Our Company

About Us

JDBiggs & Associates, Inc. is an Information Security and Privacy consulting firm located near Washington, DC in suburban Maryland. Our consulting professionals have 30 plus years of experience, are degreed, hold security clearances, security professional certifications and professional affiliations, and are industry recognized Subject-Matter-Experts in the science of information security and privacy.

Core Capabilities

Our core capabilities include expertise in the following critical areas of an enterprise security program:

  • Federal Risk and Authorization Management Program (FedRAMP) Compliance Support
  • North American Electric Reliability Corporation (NERC), Critical Infrastructure Protection Assessment (CIP) Compliance Support
  • Federal Information Security Management Act (FISMA) Compliance Support
  • Security Categorization of Major Applications and General Support Systems
  • Development of Enterprise Security Policies, Handbooks and Procedures
  • Independent Review and Assessment of Systems and Technologies (Wireless Mobile & LAN Security, Bluetooth, and Encryption)
  • Assessment & Authorization (A&A) of Systems (DIACAP / DCIDS / NIST / FISMA / FedRAMP)
  • Risk Assessments and Management of Plan of Actions & Milestones (POA&M)
  • Security Education Training Awareness (Seminars / Presentations / Programs)
  • Development and Testing Contingency Management and Disaster Recovery Programs

Our Specialists

JDBiggs & Associates is able to enhance the enterprise IT security, protecting the data from unauthorized access and unauthorized modification while making it available to authorized users. Our consulting staff has extensive subject-matter-experience in developing security authorization packages, performing risk assessments, vulnerability & penetration testing, contingency planning, development of security plans, evaluation of security controls, and policy development. These information technology security specialists perform their services in accordance with the following guidance and standards:

  • Federal Risk and Authorization Management Program (FedRAMP)
  • Federal Information Security Management Act (FISMA)
  • North American Electric Reliability Corporation (NERC), Critical Infrastructure Protection Assessment (CIP)
  • Federal Information Processing Standards (FIPS)
  • National Institute of Standards and Technology (NIST) Special Publications
  • ISO/IEC 17799:2000 Code of Practice for Information Security Management
  • Director of Central Intelligence Directives (DCIDS)
  • Health Insurance Portability and Accountability Act (HIPAA)

Our cumulative experience in developing Security Education Training Awareness (SETA) programs follows the Federal Information System Security Educators Association (FISSEA) approach and NIST SP 800-50. In addition, we develop and evaluate Enterprise Business Continuity & Disaster Recovery programs following the Disaster Recovery Institute International (DRII) methodology, and NIST special publications.