Government and Public Sector Cybersecurity Services

EY identity and access management (IAM) services help government agencies manage the life cycle of digital identities for users, systems and services by providing organizations a view of who has access to what resources. IAM focus areas include:

IAM strategy

• IAM business case definition
• IAM assessments and road maps

Access management

• Single sign-on
• Multi-factor authentication
• Password self-service
• Application programming interface (API) access control
• Public key infrastructure (PKI) and certificate-based authentication
• Fine-grained entitlement management and authorization

Identity governance and administration

• Access requests and provisioning
• Access certifications
• Segregation of duties
• Application onboarding
• User life cycle management
• Role-based access management
• Enterprise identity repository

Privileged access management

• Password vaulting and rotation
• Secrets management
• Session brokering
• Privileged account governance
• Endpoint least privilege
• Threat analytics

EY cybersecurity architecture, engineering and emerging technologies services are designed to help government agencies protect their enterprises from adversaries that seek to exploit weaknesses in the design and operation of their technical security controls, including disruptive technologies such as cloud computing, blockchain and the internet of things (IoT). Focus areas include:

Architecture and engineering

• Assessment, design and road map
• Secure standards and pattern design
• Security engineering transformation
• Technical implementation and integration

Emerging technology

• Cloud security
• Operational technology (OT)
• Cyber automation
• Cyber analytics

EY next-generation security operations and response (NGSOR) services help build a more secure and trusted working world by helping government agencies protect their organizations with proven strategic and tactical approaches to defend, detect, respond and recover from cyber attacks. EY NGSOR services include:

Security operations center (SOC) transformation

• SOC assessment, strategy and road map
• SOC build and transformation
• SOC technology requirements analysis and selection
• SOC governance, playbooks, metrics and reporting
• Managed threat detection and response services

Cyber threat resiliency and intelligence

• Cyber threat resiliency assessment
• Threat intelligence as a service

Incident readiness and response

• Incident readiness and maturity assessments
• Cyber crisis simulation (e.g., tabletop exercises)
• Incident response governance, playbooks, metrics and reporting
• Incident containment, eradication and recovery assistance
• Cyber incident postmortem analysis

Attack and penetration testing

• Internal, external, wireless, application and mobile attack and penetration testing
• Red Team threat assessments
• Cloud security assessments
• Product security assessments

Application security

• Application security assessments
• Secure application architecture assessments and threat modeling
• Application security program build
• Secure development, security and operations (DevSecOps)

Vulnerability management (VM)

• Cyber exposure assessment
• VM program improvement strategy and road map
• Scanning technology implementation and enhancement
• Critical vulnerability response