Booz Allen Commercial delivers advanced cyber defenses to the Fortune 500 and Global 2000. We are technical practitioners and cyber-focused management consultants with unparalleled experience – we know how cyber-attacks happen and how to defend against them.
Our strategy and technology consultants have empowered our international clients with the knowledge and experience they need to build their own local resources and capabilities.
In facing challenges of modernization, our Middle East and North Africa clients have complex requirements that benefit from our proven experience in guiding major programs and projects for governments and private-sector organizations. The services we offer in UAE, Qatar, Egypt, Turkey, Kuwait, Morocco, Jordan, and other regional countries build on our consulting legacy.
Our clients call upon us to work on their hardest problems—delivering effective health care, protecting warfighters and their families, keeping our national infrastructure secure, bringing into focus the traditional boundaries between consumer products and manufacturing as those boundaries blur.
Booz Allen was founded on the notion that we could help companies succeed by bringing them expert, candid advice and an outside perspective on their business. The analysis and perspective generated by that talent can be found in the case studies and thought leadership produced by our people.
Learn more about Booz Allen's diverse culture and environment of inclusion that fosters respect and opportunity for all employees.
We've come a long way delivering innovative solutions. But our next chapter is still being written.
Our 22,600 engineers, scientists, software developers, technologists, and consultants live to solve problems that matter. We’re proud of the diversity throughout our organization, from our most junior ranks to our board of directors and leadership team.
Booz Allen takes pride in a culture that encourages and rewards the many dimensions of leadership—innovative thinking, active collaboration, and personal service. We’re particularly proud of the diversity of our Leadership Team and Board of Directors, among the most diverse in corporate America today.
Today, vendors are promoting technology solutions; technology alone will never solve a people problem. These technologies often end up finding low-risk “threats” in IT environments by portraying these threats as something more serious than they are. Compounding the problem, these tools generate a large number of false positives (i.e., noise) that waste the security team's time.
So the question is: What did work for me as a Chief Information Security Officer (CISO)?
As a CISO, I learned that we were stopping people. To stop them effectively, we needed better intelligence and skilled talent to fight them head-on.
Just like playing chess against a person, I had to learn about our opponent. I had to find their strengths and weaknesses and how to exploit both. This is called “threat intelligence” or “adversary insight.” Unless a vendor is giving you information like this about the people who attack your business or your business sector, it isn't adversary insight. It's a feed of random intelligence data that will be marginally useful, if at all.
With an understanding of who was attacking us and how, we then worked on gaining visibility into our environment so we could see when attacks were taking place. Knowing what to look for and then having the ability to look for it was the one-two punch we needed.
With these capabilities in place, we were able to successfully defend our enterprise. We were aggressively ready. We had metrics showing how many attacks we sustained, how far the attacker got before we stopped them, and a record of every successful defense.
These activities may sound simple, but there is a ton of thought and effort that goes into them. How do you even begin to compile data around who is attacking and how? Furthermore, once you compile it, how do you track it and keep it organized and up-to-date? What systems do you use to get visibility? How do you maintain these systems, feed them with intel and then respond to what they tell you? It took a lot of people and expertise to accomplish this. Thankfully, I had a very, very large team. Which brings me to my final learning.
Large enterprises have a chance to stay ahead because they are well-resourced and may sustain enough attacks to keep their security operations teams occupied and engaged. Medium and small companies struggle. It takes specialized talent in threat intel, attack detection, adversary hunting, incident response, and technology skill sets to make this work. All of this is hard to find, and it’s expensive.
Even if you can find the talent and obtain the budget, how often are you actually attacked? The future of your business is at stake and you need to preempt every attack. But will your team end up being like the Maytag repairman … bored? If so, you'll have retention problems. The people who do this stuff like to be in the fight. When they are not, they get twitchy.
These teams are like soldiers. They need to be ready to respond at a moment's notice, and they need to respond with discipline and precision. Having a team that detects and responds to attacks once or twice a year is like having a volunteer militia go up against a professional army. It usually doesn't end well for the volunteers. Of course you can train and practice, but attacks change and advance on a regular basis. It’s hard to keep up, and do you really want to spend your resources trying?
Toward the end of my tenure as a CISO, I found that our approach was so effective that attackers stopped targeting us and started going after our business partners. After informing several of them that they needed to do something about cyberattacks (and seeing these challenges play out), I better understood their predicament.
Companies need a cybersecurity solution that addresses the intelligence gap, talent acquisition challenges, and response concerns of enterprises of every size—small and large.
Businesses need more than a stopgap to address the ongoing, persistent threats facing them today.
One-off technology tools can’t fix the problems I’ve outlined. Short-term commitments do little to thwart attacks, and when businesses can't find and retain appropriate cybersecurity talent, can't get the budget they need … or simply are not attacked frequently enough to keep their teams sharp and ready, they need a service that can.
Booz Allen Hamilton’s Managed Threat Services (MTS) solution brings adversary insight, highly-skilled talent and technology together to address even the most severe threats. We can do it at scale, and our MTS has flexible deployment options to be tailored for each client’s situation. We defend companies, and we have a unique view of the problem and a proven method for solving it. We create unique partnerships with our clients to make them more secure.
Thank you for your interest in Booz Allen Managed Threat Services. Schedule a demo to learn more about how we deliver proven defenses that address constantly evolving cyber threats.