cyber security
Comprehensive Protection
CyberSecurity: Ensuring Mission Success
Our platform agnostic objective is to protect your organization against threats. We establish data governance processes to ensure data elements are sound and secure from theft, corruption, natural disasters, or unauthorized activity while allowing the information and property to remain accessible and productive to its intended users. Our clients have grown to depend on and trust GAMA-1 Technologies to protect their digital information, manage risk, and manage privacy concerns wherever personal identifiable information is collected, stored, or used.
Our team of CTR 006 certified professionals provides security guidance and services to federal clients throughout the System Development Life Cycle (SDLC) utilizing the Open System Interconnection (OSI) model that defines a networking framework to implement protocols in seven layers (application, presentation, session, transport, network, data link, physical).
We provide an agile project management approach to prioritize security tasks to deliver comprehensive defense in depth best practices to protect your data containing sensitive information that has the potential to fall into the wrong hands.
Our CyberSecurity Services
Information Assurance (Business) Services
- System Risk Assessment
- Auditing, Assessment and Authorization (A&A)
- Governance & Reporting
- Compliance Frameworks (Federal Information Security Management Act [FISMA], NIST 800 publications standards, [SP 800-53, Rev 4 / Rev 5, SP 800-53A, and RMF – SP 800-37, Rev 2])
- Development of System Security Plans (SSPs)
Contingency Plans (CPs)
Security Impact Assessments (SIAs)
Business Impact Assessment (BIA)
Risk Assessment Reports (RARs)
Federal Information Processing Standards (FIPS) 199 security categorization
FIPS 200 minimum security controls
Configuration Management Plans
Incident Response Plans
Rules of Behavior (RoBs)
Service Level Agreements (SLAs)
Memorandum of Understanding (MOUs)
Inter-Service Agreement (ISAs) - Management / remediation of Plan of Action and Milestones (POA&M)
- Respond to data calls and requests for information – FISMA, DHS, DOC, NOAA, and NOAA Line Offices and Programs
- Information System Security Official (ISSO) support -Technical/Non-Technical Support
- IT organization change management framework
- Planning, budgeting using Project Management Book of Knowledge (PMBOK)
- Monitor and measure to determine effective security protections
Information Security (Technical Applied) Services
- Intrusion detection / forensics for operating platforms, products, and technologies (Linux, Cisco, Microsoft, Juniper, Apple, McAfee, ECMO, IPS/IDS, Arcsight BigFix, Tenable.sc)
- HSPD-12 support and services
- Evaluation of various technologies and products
- Configuration management
- Provide security architectural considerations and recommendations
- Design secure cloud architectures and services
- Facilitate cloud provisioning and orchestration; Azure, AWS, and Google
- Assess new technologies and guide, implement on-premise, cloud, or hybrid environments
- Provide FISMA compliance for cloud services; FedRAMP, EINSTEIN, TIC 3.0, VPN connections, cloud broker connections, direct connections, managed trusted internet protocol service (MTIPS), G-suite, internet of things (IoT), virtual LANs (VLANs), cloud access security broker (CAS), McAfee MVision, and mobile computing device management
- Hands-on cyber security monitoring tools experience
Application, network, technical team testing - Security best practices such as: defense in-depth; least privileges; access controls; and, encryption
- Maintain IT processes methods and tools for log analysis (Arcsight)
Cyber Security (Technical Applied and Theoretical) Services
- Penetration Testing (Web, Network, Application, Hardware, War-dial, Physical, Social Engineering)
- Vulnerability Scanning
- Malware Analysis
- Network Forensics
- Reverse-engineering and custom software solutions to find new exploits
Data Protection Services
- Secure data against unauthorized access, end -to-end encryption
- Data governance technical processes to ensure data elements; both the content and metadata are secure
Data Privacy Services
- Access Authorization –
Data stewardship and ownership roles definition - Legal – Homeland Security President’s Executive Orders, Presidential Directives, DHS Secretary Binding Operational Directives (BODs), Office of Management and Budget Memoranda
Security Program Experience
As a trusted NOAA partner, GAMA-1 Technologies provided end-to-end Information Assurance, Information Security, Cyber Security, and Data Protection / Privacy Services for five Program Offices and all systems within the National Weather Service (NWS) Annual Assessments (A&A) contracts. Through GAMA-1’s NWS contract, we managed and developed an IT security program and operational environment which involved assessing, analyzing, monitoring, and mitigating risks.
For FY2019 our Information Security Assessment and Authorization (A&A) Specialists supported an enterprise-wide service performing 19 standardized, reliable, and high-quality annual assessments for all the NWS FISMA high, and moderate systems, to include 13 penetration tests for 5 high, and 8 moderate FISMA systems. We complied with NOAA’s Risk Management Framework (RMF), FISMA, DOC, NOAA, and NWS IT standards and security policies. GAMA-1 ensured consistency of our product and service, which is key to our customer satisfaction. The A&A team conducted assessment findings reviews sessions to ensure that the identified findings, vulnerabilities, threats, threat agents, existing safeguards, consequences, recommended mitigation tasks, procedures, and processes are executed exactly as intended. Our 30+ CISSP certified professionals ensured that all 25 high, moderate, and low NWS FISMA systems were compliant with federal requirements and guidelines by providing FISMA continuous monitoring support such as annual reviews and recommendations on system security documentation including but not limited to IT security policies and procedures, System Security Plans, Configuration Management Plan, Contingency Plan and Test, Incident Response Plan, PTA/PIA, etc., we managed a corrective Plan of Action & Milestones (POA&Ms) and any FISMA related guidance to NWS ITSOs and ISSOs.
We facilitated planning for business continuity / disaster recovery, certifying and accrediting systems, security technical assessments, monitoring security, reporting / responding to incidents, and taking corrective actions. Our Security engineers work with the CISOs, ITSOs, and ISSOs to successfully manage and architect IT security services across the agency. We ensured secure operations for IT infrastructure, networks, applications, databases, equipment, and assets. We performed the required system security scans to assess vulnerabilities and to ensure the proper “hardening” to protect against potential threats. We have worked with our customers to address the ever-expanding IT Security threat landscape. We instituted security programs that provided the controls and a solid basis of proven security measures from industry best-practices, such as, ensuring that applications identify and follow security requirements; implementing multi-layered perimeter defense; hardening internal resources; securing Personal Identifiable Information (PII); and instituting HSPD-12 within an effective security risk management structures.
for more information about Cybersecurity
Vice President, Operations
Dan Beall
for more information about working with GAMA-1
Vice President of Business Development
Gerald Stark
Customer and Consultant testimonials
From our Clients and Partners:
Our Clients
Supporting our clients' missions
GAMA-1 News
GAMA-1 to Present Innovations in FAIR Data and Wildfire Forecasting at AMS 2025
Greenbelt, MD – November 2024 GAMA-1 Technologies is excited to announce its participation in the upcoming American Meteorological Society (AMS) Annual Conference in January. As
GAMA-1 Technologies’ Senior Graphic Designer, Josh Brady, Honored with LEO Award for Outstanding Communications Contributions
Greenbelt, MD – November 2024 In recognition of his exceptional contributions, Josh Brady, GAMA-1 Technologies’ Senior Graphic Designer, has been awarded the prestigious LEO Award.
GAMA-1 Technologies Wins NMITS Web Design Task Order for NOAA’s Great Lakes Environmental Research Laboratory
Greenbelt, MD – September 2024 GAMA-1 Technologies, a trusted NOAA partner, is proud to announce its NOAA NMITS IDIQ Task Order win to continue providing