Black Rock ensures appropriate safeguards are in place to protect networks and network-supported assets

Our Security Professionals are unique in that they have provided Certification and Accreditation (C&A) and Assessment and Authorization (A&A) services to General Computing Environments with Global Information Grid connected systems as well as Weapons, Launch Range Instrumentation, and Industrial Control Systems (ICS).

We understand the intricacies of those systems. We will develop and implement Systems Security Strategies and plans that identify, mitigate, monitor, report, and fix vulnerabilities of target systems.

Black Rock personnel are experts in applicable federal laws, Executive Orders, and Industry standards, including those outlined in the Federal Information Security Management Act (FISMA) and the Risk Management Framework (RMF) Instructions and Special Publications.

Black Rock can assist federal, state, and private organizations with the security accreditation process (A&A) mandated for many federal and outsourced information systems.

Develop A&A packages for major applications, general support systems, and minor applications
Conduct risk assessments and common control selection
Develop strategic security plans and programs
Develop cyber security strategies, roadmaps, training, and execution plans for transition to the RMF for senior leadership, risk executives, and stakeholders
Provide full spectrum FISMA and privacy program support to Federal Agencies and commercial customers
Develop full range cybersecurity / RMF training and certification programs for Federal Agencies and commercial customers (including management and train-the-trainer courses)
Develop, integrate, test, and manage real time continuous monitoring plans, and capabilities for enterprise and specialized information systems
Design, develop, configure, and maintain enterprise Security Operation Centers (SOC), enterprise Identity Management Solutions, and Security Content Automation Protocol (SCAP) solutions
Develop, integrate, implement, and execute security architectures and support to the System Development Life Cycle (SDLC)