At Kearney & Company, we take a proactive approach to addressing the ever-changing and expanding cyber threat landscape facing the government. Our team specializes in various security domains, while integrating our technical expertise with our audit practice. In doing so, Kearney bridges the gap between security and compliance to not only reduce risk and strengthen security, but also ensure our clients comply with all federal requirements.
Our team of highly sophisticated and diverse security professionals makes implementing all security initiatives seamless, while reducing our clients’ technical debt and threat profile.
Kearney’s cyber security capabilities include:
- Governance, Risk, and Compliance (GRC): Identify gaps, risk issues, and challenges within the overall security program with the goal of reducing the risk of a data breach or security incident while complying with all regulations. Activities include Information System Security Officer support, security control assessments, and enterprise risk assessments.
- Security Operations and Engineering: Proactively identify detection gaps within the current security stack. Kearney finetunes all security tools to maximize return on investment while also further enhancing all security capabilities.
- Vulnerability Management: Perform automated scanning to readily identify vulnerabilities that exist within a client’s environment and may lead to compromise. Kearney cyber security professionals prioritize remediation strategies based on perceived risk to further reduce the threat landscape.
- Penetration Testing: Perform manual testing to identify unknown risks, while reducing the attack surface. Specific testing includes web application, host-based testing, and social engineering.
- Security Awareness and Training: Administer various training avenues to test the situational awareness of all personnel. We perform targeted and holistic phishing tests to ensure that all users know how to spot and report suspected phishing e-mails.
