Insider Threat / Cybersecurity

GEM’s Insider Threat (InT) experts provide in-depth knowledge of creating Insider Threat programs from small programs to large (over 300k personnel) for the Federal government or private industry that meet or exceed national standards. Our InT team understands the threat from the insider prospective and provides invaluable insight into mitigation measures. Our team has years of experience, working hand-in-hand with well-known, nationally recognized Insider Threat programs in the Federal government, along with private industry. Additionally, our team has certifications from Carnegie Mellon University’s Software Engineering Institute, NITTF, and Department of Defense. Our leaders provide a full life cycle of project management services, from origin to continuing support and improving, by focusing on national standards and providing a project delivery that is on schedule, within budget, and compliant with agreed-upon standards and capabilities.

• PROGRAM MANAGEMENT OFFICE (PMO) – FROM INCEPTION TO INITIAL OPERATING CAPABLE (IOC) TO FULLY OPERATIONAL CAPABLE (FOC)
• NISPOM 2 INSIDER THREAT PROGRAM DEVELOPMENT INSIDER THREAT PROGRAM EVALUATOR – EVALUATE TO NISPOM 2 AND NITTF STANDARDS.
• ADVANCED ANALYTICS TECHNICAL CONTROLS – NIST 800-53V4800-171 COMPLIANCE
• SYSTEM INTEGRITY AND PENETRATION TESTING
• INCIDENT RESPONSE PLANS – CONOPS, TRAINING, SOPs
• TRAINING AND AWARENESS
• BEHAVIORAL OBSERVATIONS – TRAINING InT BEHAVIORAL TRENDS
• PHYSICAL SECURITY MEASURES AND ASSESSMENTS – COMBINING PHYSICAL, TECHNOLOGY AND POLICY TO MAKE ONE WHOLE INSIDER THREAT PROGRAM.
• COUNTERINTELLIGENCE/WEAPONS OF MASS DESTRUCTION ANALYSIS

GEM has contributed to the development and implementation of national, state, and local security policy for physical protection of

• Cyber Strategy Development, Implementation, and Operations
• Vulnerability and Risk Assessments and Reports
• Systems Analysis and Design
• Data Collection
• Threat Analysis
• Security Architecture Analysis
• Security Investigations and Forensic Analysis
• Policy Development
• Training and Awareness
• Security Architecture Analysis
• Continuous Network Monitoring
• Application Security
• Network Penetration Testing (Blue and Red Teams)
• Review and Analysis of Real-Time Cyber Audit Events
• Cybersecurity Strategy Development, Implementation, and Operations
• Cybersecurity Training and Awareness

GEM has contributed to the development and implementation of national, state, and local security policy for physical protection of

• Counterintelligence / Counterterrorism Analysis & Investigations
• Strategic Threat Assessments
• Scientific Consultation
• Cybersecurity Services
• Information Security Services
• Network Security Services
• Insider Threat Program Planning & Execution
• CI/CT Inspections and Training
• Behavioral Assessments & Polygraph Services
• Technical, Physical, & Operational Security
• Vulnerability Analysis & Assessments
• Emerging Technologies & Programs Evaluations
• Analytical Tools Development & Deployment
• National & International Liaison, Outreach, and Engagement

A disciplined program management approach enables our clients to bridge gaps between tactical time pulls and the goals of a strategically oriented, business focused security program. For any size organizations, whether you have a security staff or not, the GEM Cybersecurity Program Management concept provides a model for obtaining the necessary program management services. To escape day-to-day fire drills, a business must establish a framework for its security program, such as the widely adopted NIST Cybersecurity Framework (CSF). The CSF focuses Cybersecurity decision making as a function of business risk and defines the major functions of a Cybersecurity program as Identify, Protect, Detect, Respond and Recover. Our approach provides a set of control for activities with desired outcomes within each function. The Identify function specifies business priorities. Before making security investments, a business must understand what its information and system assets are, what their criticality to the business is, what their vulnerabilities are and what risks they can pose to ensure their programs are accomplishing their objectives efficiently through appropriate management techniques and approaches.

To ensure that our clients have the elasticity to scale in this dynamic environment where threats are constantly changing and evolving, a proactive, unified approach across the enterprise is essential. From technology tools and integration to the critical human factor skills and behaviors, each element is paramount to the other for success of the cyber mission. Our comprehensive training programs will ready your team for not only today, but also always looking and preparing for what may be around the corner.

GEM Security experts have extensive experience in the authoring, derivative classification of, handling, and protection of high-quality, site-level classified documentation for submission to DOE and NRC. Our staff has an extensive knowledge base of safeguards and security programs across a broad spectrum of security disciplines. GEM can apply this extensive background with DOE and the Nuclear Regulatory Commission to other Federal agencies and their contractors using the Interagency Security Committee Standards to determine the facility security level, associated risk, and identify countermeasures to achieve the desired level of protection. GEM Security Specialists have extensive experience in conducting security reviews and analysis at electrical power plants to meet North American Electrical Reliability Corporation/Federal Energy Regulatory Commission (NERC/FERC) security requirements and the implementation of Interagency Security Committee Standards at other Federal facilities. GEM provides the following specialized support for the Design Basis Threat implementation:

• IDENTIFICATION AND CHARACTERIZATION OF ASSETS AND ASSIGNMENT OF APPROPRIATE PROTECTION LEVELS, APPLYING A GRADED PROTECTION OF THESE ASSETS.
• PERFORM OR ASSIST IN THE IDENTIFICATION, SCREENING, AND ANALYSIS OF SITE CHEMICAL ASSETS.
• PERFORM OR ASSIST IN THE IDENTIFICATION, SCREENING, AND ANALYSIS OF RADIOLOGICAL SABOTAGE DISPERSAL TARGETS.
• ASSIST WITH CONDUCTING OF VULNERABILITY ASSESSMENTS FOR HIGH-CONSEQUENCE NUCLEAR ASSETS, WHICH ARE IDENTIFIED AS PROTECTION LEVEL (PL) 1 THROUGH PL-4.
• DEVELOP SECURITY RISK ASSESSMENTS FOR THE ASSETS THAT ARE CATEGORIZED AS PL-5 THROUGH PL-8.
• DEVELOP ORDER EQUIVALENCIES OR EXEMPTIONS THAT MAY BE REQUIRED, INCLUDING ASSOCIATED SECURITY RISK ASSESSMENTS.
• CONDUCT SPECIAL NUCLEAR MATERIAL (SNM) ROLL-UP ANALYSIS.
• ASSIST WITH THE DEVELOPMENT OF SECURITY FORCE DEPLOYMENT/TACTICAL RESPONSE PLANS AND AN OVERALL PROTECTION STRATEGY IN RESPONSE TO THE DBT IMPLEMENTATION.
• EVALUATE THE SITE PERFORMANCE ASSURANCE PROGRAM TO ENSURE IT MEETS THE INTENT AND IS IN COMPLIANCE WITH THE NEW GUIDANCE.
• DEVELOP A COST-EFFECTIVE MITIGATION PACKAGE AND IMPLEMENTATION SCHEDULE.
• ASSIST IN THE DEVELOPMENT AND/OR UPDATE OF SITE PLANS AND PROCEDURES TO DOCUMENT DBT IMPLEMENTATION.
• PROVIDE A COST BENEFIT ANALYSIS FOR IDENTIFIED MITIGATION ASSOCIATED WITH DBT IMPLEMENTATION.
• DEVELOP DOCUMENTATION FOR SUBMISSION FOR APPROVAL OF THE SITE SAFEGUARDS AND SECURITY PROGRAM DBT IMPLEMENTATION.
• COORDINATION WITH APPROPRIATE AGENCIES TO DETERMINE LOCAL THREATS AND WITH OFF-SITE EMERGENCY RESPONSE ORGANIZATIONS.