Booz Allen Commercial delivers advanced cyber defenses to the Fortune 500 and Global 2000. We are technical practitioners and cyber-focused management consultants with unparalleled experience – we know how cyber-attacks happen and how to defend against them.
Our strategy and technology consultants have empowered our international clients with the knowledge and experience they need to build their own local resources and capabilities.
In facing challenges of modernization, our Middle East and North Africa clients have complex requirements that benefit from our proven experience in guiding major programs and projects for governments and private-sector organizations. The services we offer in UAE, Qatar, Egypt, Turkey, Kuwait, Morocco, Jordan, and other regional countries build on our consulting legacy.
Our clients call upon us to work on their hardest problems—delivering effective health care, protecting warfighters and their families, keeping our national infrastructure secure, bringing into focus the traditional boundaries between consumer products and manufacturing as those boundaries blur.
Booz Allen was founded on the notion that we could help companies succeed by bringing them expert, candid advice and an outside perspective on their business. The analysis and perspective generated by that talent can be found in the case studies and thought leadership produced by our people.
Learn more about Booz Allen's diverse culture and environment of inclusion that fosters respect and opportunity for all employees.
We've come a long way delivering innovative solutions. But our next chapter is still being written.
Our 22,600 engineers, scientists, software developers, technologists, and consultants live to solve problems that matter. We’re proud of the diversity throughout our organization, from our most junior ranks to our board of directors and leadership team.
Booz Allen takes pride in a culture that encourages and rewards the many dimensions of leadership—innovative thinking, active collaboration, and personal service. We’re particularly proud of the diversity of our Leadership Team and Board of Directors, among the most diverse in corporate America today.
For many national governments, figuring out how to counter cyber threats means puzzling together a national cybersecurity agency. After a national leader or legislative authority releases an official decree, the first question often asked by the government is, “Where do we start?”
Just like putting together a jigsaw puzzle, governments need a picture of how the finished product should look. This picture is the national cybersecurity strategy. It defines the relationships and authorities within the government, as well as the government’s relationship with private industry and the broad capabilities required to establish and operate a new agency.
After you have the big strategic picture, you'll need to find your “corner pieces” and build the puzzle's outer edges based on the national cybersecurity strategy. This means that governments need to define the roles and responsibilities of a national cybersecurity agency. First, they'll need to assess how much risk their nation can afford and determine what the residue risk is by not taking on certain cyber-related responsibilities.
“Building a national cybersecurity agency is like putting together a puzzle. You need to have a strategy, and you need to know where to start.”
The question that needs to be addressed by government leaders is: What are the responsibilities for cybersecurity between the national government, the government ministries and regulators, critical infrastructure providers, and private industry?
Here are the key pieces of a national cybersecurity agency plan:
The new agency needs to establish standards for protecting and communicating cyber threats across the national landscape—but make sure that these standards don’t block or slow good data that impedes commerce.
Ensure and identify the cyber mission, authority, regulations, and enforcement for each part of the government. Establish roles and responsibilities for critical infrastructure providers, regulators and law enforcement, military and intelligence, and the private industry. A critical component of the national cybersecurity agency is coordinating with national telecommunications providers, or providing technical guidance. Whose job is it to respond first? What do you want this new agency to do? It sounds basic, but it is the key to successfully creating a strong and resilient cyber defense.
Among the military, law enforcement, intelligence, internal security, private, and critical sectors, it's vital to ensure that there is national cybersecurity situational awareness. This includes serving as a cyber intelligence repository for the nation. And make sure your agency is set up to produce actionable cyber intelligence. That doesn’t mean this new agency needs to be the first to respond, just that it is collecting the right, timely, and specific information.
While you want to solidify your data-collection standards, you don’t want to do anything that will slow or block the flow of good data. You’ll also want to build a cyber intelligence repository to keep all that information on cyber incidents.
Your approach to national cybersecurity shouldn’t involve specific products or software. The strategy should stay above the purchase level. Don’t get locked in to something that isn’t compatible with the rest of your government’s IT.
It’s important to plan and provide appropriate levels of deterrence against people and organizations who aim to harm the government through malicious cyber activities. These deterrents include a combination of legislative, law enforcement, regulatory, and military actions.
Your approach should provide advanced cybersecurity capabilities not found elsewhere in the nation. These include the ability to create custom cyber threat signatures, develop a cadre of engineers who can find out who already invaded your systems, create a team of malware analysts who can analyze the cyberattack software, and create a national forensics lab to investigate.
Establishing national cybersecurity education programs, identifying cyber talent early, and offering corporate incentives and on-the-job training will fill the pipeline of talent within the nation to support a growing demand.
With a solid strategy, you can put the pieces of a new cybersecurity agency together. Building and enhancing a national cybersecurity agency or a national cybersecurity operations center is a complex, multiyear endeavor that requires planning, organization, and technical expertise. Booz Allen brings the people with the experience to assist national governments with their most challenging problems.
Our employees have supported the establishment of national-level cybersecurity agencies and operations centers for governments in Asia, Middle East, and the United States. Our Asia headquarters is in Singapore, with offices and engineers in Jakarta, Okinawa, and Inchon.