Cyber Defense Agency LLC is providing strategic security consulting and research services. The firm dramatically cuts the quantifiable risk and damages from cyber attack to critical information infrastructure by providing the world's premiere information assurance research, technology, and engineering services to leading organizations and companies. CDA developed a process called Mission, Impact Risk Reduction with Objective Rationale (MIRROR) jointly with the National Security Agency to solve complex cyber-security problems. CDA has successfully used MIRROR to assess the risks of large, diverse systems within the U.S. Department of Defense. CDA plans to extend MIRROR to other sectors to provide security engineering to critical infrastructure providers. Federal agencies have expressed a need for better development and administration of IT security policies across multiple heterogeneous security enforcement mechanisms. Many agencies are struggling with excessive administration burdens caused by managing numerous security mechanisms, each with its own unique administration interface. Cyber Defense Agency has developed Espanola, a security specification system that translates the security policy to be enforced consistently on multiple native enforcement mechanisms. Espanola treats security policy development like the hard design problem that it is. Espanola allows security policy patterns to be developed and shared like open source software. Espanola greatly reduces the day-to-day management of security mechanisms and improves security by ensuring approved good security policies are implemented.