Security Advisory Consulting

Consulting expertise to help you solve your toughest cybersecurity challenges

Description:

For over 30 years, MCNC has been driven by a desire to help North Carolina’s education community address their most pressing technology challenges.  We’re leveraging our deep experience and expertise in technology and cybersecurity to help our community members protect their digital assets. From online teaching and learning, to student services, to advanced research capabilities, technology powers all aspects of how MCNC’s community members get things done.  This increased reliance on technology means that cybersecurity is critically important. Organizations that cannot protect their digital resources will struggle to operate effectively and efficiently.

MCNC provides a variety of consulting services to help you address cybersecurity challenges.  Here are a few of the services that we provide:

  • Cybersecurity Program Review
    We will evaluate your existing cybersecurity program, including current security policies and procedures, security controls, governance structures, and risk factors impacting your organization. Then we tell you what looks good and what needs work. Using this information we help you build a plan to improve your security posture that prioritizes addressing the most critical cyber risk areas. Note that this engagement does not include testing the effectiveness of existing cybersecurity controls.
  • Cybersecurity Risk Assessment
    Our Risk Assessment builds off of our Cybersecurity Program Review to include testing the effectiveness of your implemented security controls.  We can then differentiate your perceived security posture versus your actual security posture, and we will help you identify areas of risk and targets for improvement.
  • Audit Finding Remediation
    Been through an audit and need help remediating issues?  We can evaluate the results of the audit and help you develop and implement a plan to address the findings.
  • Application / System Security Testing
    We can test your systems and / or applications to identify security issues that may be exploited by attackers.  This includes systems hosted on your network as well as systems / applications hosted in the cloud.
  • Security Policy Creation
    Need help creating security policies for your organization? We can create a policy set from scratch aligned with industry standard frameworks or we can create a custom policy in a specific area based on your needs.
  • Security Technology Evaluation
    Are you considering implementing a specific security technology (endpoint protection, encryption, IDS/IPS, SIEM, next-gen firewall, etc.) and need help figuring out what you should purchase?  Our team can provide guidance on established players and “up and coming” vendors that are doing interesting things. We can help you perform technical evaluations in a structured manner to help you make smart buying decisions.
  • Staff Augmentation
    Most organizations struggle with hiring and retaining staff with cybersecurity expertise.  MCNC’s team of security experts can work alongside your existing personnel to augment your security capabilities.  We can help fill gaps in your existing security team, or work as a “virtual CISO” or “fractional CISO” to provide cybersecurity leadership.  Our team is available for short-term or long-term engagements to help you improve your security posture.
  • Other Areas
    MCNC’s consultants are available to assist with a variety of other technical and non-technical cybersecurity needs.  Contact us and we’ll be happy to discuss how we might we can help create a customized work plan that fits your specific needs.

Eligibility and Requirements of Service

Customer must be a public sector or non-profit organization in order to be eligible for this service.

Pricing:

At MCNC, we know that finding cybersecurity expertise at affordable rates can be challenging.  We want everyone in our community to have access to knowledgeable, experienced cybersecurity professionals to help improve their security posture.  Some of our engagements have standard pricing and others are priced after we agree on a scope of work and determine the level of effort required.

As a non-profit, our motivation is different than many commercial providers of consulting services.  That doesn’t mean that we will always have the cheapest price. But we do work hard to keep our rates low and by developing creative pricing strategies. If you are looking for assistance on cybersecurity issues, we encourage you to contact us and see how we can help!

To inquire about new service, please submit a web request.