ACI Federal

InfoSec Compliance & Investigation

ACI Federal provides a comprehensive InfoSec investigation & compliance services and solutions to prevent, detect and resolve growing cybercrime, frauds and security incidents including digital forensics.

The global nature of the Internet has allowed criminals to commit almost any illegal activity anywhere in the world causing monetary and non-monetary losses to individuals, organizations, and governmental entities. In order to tackle these new breeds of cybercrimes, we at ACI Federal deliver comprehensive technical services to support domestic and international cybercrime investigations.

Over the years we have served a wide variety of people and organizations with our cybercrime investigation service which includes healthcare, corporations, and government agencies.

ACI Federal’s Cyber Investigation services aims to ensure that the evidence collected in the process of a forensic investigation from any electronic communication media should be able to withstand legal scrutiny providing our clients with a seamless and holistic solution in the most complex cybercrime scenario. ACI Federal is backed by Cyber Security Professionals and highly certified staff which has the ability to take immediate action to solve our clients Information Security challenges with absolute confidentiality.

After a complete report of the incident is made and the source of the attack can be identified, all the information obtained during the investigation process can be transmitted to the agencies. The most common types of fraud and cybercrime incidents we investigate are:

Our Cyber Investigation Services Model:

  • Tracing Attacker
  • Fraudulent Transactions
  • Denial of Service Attacks
  • Social Network Crime Investigation
  • Insider Attacks
  • E-mail Tracking
  • Web Hijacking
  • Online Identity Theft
  • IP Tracking
  • Computer Forensics
  • Mobile Forensics
  • Software Piracy
  • Phishing

InfoSec Compliance

ACI Federal, an ISO/IEC 27001:2013 (InfoSec) Certified Company, can assist in reducing the cost and complexity of implementing NIST security, risk management framework strategies, and processes. Our certified and cleared team will identify and implement the appropriate risk management and information assurance program necessary to ensure the agency is compliant with NIST 800-53 standards, NIST 800-37 Risk Management Framework, ensuring the organizations assets remain secure and protected.

We cover the following NIST standards;

  • NIST SP 800-53 Recommended Security Controls for Federal Information Systems and Organizations
  • NIST SP 800-53a Assessing Security Controls
  • NIST SP 800-37 Guide for Applying the Risk Management Framework
  • NIST SP 800-48 Wireless Network Security
  • NIST SP 800-35 IT Security Services
  • NIST SP 800-42 Guideline on Network Security Testing
  • NIST SP 800-50 IT Security Awareness and Training Program
  • NIST SP 800-34 Contingency Planning for IT Systems
  • NIST SP 800-41 Guidelines on Firewalls and Firewall Policy
  • NIST SP 800-44 Securing Public Web Servers
  • NIST SP 800-45 Email Security
  • NIST SP 800-47 Interconnection IT Systems

FISMA requires each U.S. Government agency to develop, document, and implement an agency-wide program to provide information security for the information systems that support the operations and assets of the agency, including those provided or managed by another agency and contractors. Agencies have to meet the specific requirements established by NIST in support of the FISMA requirements and be able to provide a risk-appropriate level of assurance that critical information security controls are operationally effective and producing the intended outcomes. ACI Federal has the experience in assisting with implementation, design, authorization, and configuration of FISMA.

Security Phases

Initiation Phase

Preparation; notification and resource identification; and system security plan analysis, update, and acceptance

Security Certification Phase

Security control assessment and security certification documentation

Security Accreditation Phase

Security accreditation decision and security accreditation documentation

Continuous Monitoring Phase

Configuration management and control, security control monitoring, and status reporting and documentation

Other Services

Certification and Accreditation

ACI Federal™, an ISO/IEC 27001:2013 (InfoSec) certified company, provides a proven flexible implementation approach to...

Information Security

ACI Federal™ Information Security Solutions offering are specifically tailored to identify, evaluate, and improve the ...

Investigation Services

ACI Federal™ is the premier contractor for delivering accurate investigation services to the Inc 500, U.S. Federal, St...

PEN Testing and Vulnerability Assessment

ACI Federal provides comprehensive penetration testing services to organizations by conducting real-world assessments ac...