“Cybersecurity” has become the latest term used to describe the efforts to secure the systems and networks that compose “cyberspace”. Though typically used in the media to describe commercial systems connected to the public Internet, “cyberspace” also encompasses those military and government systems that are interconnected in global networks, both public and private. Thus, cybersecurity is typically thought of as it is defined by the National Institute of Standards and technology (NIST), “the ability to protect or defend the use of cyberspace from” attacks” targeting an enterprise’s use of cyberspace, for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.” This focuses security efforts on the systems and networks making up cyberspace, as well as the data contained within them. This tends to be a more technical focus than overall “information assurance”. Cybersecurity is primarily focused on preventing and/or defending against attacks to the current environment and active data.


Information Technology Solutions


RISA has proven experience providing IT and IT Management solutions to sustain your business operations. From Desktop Support Server Administration, Problem, Incident, Event and Root Cause Analysis we do it all. We provide experienced, certified subject matter experts that know their job.  Our team is focused on enhancing the user’s experience, listening and collaborating with stakeholders to transform ideas from concept to closure. RISA is particularly adept at:

  • Translating requirements into innovative, affordable solutions
  • Day-to-day operational and tactical aspects of managing multiple projects and portfolios
  • Meeting contract deliverables, and financial aspects of contractual support to the client
  • Stretching the team to meet new goals, establishing new thresholds through metrics, and process improvements


Our employees, routinely receive accolades from our clients and have been praised in recurring client spotlight publications such as the USSOCOM "SITEC Superstars" monthly announcement. 

Information Assurance


Information Assurance (IA) encompasses those activities defined as cybersecurity, but, it also extends to those activities necessary for planning, risk management and forming an information protection strategy. IA has come to be defined as “the technical and managerial measures designed to ensure the confidentiality, possession or control, integrity, authenticity, availability and utility of information and information systems”.  (PC Magazine) This tends to be a more long-term, strategic process. IA also includes the protection, labeling, handling and destruction of information that isn’t necessarily in the cyberspace realm. As much as it has been promoted and wished for, the “paperless” office has not become a reality for many organizations in the federal, state, and local governments; including within the DoD. There are still file cabinets full of paper still being generated daily. The management of that data is still necessary and is part of an overall information assurance plan.

When the DoD adopted the NIST’s Risk Management Framework (RMF) in March 2014, it refocused it’s efforts on cybersecurity, even mandating that the term “information assurance” be replaced by the term “cybersecurity” in it’s DoD Instruction (DoDI) 8500.1 that accompanied the adoption of the RMF. This change in focus is understandable, due to the increasing network-centric nature of the entire DoD.  Protection of the complex infrastructure that comprises the DoD’s Global Information Grid (GIG) is crucial and requires an active focus, both defensive and offensive. But there is also a need for other activities that are necessary, but, are longer term and strategic in nature, such as strategy, policy, and risk management. These fall within the domain of information assurance. The DoD even sought to encompass some of these with its own definition of cybersecurity, which is broader than the definition held by NIST and the Intelligence Community. DoD now defines “cybersecurity” as “Prevention of damage to, protection of, and restoration of computers, electronic communications systems, electronic communications services, wire communication, and electronic communication, including information contained therein, to ensure its availability, integrity, authentication, confidentiality, and nonrepudiation.” (DoD 8500.1)

At RISA, we understand not only those activities involved in cybersecurity, but, also the activities, processes and planning necessary to conduct total information assurance. We have the experience and expertise to assist in securing your environment, whether that environment is totally digital, or a mix of cyberspace and physical data.
Asset 12.png


  • Implement, manage, and support Enterprise software used to monitor, report and analyze security logs from multiple sources
  • Perform daily analysis of security Logs, DNS logs and Active Directory  for suspicious activity
  • Conduct vulnerability scans on systems and infrastructure
  • Provide IA support to integration/development efforts
  • Perform Information Assurance Vulnerability Alert (IAVA) Tracking and Management
  • Monitor network intrusion detection and prevention systems and analyze their data output
  • Develop reports and trend analysis documentation on bandwidth, network architecture, as well as network security incidents.
  • Implement virtual private network (VPN) software (IPSec) and hardware solutions
  • Respond to and thoroughly investigate security-related incidents or events of interest
  • Assist in the correlation of multiple security events producing a complete analysis of the events, including trend analysis which could indicate a common categorization of events while working with other DoD agencies such as JTF-GNO, GNSC, NSA, etc., involved in protecting the GIG
  • Identify and address internal and external network security, information assurance, and counterintelligence threats. 
  • Provide the expertise to monitor, investigate, remediate and protect all networks against malicious intrusion, security incidents and cyber attacks.
  • Prevent, mitigate or block security events as they are identified (This includes locating, analyzing and capturing data in a forensically sound fashion)
  • Identify unauthorized active programs running on network(s) to include peer-to-peer communications, covert channels and alternate data streams
  • Provide support for the sanitization of data “spillage” and “contaminated devices” to the level defined by DoD and NSA standards
  • Host-Based security System (HBSS) monitoring
  • Secure SharePoint Servers
  • Risk Management Framework (RMF) Services
  • Vulnerability Management System (VMS) support


From scanning and securing systems, to risk analysis and management, RISA personnel have assisted our customers in securing their critical systems, infrastructure and data. Contact us so that we may assist in your efforts to protect your environment and your data.