1

Mission Critical Global Technology Group

(MCGlobalTech)

Information Security and IT Infrastructure

Management Consulting

2

Rationale for MCGlobalTech Security Services

• Open technologies and networked systems used by industry are a likely target for malicious

cyber activities because they are easily accessible, have a wide installation base and detailed

information is available on the Internet.

• Internet-based attacks can wreak havoc on your organization. You are connected with

customers, vendors, suppliers and governments, and are entrusted with vast amounts of

sensitive data such as intellectual capital, proprietary information, etc.

• Your organization can be a leader in responding to new cybersecurity threats. Strong

governance and a mature information security program that draws on industry-driven best

practices can significantly improved cybersecurity posture.

The protection of IT infrastructure is critical to the manufacturing, industrial, healthcare, science and

defense industries. All organizations must protect their systems from attacks that can negatively affect

operations, services and put proprietary information at risk. An organization’s information security

posture can be increased through our Enterprise Security Maturity Program. We help you better

understand and comply with industry standards and federal regulations.

3

The Security Challenge

Information Security challenges all organizations face:

• Organizations in practically every industry are under immense pressure to improve quality, reduce complexity,

increase efficiency and better manage IT expenses;

• Information Systems and data exchanges are vital components to meet these growing challenge, however, the

adoption of technology introduces an abundance of security risks;

• Growing risks and liabilities, including unauthorized access, data breaches, regulatory violations, new

technology implementation, etc.;

• Strong IS governance, oversight, and a thorough understanding of regulatory requirements, industry standards,

and best practices is required to reduce and mitigate the risk of successful cyber crimes;

General obstacle to overcome these challenges include but not limited to:

• Redundant and inconsistent requirements and standards;

• Confusion surrounding implementation and acceptable minimum controls;

• Inefficiencies associated with varying interpretations of control objectives and safeguards;

• Increasing scrutiny from regulators, auditors, underwriters, customers and business partners;

• Lack of highly trained cyber security staff to address information security needs.

4

Overcoming The Challenges

To effectively manage information security, a strong Information Security strategy must be put in

place. The strategy should focus on three elements – People, Process and Technology.

• People are the cornerstone to every security program. Having proper leadership, competent

security staff and trained users ensures security is adequate considered in all business

operations.

• Process ensures the appropriate security practices and procedures are developed,

implemented and maintained to support in support of a well-defined security governance

framework.

• Technology ensures that the appropriate security controls are in place to protect your

environment from all assessed threats, vulnerabilities, and resulting risks.

The recognized importance of information security and compliance has seen significant growth in recent

years. With the integration of networked business systems, comes the risk of malicious software and the

malicious acts of cyber criminals. With constantly changing technology and the Internet, the security

risks are greatly increasing. All industries have challenges mitigating security issues.

5

Corporate Overview

Mission Critical Global Technology Group is a minority owned, small business founded by industry leaders who

take an agile, innovative and practical approach to problem solving in the ever changing world of information

technology and security. Our experts combine many decades of experience in industries such as Finance, Health

Care, Manufacturing, Insurance, Education, Federal, State and Local Government agencies. Our expertise,

professionalism and client-focused approach are distinguishing characteristics of our company.

Vision

Our vision is to build a Global Information Security and Technology Infrastructure Management Firm based on

quality people, quality processes and passion for benefiting our clients.

Mission

We dedicate ourselves to the mission of providing the highest quality, meticulously planned, customized and

innovative information technology and information security solutions to assist client organizations increase

productivity, protect investments and comply with applicable security regulations through research, innovation,

and expert consulting services.

6

Consulting Services

Governance Risk Compliance or Management

MCGlobalTech assesses the gaps between your existing security posture, regulatory requirements, industry

standards and best practices. We provide expert services in implementing necessary cost-effective controls and

procedures unique to your business environment. We will assist you with achieving and maintaining compliance

through assessments, remediation, continuous monitoring, and staff training.

Our expertise include but are not limited to the following federal regulations and Industry Standards.

• HIPAA COBIT

• GLBA SAS70

• FISMA NIST

• PCI ISO 27001,2

• ISA99

Enterprise Information Security Solutions and Services (Security Management Program)

MCGlobalTech Enterprise Security Assessment methodology comprises of a full information security program

review. This includes all procedural, technical and non-technical security initiatives of the organization as a whole.

Our methodology allows for a comprehensive Network, Systems and Applications security audit. The goal is

investigate and identify all internal and external threats and vulnerabilities. We help our clients develop,

implement, and maintain reality-based effective and cost-friendly risk management strategies.

7

Consulting Services

Cloud Computing Security Services

MCGlobalTech helps you navigate the ever expanding maze of cloud computing security options required for your

remote applications, systems and infrastructure hosting needs. With the current lack of industry security

standardization, each cloud provider provides a differing level of security controls. We help you audit your existing

in house and remote infrastructure; and design minimum system security requirements to protect your sensitive

data that is hosted outside your organization’s security boundaries. Cloud Computing Security Services Include

the following services:

• Cloud Vendor Security Assessment

• Cloud Migration Assistance

• Cloud Infrastructure Security Assessment & Mitigation Service

Information Technology Infrastructure Management Consulting

MCGlobalTech provides executive level IT management consulting to help you manage and address your IT

infrastructure needs. We will help you align your information technology infrastructure organization with your

operational and strategic business goals. Our Information Technology Management Consulting Services include:

• Business/ IT Alignment Consulting IT Governance Consulting

• Virtual/Interim CIO Services Program Management

8

Management

MCGlobalTech Full Lifecycle Service Delivery

Four Customizable Phases

IS/IT Team

Stakeholders

Enterprise

Information

Technology/Security

Program

Management

Day-to-Day

Operations and

Management

P1: Assessment

Work with

stakeholders

Develop Gap

AnalysisP2: Planning

P3: ImplementationP4: Continuous

Monitoring

Recommendation /

Gap Remediation

Plan of Action

People / Process

/ Technology

Integration

Assess Current

IT / IS Posture

Monitor Performance

/ Controls / Metrics

9

MCGlobalTech Full Lifecycle Service Delivery

Assessment

Deliverables

Gap remediation

project planAssessment gap

analysis and

recommendations

based on regulations,

standards, and best

practices for industry

Executive reporting of

gap remediation

progress

Key Activities

Review governance

model, policies,

procedures,

standards and

practices

Baseline

assessment of

current security

posture

Baseline

assessment of IT

infrastructure

Develop gap remediation

Implementation project

plan in accordance with

organization stakeholders

Program

management of gap

remediation plan

Remediation tracking

Develop Information

Security Program

Improve IT

infrastructure

management

Our standard approach includes:

A security framework;

A maturity model assessment;

A gap analysis based on industry standards

and best practices;

A service deliverance model that includes

governance, policies, InfoSec Program;

Recommendations;

Remediation assistance.

Project

Key

Activates

W

e

e

k

1

W

e

e

k

2

W

e

e

k

3

W

e

e

k

4

W

e

e

k

5

W

e

e

k

6

W

e

e

k

7

W

e

e

k

8

W

e

e

k

9

Initiation

Scope

Fact Finding

Assessment

Planning

Gap Analysis

Remediation /

Strategy

InfoSec Prog.

Implementation

PM Assist

Reporting

Example Engagement Project Plan

The timeline will vary according

to the type, scope and complexity

of client business, IT infrastructure

management and security requirements

ImplementationPlanningContinuous

Monitoring

Monitor security

program &

operations

Monitor IT

infrastructure

management

Recommend

continual program &

operations

improvements

Periodic assessment &

continuous advisory

support

Process Improvement

10

MCGlobalTech Positioning Statement• Managing security risks, compliancy to federal regulations and industry standards, classifying

information, IT governance and policy development, requires organizations to better understand

and control governance, processes, and security measure, while supporting existing business

operations.

• Organizations are starting to take steps to implement integrated solutions to address this need

and this trend is likely to continue or accelerate in the years to come. Therefore, an independent

Information Security Program Assessment should be performed to determine the organization's

security posture, security gaps, and necessary corrective actions.

Services offered to help you better manage your Security and IT Infrastructure:

• Security Governance, Risk & Compliance Assessment Services

• Enterprise Information Security Management Services

• Cloud Computing Security Management Services

• IT Infrastructure Management Services

11

MCGlobalTech Summary Cont.

Core Competencies

Governance &

Compliance

Enterprise Information

Security (EIS)

Cloud Computing

Security Services

IT Infrastructure

Management Services

IS Governance & Policy

Review

CIO / Director Level

Advisory

Develop / Review Cloud

Security Governance &

Policies

IT Infrastructure

Management Assessment

Security Strategy &

Process Development

Enterprise Information

Security Program

Implementation

Develop Cloud Computing

Security Program

IT Infrastructure Gap

Analysis

Federal Regulation

Compliance Assessment

(i.e., FISMA, NIST, GLBA,

HIPAA)

Enterprise Information

Policy Review

Perform Deep Dive Cloud

Security Assessment

IT Infrastructure

Management Planning

Industry Standards

Compliance Assessment

(i.e., PCI DSS, ISO

27001,2, ISA99, etc.)

Security Measure &

Controls Assessment

Against Industry Standards

Security GAP Analysis IT Infrastructure

Management Remediation

Security Measure &

Controls Assessment

Against Industry Federal

Regulations

Manage / Implement GAP

Remediation / Continuous

Monitoring

IT Infrastructure

Management Monitoring

/Improvement

12

Contact Us

Mission Critical Global Technology Group

1776 I Street, NW

9th Floor

Washington, District of Columbia 20006

Phone: 571-249-3932

Email: Info@mcglobaltech.com

William McBorrough Morris Cody

Managing Principal Managing Principal

wjm4@mcglobaltech.com mcody@mcglobaltech.com