Cybersecurity & Compliance

Consulting and Enforcement of Louisville Metro Cybersecurity Policies, Procedures, and Agreements - The IT Department and the Cybersecurity team provide a set of relevant and accessible policy, procedure, and agreement documents that are designed facilitate a safe and secure working environment, that are transitioning from the outdated paper driven process to an all-digital one.

Audits of Network and System Access Privileges - A well designed information system gives access to the people that need it, and prevents access to people who don't.  This principle of "Least Privilege" is a key component to having an effective Cybersecurity program.

Traffic Monitoring and Intrusion Detection - The nature of the cyber threat today challenges cybersecurity professionals to be creative in order to stop these threats.  We provide a strong perimeter defense, combined with internal traffic monitoring, and event log management to draw a more precise picture of network operations and to improve our defense-in-depth

Standards, Regulatory Compliance, and Audit Support - We strive to exceed compliance and best practices standards for NIST (National Institute of Standards and Technology), FISMA (Federal Information Security Management Act), HIPAA (Health Insurance Portability and Accountability Act), PCI (Payment Card Industry Data Security Standard), and Kentucky House Bill 5.

Risk Management, Vulnerability Assessment, and Mitigation - For current and new systems both, we provide technical and professional assessments of vulnerabilities in these systems with the goal of providing a clear qualitative and quantitative assessment of the risk involved. Louisville Metro Cybersecurity will work with internal and external customers to mitigate these vulnerabilities to an acceptable risk level.

User Awareness Training - Cybersecurity awareness is rightfully called one of the biggest concerns of IT departments worldwide.  An uninformed user can accidentally bypass even the most stringent security protocols if the right attacker scan trick them into providing information or installing software through trickery.  The Louisville Metro Cybersecurity Awareness Program covers a wide range of relevant topics, provides metrics for management, and simulates real word conditions in a safe environment.  Remember to always be #cyberaware!

Limited Impact and High Transparency - Our goal is to provide security and support without constantly interacting with customers, or impacting their work.  100% success in this service area means the customer won't even notice when changes to security devices and software occur.

Enterprise Malware Protection - The Louisville Metro Cybersecurity team utilizes an advanced suite of protection tools to detect, prevent, and remove both known malware and emerging threats.

Internal and External Penetration Testing - No security program is 100% secure without regular testing of the entire Enterprise.  We provide regular and relevant testing of network and software security controls, servers and workstations, and user's awareness of threats.

Web Filtering - Utilizing a Secure Web Gateway, we provide a safe web surfing environment that is conducive to productivity and receptive to changing business requirement

Incident Response and Forensics Management - We provide a Cyber Incident Response program that allows thorough response, investigation, and mitigation of cyber relevant threats to our Enterprise. Services include network, workstation, and email forensics investigation.

Network Firewall Management - Our external boundary is a key component in our defense in depth.  We actively monitor and evaluate the effectiveness of our boundary defenses in order to maintain our safe environment.

For assistance with this service please contact the Service Desk at 502-574-4444 or request information about our services.