Consulting Services

Threat and vulnerability determination for existing IT installations
Advice to customers on security technologies, including strengths and limitations, and proper usage procedures
Design analysis for new sites and new technologies to identify security requirements and plan for controls to contain risk
Privacy consulting to assess the trade-offs among privacy, security, functionaliity
Expert witness testimony in legal cases involving computer and information security, intellectual property, and forensics
Certification preparation, including matching security requirements to controls, and developing and presenting evidence of security enforcement, for government certifications, HIPAA, FISMA, and Gramm–Leach–Bliley compliance, and independent security audits for private industry
Training on fundamental security issues, such as authentication, integrity, denial of service, application software development, and cryptography; also training to pass the CISSP certification exam

Customers include military, civilian government, non-profit organizations, and commercial companies. For examples of consulting activities see here.