Cyber Security

Altus’ expertise in Information Technology security provides customers will a full life-cycle cyber security capability: from an in-depth technical evaluation of the security posture of your enterprise and development of an Enterprise Risk Management plan tailored to your organization’s requirements, to threat remediation, solution implementation, and enterprise monitoring services, your enterprise can be prepared to respond to current and emerging cyber threats.

  • Enterprise Risk Management – Altus works with clients to evaluate risk tolerance to create and operate a risk management process following NIST Special Publication 800-39 which allows management to understand the current level of risk present in their IT systems and transition to an acceptable level of risk for the enterprise
  • Quantified Risk Assessment (QRA) – Altus works with clients to produce a numerical risk rating much like a credit report. The risk rating is a result of a detailed assessment of IT systems, processes, and procedures in place evaluated against industry standards such as the Payment Card Industry (PCI) standards, and the SANS Institute 20 Critical Security Controls
  • Vulnerability Testing, or “Blue Team Testing”, is an assessment of a client’s security architecture and vulnerabilities. The assessment team has full knowledge of the architecture and works directly with the IT staff. The team may use system scans, packet capture, password cracking, and other techniques to determine if vulnerabilities exist in the security architecture
  • Penetration Testing, or “Red Team Testing”, is an assessment implementing techniques malicious hackers use to attack organizations from the outside without privileged access to systems. Penetration testing is done with appropriate customer foreknowledge and permissions