Questions About Our IT Consultancy?
Why Enterprise IT Consulting Services Are Necessary for Businesses?
Who Are IT Consultants and What Do They Do?
What IT Consulting Services Do We Offer?
As an organization focused on the safe and effective use of information technologies and cyber security, we provide:
- Data Collection, Organization, Analyses, and Protection
- Risk Identification, Mitigation and Management Plans and Execution
- Technology Environment and Vulnerability Assessment and Testing
- Intrusion, Virus and Malware detection
- Security Identification Event Management (SIEM)
- Security Framework Adoption (HIPAA, PCI-DSS, NIST & ISO)
- Firewall Configuration and Monitoring
- Network, Server and Storage Design and Administration
- Advanced Active Directory Administration
- Cloud, Hybrid or On-premises Virtualization
- E-commerce Setup and Configuration
- Unified Communications and VoIP Management Solutions
- Email Protection, Security and Configuration
- Cyber Security Employee Education and Training
- Project Management (Migrations, Upgrades, & New Setups)
- Virtual and Consulting Cyber Security Officers
What Industries Does The Lyon Company Support and Have Experience With?
As an organization we have deep experience working with clients across virtually all types of organizations, including:
- Retail
- E-commerce
- Healthcare
- Medical Device
- Manufacturing
- Supply Chain
Why Choose Our IT Consulting Company?
Does The Lyon Company Replace In-House IT Staff?
Questions About Cyber Security?
What is Cybersecurity?
What is HIPAA HITECH?
What is PCI DSS?
Does Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations Apply to my Orgainization?
Any organization that handles CUI data and does business with the Department of Defense (Do) (either as a prime or subcontractor) are required to comply with Defense Federal Acquisition Regulations Supplement (DFARS) clause 252.204.7012 (Safeguarding Unclassified Controlled Technical Information) as of December 2017. Compliance with NIST SP 800-171 satisfies the DFARS clause requirement.
Full compliance with NIST SP 800-171 requires creation and maintenance of the following documentation (also known as artifacts): System Security Plan (SSP), and Plan of Action and Milestones (POA&M).
The SSP illustrates your CUI system environment (to include system description, system environment diagram, and full hardware/software inventory) and details how thoroughly your organization currently implements each of the 110 required security controls contained within Chapter Three of NIST SP 800-171.
The POA&M contains a list of all security controls that are not fully implemented within your CUI system environment and includes both associated fix actions and estimated completion dates.
Following initial creation, the SSP must be reviewed and updated at least annually to maintain compliance. Further, the POA&M should be updated both quarterly to record progress made towards control implementation and annually when updating the SSP.
Why Do I Need To Worry About Data Security If I Have Insurance?
What Are The Common Cybersecurity Risks?
The latest cybersecurity threats are putting a new spin on “known” threats, taking advantage of work-from-home environments, remote access tools, and new cloud services. These evolving threats include:
- Malware
- Ransomware
- Phishing / Social Engineering
- Insider Threats
- Distributed Denial-Of-Service (DDoS) Attacks
- Advanced Persistent Threats (APTs)
- Man-In-The-Middle Attacks