KLC Case Studies
We are experts in computer forensics, and we provide comprehensive incident response and analysis services. When electronic invasion occurs we:
- 1. Evaluate the type of attack to accurately identify its origin,
- 2. Contain the attack so that it cannot affect other systems, and
- 3. Provide step-by-step analysis and incident documentation.
- See the full case studies...
Disaster Recovery Services
The KLC IV&V Team started the project by analyzing the mission and the objectives of the client organization, and works closely with the CIO’s staff to understand the complexity of the project. Based on the objective, mission, and complexity, the KLC IV&V Team worked with the client to draft the scope of the Disaster Recovery Study project.
The project required thorough understanding of FISMA and federal and NIST requirements such as NIST Special Publications 800 series (800-30, 800-34, and 800-53), FIPS 199, and FIPS 200. Based on the NIST 800-53, the KLC IV&V Team worked with the CIO’s staff to gather the risk rating for each in-scope system using the client's confidentiality and risk rating standards. The KLC IV&V Team guided the client’s staff and determined the risk rating of each application under different risk categories including confidentiality, availability, integrity, reputation, and organizational impact.
Information Assurance Performance Management
KLC Consulting, Inc. provisions of integrated service, configuration and performance management for SMA’s on the IASE Portal on NIPRNET and SIPRNET, DKO and DKO-S to improve and maintain operational capabilities, and reduce the risk of service delivery failure. Tasks involved project management, independent review, implementation, Certification and Accreditation (C&A), ST&E, and IV&V. In addition, update the IASE content to maintain its currency with evolving DoD IA policies, threats, vulnerabilities, emerging issues, new procedures, and meeting Section 508 compliance.
- - High Assurance Internet Protocol Encryptor (HAIPE)
- - Ports, Protocol, and Services Management (PPSM)
- - Security Technical Implementation Guides (STIGs)
- - DoD IA Training
- - DISN Accreditation Security Working Group (DSAWG)
- - GIG IA Architecture
- - DoD Enterprise IA Tools
- - DoD Public Key Infrastructure (PKI) / Public Key Enabling (PKE)
- - Computer Network Defense (CND)
- - Cross Domain Solutions (CDS)
- - DITSCAP/DIACAP
- - IA Workforce Improvement Program (WIP)/8570/IA WIP Advisory Council
- - Wireless Security
HIPAA Security Assessments & Reviews
The KLC Consulting Independent Verification and Validation (IV&V) Team was hired to perform a HIPAA security review for a client and a web application forensics analysis. The purpose for the HIPAA project was to evaluate the compliance of Federal HIPAA security regulation. The purpose for the web application forensics project was to gather all the available evidence, correlate the available activity logs, analyze the impacted application, operating system, and database, and then determine if any personally identifiable information was compromised.