Cybersecurity Solutions

Protecting Maritime Information

Gibbs & Cox provides cybersecurity services aimed at protecting clients’ critical information systems and shipboard industrial control systems (ICS) from threats. We possess a unique skill set of in-depth marine systems engineering knowledge and cybersecurity expertise, which enables us to help clients protect vital ship systems in an ever-changing threat environment.

50+ Years of Experience: The Gibbs & Cox Difference

The Gibbs & Cox cyber security team boasts more than 50 years of collective experience in the field of cyber security.

Our team holds industry certifications that satisfy information assurance (IA) workforce requirements by following DoD 8570.01, SECNAV 5239.2, and Navy Qualified Validator (NQV) requirements.

The Gibbs & Cox cyber security team is knowledgeable in many aspects of cyber security including:

  • RMF
  • Cybersecurity Maturity Model Certification (CMMC)
  • Supply Chain Risk Management (SCRM)
  • Systems Security Engineering
  • NIST Standards
  • Testing
  • Validation

Cybersecurity Starts with Tailor-Made Recommendations

It is always simpler to design cybersecurity into a system from its inception than to retro-fit security into an existing system. This is doubly true for industrial control systems.

Gibbs & Cox provides clients with expert security control implementation recommendations that are tailored to the individual systems being designed and procured during the specification development process.

Auditing Existing Systems: Industry Standards Guidance for Cybersecurity

By performing audits of existing systems and processes based on industry and government accepted standards, Gibbs & Cox provides clients with detailed guidance on improving their security posture.

Gibbs & Cox uses the following industry-standard security assessment tools to ensure compliance with STIGs (security technical implementation guides) and SRGs:

  • ACAS (Assured Compliance Assessment Solution)
  • SCC (SCAP Compliance Checker)

Guidance at Every Step of the Risk Management Framework (RMF)

Changes in Federal and Department of Defense cybersecurity guidance have created the need for government clients to implement the Risk Management Framework (RMF) on Industrial Control Systems (ICS’s) in addition to more traditional information systems.

These requirements apply to systems in phases of their life cycle. Cybersecurity protections must be included in new designs as well as back fit into legacy systems. This can sometimes pose a challenge for clients, since controls were not previously incorporated into ICS designs.

Gibbs & Cox subject matter experts can help clients in all phases of the RMF process, including:

  • Balancing Threats with Functionality: We understand how to balance system functionality and cost requirements against the threat posed by the various system vulnerabilities.
  • Comprehensive RMF Guidance: Our staff has the knowledge and experience necessary to guide Clients through the RMF process in order to obtain an Authority to Operation (ATO) for their system.

Leading Policy Development for Improved Cybersecurity

Cybersecurity policies and procedures are an integral part of protecting an organization’s data and technology. Gibbs & Cox helps clients develop corporate guidance that supports the overall needs of the company while ensuring that operational protective measures are implemented.

State of the Art Testing: IRAD/Proof of Concept

Gibbs & Cox develops physical and virtual testbeds to simulate operational network environments on ships. These testbeds ensure that we develop robust and efficient security assessment tools and procedures.

Want to discuss cybersecurity?

Contact us
It has been a pleasure working with Gibbs and Cox. They were consistently responsive to our changing needs with this difficult project. Updates were frequent and accurate. I look forward to continuing to utilize Gibbs and Cox to assist us in future programs.