i2ACT - Cybersecurity is an ever changing problem that often results in dire consequences in terms of reputation and financial liability if not done properly.
Do you know which regulations apply to your industry and business?
Do your people know what regulations and practices must be followed on a daily basis?
Do you know what to protect, what hardware or software you need, and what security measures you must plan for?
The amount of regulations and guidelines for cybersecurity is fairly robust. We find that most executive and information technology leadership do not have the time nor resources to research, plan, and implement substantial cybersecurity practices and documentation.
Imprimis, Inc. has developed Assessment and Compliance Tools, known as the i2ACT suite. These intelligent tools allow you to easily navigate the regulations pertaining to your industry, document your progress, and ensure your teams preparedness for internal and external audit successes.
Our first tool deals with the security architecture developed by NIST (National Institute of Standards & Technology) contained in the Special Publication 800 series in response to the requirements defined in the FISMA (Federal Information System Management Act). Our tool, the Imprimis Assessment and Compliance Tool (i2ACT-800), includes all security controls contained in NIST SP 800-53 and fully support cyber requirements specified in the Defense Federal Acquisition Regulations Supplements DFARS 204.7303 (prescribing) / 252.204-7012 (Federal Register /Vol. 78, No. 222 /Monday, November 18, 2013 /Rules and Regulations 69281), and the Federal Information Processing Standards (FIPS), and supports the Risk Management Framework (RMF) now being adopted by the Department of Defense as a replacement for the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP). The i2ACT-800 will be able to support all 800-53 based requirements, and more.
The Second product supports the utility infrastructure addressing the standards defined by the North America Electric Reliability Corporation (NERC). The i2ACT-NERC supports compliance with NERC-CIP 5.0 addressing critical infrastructure protection (CIP) requirements. The i2ACT-NERC supports all 14 categories of the NERC Mandatory Standards Subject to Enforcement.
The tools provide great productivity improvements cutting the labor requirements for compliance with automated device loading, focused control examination, automated reporting, and maintaining an accurate record during sustainment. The next audit (i.e. the second and beyond) require a quick update and verification (if maintained properly during sustainment) greatly reducing the effort for subsequent compliance audits. The payback period for the tool will occur early in the first compliance effort and all savings beyond accrue to the user.
The i2ACT-800 was developed by Imprimis out of necessity. Internalizing, understanding, organizing and ultimately complying with the controls used in NIST SP 800 was an overwhelming task – and we are an IT company! Our language changed during this process - the way we frame requirements now reflects the family of controls. Our IT staff and our employees adopted behavior that reflects the need for security in the cyber domain. i2ACT-800 was born out of a need to solve our compliance problems. This is one of the major reasons it is so effective and valuable to all users.
A huge benefit is the productivity afforded by the tool. But other important benefits should not be ignored. Focus: working on the productive tasks will yield the best results. Quality: training, explanations and understanding will result in much better solutions. These steps result in improved security. Click here to learn more.