Cybersecurity in the U.S.

Assessing the risk. Protecting the business.

U.S. public and private sector organizations have a large and evolving set of information assets and operations with different levels of risk and vulnerability. The proliferation of cloud, mobile and Internet of Things further extends the complexity of the environment that needs protection. These resources may be susceptible to both internal threats, such as disgruntled employees, and external threats, such as malware, identity theft rings, hacktivists and more.

Protecting sensitive assets and ensuring business continuity is essential to the digital enterprise. Particularly as increased connectivity and data sharing bring new vulnerabilities, customers and citizens need assurance that their personal information is safe when they engage.

CGI delivers robust cybersecurity products and services to help clients meet these critical challenges:

  • Security consulting – providing strategy and roadmap, risk assessment plans, policies and procedures development, training and organizational change management for building cultural change into ways of working
  • Security systems integration and implementation  helping clients implement and operate security systems and tools, including security information and event management (SIEM) systems, web content filtering tools, and continuous diagnostics and monitoring (CDM)
  • Identity and access management (IAM) Helping clients implement stronger controls and more effective access management to avoid data loss and comply with stringent regulations, such as the Statement on Standards for Attestation Engagements No. 16 (SSAE16), by ensuring user access is limited to the data, systems, functions, accounts and transactions deemed appropriate to their roles. Our IAM solutions include specialized biometrics support for law enforcement, homeland security and military organizations.
  • Security operations centers (SOCs) – providing managed security services to include 24/7 systems monitoring, real-time reporting and immediate action on suspicious activity, whether on client premises or at CGI-managed SOCs, helping clients bridge the gap in security talent
  • Application security  drawing on more than a decade of experience, from design and test to remediation and deployment, including cryptographic key management for high-value business processes
  • Governance, risk and compliance. Since threat actors exploit weaknesses in technology as well as gaps in procedural safeguards, we help clients address security as part of the larger risk management strategy, with strong governance throughout the enterprise. Compliance is a critical feedback loop to ensure everyone is aligned, and programs are regularly reviewed and adjusted.
  • Data collaboration and insight. This sharing enables proactive threat landscape assessments, monitoring and response. CGI helps clients use data correlation and analytics to uncover risks and threats more efficiently and effectively. At our SOCs, security teams participate in threat intelligence consortia to understand changing threats, and integrate their own analytics with cross-industry data