Commercial Solutions.

Services

Human Terrain Assessment

Through our experience we have found that people are not only the greatest asset to any organization, but also the greatest risk if they are poorly trained, ill-informed, disenfranchised or poorly vetted.

Human information testing facilitates an organization’s ability to ensure employees are well-versed in personal and professional security measures. The results of vulnerability testing of personnel provide the ability to elevate security measures, and allows employees to gain a better perspective of safeguarding corporate information. This process of testing also ensures that personnel are equipped with the knowledge and training to accomplish internal security measures, facilitate employee training efforts, and maintain a high state of awareness.

Our Human Terrain Assessment is a systemic process that involves detailed procedures for conducting the testing of an organization’s greatest asset: its personnel. The assessment team’s main focus is to study, analyze, and test potential vulnerabilities as it pertains to personnel, corporate security, and international threats. Throughout the assessment, the team explores various methods of analysis, approaches, and potential security solutions that will result in the highest recommendations for security measures and employee/stakeholder buy-in.

Organizational Risk Management Solutions

We enjoy engaging clients who work in challenging fields with heightened risk profiles. As a company founded by people who are accustomed to working in culturally diverse environments with highly nuanced precepts, we understand the smallest action can have immense consequences.

Our Threat, Vulnerability, and Risk Assessment (TVRA) for Organizational Risk Management can provide your organization with an identification of risks in new and existing infrastructure and assets. We focus on recommending solutions that fully integrate with existing enterprise risk management plans, or solutions that are more appropriate for smaller organizations. We take a comprehensive approach to our TVRA inclusive of:

  • Human Infrastructure and Vetting
  • Sustainability
  • Logical and Physical Security
  • Business Continuity
  • Access Control
  • Natural Disasters
  • Political Instability
  • Medical Risk
  • Loss Prevention

Penetration Testing

Metris has core expertise in exploiting both computer and human networks. Our penetration testing focuses on utilizing real-world approaches to human and computer network exploitation used by black hat hackers, foreign governments, and industrial competition.

Metris has a wide breadth and depth of experience in information security.  Through this experience, we have developed a comprehensive and holistic approach to assisting our clients with identifying, assessing, managing, and mitigating current and emerging security risks that can affect their organization

Traditional penetration testing for commercial markets involves assessing logical and physical controls to determine vulnerabilities that can affect an organization’s security posture.  While this approach may identify risks to physical infrastructure and computing networks, it does not account for the complexities faced from the human variable.  Metris’ approach to penetration testing involves much more than a conventional assessment of logical and physical controls within an organization.  The greatest organizational risk lies within the people and processes responsible for the day-to-day continuity of business services.  These vulnerabilities are often overlooked during the course of traditional penetration testing due to the shortened duration of the test and the level of expertise of the penetration-testing provider.  Our team draws from their collective past experience in human intelligence operations to formulate a comprehensive, and commercially appropriate, approach to exploiting vulnerabilities within an organization’s employee base.

Our assessments will identify and report vulnerabilities which may lead to the compromise of the confidentiality, integrity, and availability of your data network operations. We communicate these vulnerabilities in our reports in risk-adjusted order – specific to your environment – with calls-to-action and recommendations to remedy or mitigate these risks, taking into context your culture and available resources. Our report of findings will help management focus on the actions that will improve your organization’s security posture.

Our recommendations always focus on systemic problems and practical solutions. Our objective is for remediation efforts to be effective in preventing security problems in the future. To that end, we review our findings with your team to ensure that the vulnerabilities, risks, and mitigation strategy are well understood and that solutions are implemented. If you have specific audit and compliance needs, our solutions will assist you in being proactive with solutions to maintain accreditation and continuity, to include GLBA, HIPAA-HITECH, PCI, and SOX.

Industrial Security Consulting

Metris has years of experience dealing with high threat scenarios and protecting classified Government information. These skills translate directly to Industrial Security measures, and we have Subject Matter Experts on staff that have developed and managed both commercial and Government Industrial Security compliance programs.  We pride ourselves on working with clients to develop their industrial security program from inception, or enhance an existing program.  We understand the complexity of Industrial Security programs; specifically, aspsects of information security and network development, physical construction and security, and personnel maintenance.

Through our expertise, we have assisted out clients in achieving high ratings during regulated government inspections for programs supprting a variety of clasification levels and programs. We are well versed in all aspects of an Industrial Security program, to include the NISPOM, JPAS, DCID/ICD, and developng relationships with program sponsors and approving authorities.

Training

Metris offers comprehensive training in a multitude of subject matter areas,with a specialization in providing realistic scenario based exercises that enhance individual and team skill sets.  Our proven government level training courses and models have been modified and made available as commercially appropriate service offerings for our current and prospective clients.  Our trainers are true Subject Matter Experts in their chosen field and have extensive experience in curriculum development and instruction for both commercial and government clients.  All training is custom tailored to match our client’s objectives and requirements, including topics, such as:

  • Computer Network Defense
  • Digital Forensics
  • Human Intelligence
  • Investigations
  • Physical Security
  • Social Media Analysis and Exploitation
  • Travel Awareness

Technology

SAIFE - Agile Security

SAIFE

 

In a world gone wireless, mobile voice communications must be secure. Espionage – from state sponsors, rogue actors or global business interests represent a massive and growing threat.

Conventional solutions harden devices, tunnel conversations and mask IP addresses. These approaches are problematic, expensive and limiting. Devices, networks and technologies are changing far too rapidly. Plus, this severely limits agility, thwarting a critical advantage of mobile voice communications.

SAIFE’s Agile Security is a revolutionary step forward in mobile communications, enabling secure person-to-person conversations on any device, any network, and in any situation.

Plus, SAIFE is modular. The secure CORE supports an APP-based environment that enables integrators and innovators to craft highly customized voice environments for government, military, and civilian situations.

Learn More