP, CISSP-ISSMP, PMP, Security+, CCSK, CEH. Our technical experts provide agency wide support for Security Authorization (Certification and Accreditation/ISSO Support), Information Security Awareness and Training, Vulnerability/Patch Management/, Incident Response, Security Operations Center Support, SIEM Tool Integration, Mobile Device Security, Agile Development Security Framework, Program Management and Secure Cloud Computing Services.

Customers Turn to Us For:

  • Configuration Management
  • Control Change & Automation
  • Decision Analysis & Resolution
  • Security Architecture
  • Security Engineering