Intelleges’ innovative approach helps government contractors assess their cybersecurity strengths
As the federal government now requires defense contractors to assess the security of their information technology systems, a New York company has come up with an innovative way to help those companies evaluate their systems and identify opportunities for improvements and enhancements.
Intelleges is a New York-based company that provides proprietary software to corporate leaders and government agencies that need to collect data and documentation for a variety of reasons. through a proprietary solution that allows its clients to develop customizable questionnaires and store the results and documents gathered in a FedRAMP certified cloud-based system.
Last fall, the Department of Defense’s Federal Acquisition Regulation (FAR) supplement issued new guidelines requiring contractors and their subcontractors to safeguard sensitive defense data that it stores or handles. As defense contractors began to evaluate how they were protecting that critical information, some began reaching out to Intelleges to help them. That led to the development of the company’s Stacked Information Technology Cybersecurity Assessment Maturity Model (SIT-CAMM).
John Betancourt, the company’s founder, said the company has been doing this work for its existing clients for more than 15 years, but now with the government’s new regulation regarding cybersecurity, it’s essential that all government contractors – as well as other organizations that handle sensitive personal data such as an individual’s credit cards or personal health records – get an assessment as quickly as possible.
As part of the Intelleges’ assessment system, the company created a matrix to determine a company’s strengths when it comes to IT security. The system, which is based on the Capability Maturity Model Integration scale, evaluates companies across 15 areas related to information technology. SIT-CAMM uses NIST and ISO 2700 standards in developing the questions for the assessment. Those questions are tailored specifically for each company. Among the items SIT-CAMM assesses includes: a company’s IT usage, its business process management, its regulatory compliance and its training program.
“Using our proprietary software, we can create and distribute a series of electronic questionnaires designed to determine software, hardware and network usage, compliance, mission alignment, satisfaction levels, usability, and cybersecurity compliance,” Betancourt said. “These questionnaires will provide insight into possible strengths, weaknesses, opportunities and threats (SWOT) that the IT department will need to address.”
Companies then receive a rating based on where their assessed areas stand. Companies that are just beginning to identify their needs may be assessed at a Level 1, while those who have fully optimized their departments may receive a Level 5 rating.
As part of its assessment, Intelleges will work with companies and identify ways to improve their scores in certain areas. That includes developing recommendations based on industry best practices. Those recommendations will help companies establish their own procedures, and then they can set realistic benchmarks to evaluate their performance against those standards.
Intelleges delivers the recommendations to the organization’s CIO in a report similar to an audit. The recommendations are prioritized to highlight the most critical findings that put the company in serious risk. In addition, Intelleges can bring in a partner company that provides intrusion detection consulting to give IT leaders and other decision makers greater peace of mind regarding their systems.
“These reports are specifically intended for managers responsible for the day-to-day decision making and long-term strategic planning,” Betancourt said. “It also designed to be used by corporate leaders as they seek to improve their knowledge and understanding of their internal IT departments.”
Betancourt offers more than 20 years of high-level professional IT and software development experience. He started by developing an interest rate forecasting tool for the U.S Bureau of Labor Statistics. He’s also worked as the chief software architect for the Federal Reserve’s New York office. He worked there until he started Intelleges 16 years ago.
It’s not just companies working with the federal government that need to consider requesting a SIT-CAMM for their organization. Betancourt said any company that handles sensitive data needs to find a way to safeguard themselves from potential attacks and the lawsuits and hefty civil fines that can come about because of them.
For more information on how Intelleges can help your company better understand its IT security needs, go to Intelleges.com.