Cybersecurity Services

Dakota provides a comprehensive range of Cybersecurity Services. In an information age world, cyber strategies need to balance strict compliance with operational agility. Our focus is on providing our customers a rapid response that is both compliant and flexible. Our Cybersecurity staff maintain key industry certifications and Dakota is an accredited Federal Risk and Authorization Management Process (FedRAMP) Third Party Assessment Organization (3PAO). Our workforce understands the ever-expanding array of cybersecurity guidance and how to successfully tailor an implementation program to meet specific, unique requirements of various organizations.

We have successfully completed a wide variety of security projects including:  assessment and authorization; enterprise and system risk management; creation of security program policy, procedures, and documentation; continuous monitoring; independent verification and validation; security training; gap assessments; requirements analysis; FISMA audit; information assurance; and additional activities in support of these broader services. Our expertise, staff certifications, and company credentials allow us to guide our customers’ cybersecurity strategies for maintaining cost effective programs for compliance with FISMA, Office of Management Budget (OMB), Department of Homeland Security, other Federal and U.S. Department of Defense (DoD) mandates.

The following list identifies the range of activities performed in our Cybersecurity service area:

Assessment & Authorization (A&A/SA&A, C&A)

  • Security Assessment Planning
  • Security Test and Evaluation
  • System Categorization and Security Control Baseline
  • Control Tailoring and Inheritance
  • Penetration Testing/Vulnerability Scanning

Continuous Monitoring (CM)

  • Security Metric Reporting (SCAP, Dashboards, FISMA)
  • POA&M Management
  • Configuration and Change Management
  • Security Control and Compliance Reviews
  • Continuous Diagnostics and Mitigation

Independent Security Assessments

  • System Security Document Development (SSP, CP/DRP, ISA/MOU, PIA, PTA, etc.)
  • FISMA Compliance Audit
  • Security Control Assessment (NIST RMF, FedRAMP)
  • Independent Verification & Validation (IV&V)
  • Secure Code Review

Risk and Security Program Management

  • Residual Risk Analysis & Recommendations
  • Risk Assessment
  • Enterprise Risk Management Program Development
  • Continuous Monitoring program and processes development

Specialized Cybersecurity Consulting Services

  • Customized Security Training
  • Cybersecurity Framework
  • Standards Development