TalaTek Capabilities Statement

Talatek helps organizations manage cyber risk, strengthen security, and ensure privacy.

TalaTek is a wholly owned subsidiary of CISO Global, dedicated to delivering independently and impartially our services in risk management, cybersecurity, compliance, continuous monitoring, security architecture and engineering, readiness and resiliency, and managed services. We are a Federal Risk and Authorization Management Program (FedRAMP)-accredited third-party assessment organization (3PAO) and are also accredited by the American Association for Laboratory Accreditation (A2LA) to conduct security controls assessments for cloud systems and to provide advisory services to cloud service providers. In addition, we are a certified third-party assessment organization (C3PAO) authorized by the Cybersecurity Maturity Model Certification (CMMC) Cyber AB to perform assessments required by the U.S. Department of Defense, and we are listed on the Cyber AB marketplace.

We are also an AWS Validated Public Sector Partner.

TalaTek has the following:
• GSA MAS SINS: 518210C, 54151HACS, 54151S
• NAICS codes: 541511, 541512, 541513, and 541519
• ISO/IEC 17020: 2012 Certified

TalaTek Approach

TalaTek offers expert advisory services in risk management, security, assessment, and compliance. We help organizations strategically protect their data based on business risks and meet ever-expanding regulatory compliance requirements. We deliver high-quality IT security and risk management based on National Institute of Standards and Technology (NIST) Special Publications (SP) 800-53/800-171, NIST Cyber Security Framework (CSF), and ISO 27001, to name a few.

We specialize in implementing compliance frameworks and solutions to meet Federal Information Security Modernization Act (FISMA), Health Insurance Portability and Accountability Act (HIPAA), and various privacy standards and other regulations for our clients.

Combining our team’s security analysis and architecture expertise with our understanding of compliance and regulatory standards, we work tirelessly to deliver accurate, thorough, and detailed assessments and strategic advice to our customers. Our staff bring decades of experience in all aspects of information security, with certifications including Project Management Professional (PMP), Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security and Network +, and AWS certifications.

Our corporate clients rely on TalaTek’s strategic approach to IT security, risk management, third-party supply chain management, data loss prevention, and disaster recovery.

Thanks to our track record of success at federal agencies, our government/public sector clients turn to our expertise in risk management, governance, and compliance, citing our detailed approach, thorough understanding of their business, and outstanding quality of work.

TiGRIS: FedRAMP-Accredited SaaS GRC

Our TalaTek intelligent Governance and Risk Integrated Solution (TiGRIS) is a cloud-based platform that is a FedRAMP-authorized managed software-as-a-service (SaaS). TiGRIS delivers efficient and highly scalable services that ensure high quality, consistent, and repeatable delivery across multiple systems, standards, and regulatory requirements for a holistic risk management approach.

3PAO Advisory Services

As 3PAO advisors, we can provide cloud architectural review and development support to ensure each client’s SaaS solution is designed and implemented from the ground up to meet FedRAMP’s rigorous security requirements.

As an A2LA-accredited 3PAO that has undergone the rigorous FedRAMP process as a Cloud Service Provider as well as a 3PAO, we understand the regulations, frameworks, controls, and processes necessary to achieve and maintain FedRAMP authorization. We assist our clients in preparing their FedRAMP Security Assessment & Authorization (SA&A) package and perform the required continuous monitoring tasks so the SaaS achieves FedRAMP certification and continues to maintain its authorization.

C3PAO Assessment and Advisory Services

As a C3PAO, we assess the core components of our clients’ Level 2 environment: their defined CUI boundary, whether they follow the 110 NIST SP 800-171 Rev. 2, practices, and if they have complete documentation/evidence to show they do. Our assessments follow the CMMC assessment process. We also provide CMMC advisory services to help organizations seeking CMMC certification to prepare for their CMMC audit, including Basic Readiness, Full Advisory, Audit Support, Mock Audit, and Gap Assessment.

AWS Cloud-Based Architecture

TalaTek cloud engineers are AWS professionals who specialize in designing and implementing state-of-the art, cost-efficient, and secure cloud-based systems. Our architecture review takes a deep dive into an organization’s cloud-based architecture, advises on potential areas of inefficiency and vulnerability, and provides actionable remediations to address those issues. We also offer guidance and suggestions on deployment solutions to help reduce overall costs, ensure data security, and expedite implementation time.

Risk Management

• Gap Analysis
• Risk Assessment
• vCISO Advisory Services
• Third-Party Risk Management
• Incident Response/Planning
• Policies and Procedures Development

AWS Marketplace

• Cloud Based Security Gap Analysis
• Third-Party Cloud-Based Security Assessment
• Cloud-Based Architecture Review

Services

Supported Security Frameworks