Advisory Services

phia provides a range of services that cross the spectrum of cyber, intelligence, and technology in the functional disciplines of analysis, operations, engineering, and assessment.

phia’s Advisory Services ensure that technical and operational efforts are firmly aligned with not only an organization’s core mission but with the business. We shape, optimize, and assure these efforts. phia believes that no organization is successful without maintaining sufficient awareness of itself and its surroundings. This awareness includes measuring all aspects of performance, leveraging data to improve understanding, and investing in the development of its people. Our Advisory Services provide structure to these efforts, bringing decades of experience from phia experts and perspective from our support of complex organizations and environments in the Federal Government and private sector.

Strategy & Planning

There are many good reasons to strategize and even more ways to plan.

phia recognizes that organizations rarely have the luxury to freeze the world around them and step through a textbook strategy-and-planning process. Business and mission demands are ever-present. Our approach to helping organizations develop and refine their strategies comes from decades of operational experience using data-informed practices. Whether a multi-year master plan or an individual project, we combine staff with strategic planning and technical expertise to help devise the right strategy, from objectives to effects. Our backgrounds include a wide variety of strategic support at varying organizations, including the United States Cyber Command (USCYBERCOM), Sony Group, and Cybersecurity and Infrastructure Security Agency (CISA), among others.

Governance, Risk & Compliance

Cyber governance, risk management, and compliance across enterprises (eGRC) continue to be a conceptually straightforward construct while operationally elusive.

To some degree, it represents how nascent and immature cyber still is for most organizations, but it is also a complex program both in small and highly scaled enterprises. Achieving the “Goldilocks” eGRC is something phia has worked to develop over our extensive careers in cybersecurity. Considering our work from Global 100 conglomerates with footprints in over 150 countries, our widescale work for the DOD and our work with DHS CISA on the Federal/Civilian enterprises, we’ve been able to hone our ability to deliver on eGRC for any organization.

eGRC starts with taking one of the many enterprise management frameworks and sorting what is best for the particular organization. Typically, we find it is a hybrid model of best practices across multiple sectors and requires tailoring to the specific organization. Having worked in a variety of industries, we take best-of-breed from ISO/IEC, CMU SEI, NIST, and others to ensure a “just right” fit for our clients. Truly resilient eGRC implementations use a blend of frameworks stitched together by creative people, tailored tools, and adaptive processes.

Frameworks, models, and standards that phia works with:

  • ISO/IEC Standards: 9001 – Quality Management, 27001 – Information Security Management, 20000 – Service Management
  • CMU SEI Capability Maturity Model Integration (CMMI) & Resilience Management Model (RMM) 
  • Agile (SCRUM, SAFe) and Lean Six Sigma 
  • NIST Standards: RMF, 800 series, FIPS; Cloud Security Alliance (CSA); Microsoft Best Practices; DOD STIGs, 8000 series
  • FISMA, HIPAA, SOX, PCI, and others
  • SANS/CIS Critical Security Controls, ASD Strategies to mitigate cybersecurity incidents, MITRE ATT&CK
Security Organizational Dynamics

Situational Awareness

From Sun Tzu to Socrates the oft-quoted importance of “knowing thyself” has been recognized as critical to wisdom and success.

It’s not just about threats, vulnerabilities, or defensive posture. It’s not just about inventory, configuration management, up/down status, process maturity, or workforce readiness. It is about each of these things and all these things together, connected and visualized in a way that enables a range of other operational and management functions. phia specializes in helping organizations integrate the various technical and administrative components needed to build and maintain cyber situational awareness.

We have helped small and large organizations obtain situational awareness in all major areas of cyber. Specific implementations of the right experts, tools, and processes within IT, threat intelligence, vulnerability management, eGRC, and defensive cyber/security operations. Each area of cyber is unique, and obtaining insights from each is a challenge, but phia has helped private, and the Federal sectors achieve this in multiple engagements. We can help you collect the right data and make sense of it for actionable information to inform your decision-making.

phia Situational Awareness Platforms:

  • Tailoring of GOTS/COTS Platforms to ingest, analyze and act on cyber data
  • eGRC platforms: RSA Archer; Telos Xacta 360; DOD VMS/eMASS 
  • SIEM platforms: Elastic; Splunk; McAfee Nitro; ArcSight 
  • Threat Intel/SOAR platforms: Analyst1; ThreatConnect; custom built
  • Workflow and IT management platforms: BMC Remedy; ServiceNow
  • Knowledge/Content management platforms: Microsoft SharePoint/Teams; Alsatian Confluence and Jira
  • Custom built on Apache big data project platforms (Hadoop, Spark, etc.)
Education & Training

Cyber training requires a foundational basis that must be built upon to truly understand the implications of a security situation.

Without informed operational context and real-life experience, it is difficult to comprehend the implication of a cyber event, vulnerability, policy or architectural decision. From policy to defense cyber operations phia utilizes operational experts to provide real-life inputs into our training and education solutions. Our many years of operational cyber experience give us an authentic perspective on training and education. In addition to our company’s depth in cyber, many of our staff have had lifelong careers in cyber with over 20 years of experience. Our experts vary from cyber engagements to leading cyber operations and we use that breadth of exposure to inform our approach to education and training with our clients. 

If you are looking for a different approach to cyber training and education informed by operational wisdom from the front lines, give phia a call. We can work with your team to tailor specific training and educational approaches for you and your organization’s mission needs. phia’s approaches can range from niche in-person training to organization-wide cyber awareness. Whatever your need is, we can help deliver the right fit to suit your mission.

  • Enterprise cyber awareness training & education (tailored CBT, phishing & waterhole exercises, etc.)
  • Niche in-person cyber training from our experts to yours (hands-on labs, practical, real-world challenges, simulations/emulation, handbooks, presentations, and videos to fit the learning approach of your students)
  • Implementation of enterprise-wide learning management systems (LMS) to support education and training
  • Custom development of cyber courses for LMS platforms
  • Secure software & systems development lifecycle courses (CBT, in person, simulation/virtual, practical challenges)
Data Science & Analytics

Often, it can feel as if you are hunting for a “rocket surgeon,” something that doesn’t exist, to help you make sense of all the available data in a modern cyber enterprise.

phia has operational experience, both as a company and as its staff, supporting some of the largest enterprises in the world with millions of users and systems. We have worked and supported data science and analytical techniques in Global 100 organizations. We have supported the DOD enterprise as well as tactically austere missions such as the Secretary of Defense during travel and at residences. Each organization and its missions require a tailored approach while not reinventing the wheel. The application of data science and analytics is often treated as a science experiment among many groups. In contrast, phia feels it must be informed by operations to be of real value to our clients, form follows function.

Our experts can create a strategy that helps you make sense of exabytes of data, providing perspective and meaningful information to shape your decisions. We’ve helped our clients across numerous operational environments, across all areas of cyber, to make better decisions based on large data sets, including vulnerability management, risk management, defensive cyber operation/SOC, security architecture, and educational/training. If you are interested in having an operations-informed applied approach to data science and analytics, reach out to us for a discussion.

  • Open-source big data & analytics platforms (Apache Hadoop, Spark, etc.)
  • Custom data lakes & overlays
  • SIEM big data platforms (Splunk, ELK/Elastic, etc.)
  • Cross-domain or boundary solutions and applications
  • Applied machine learning and artificial intelligence to speed and assist users (MLib, Marvin-AI, Mahout, etc.)

More Capabilities