CLIENT STORY

One U.S. civilian government agency recognized that it was a high-priority target for cyber threats and attacks and that its cybersecurity program could be improved. Electrosoft introduced technology tools, automation and improved processes to help strengthen the agency’s cybersecurity posture.

PROBLEM

One civilian agency recognized that, due to its worldwide presence and role in helping to maintain the health of the U.S. economy, it is a high-priority target for cyber threats and attacks. With a global escalation in the frequency of evolving cyber attacks, leaders wanted to improve their cybersecurity program to ensure protection of their numerous systems with personally and/or business identifiable information (PII and/or BII). They envisioned an operational and culture shift to become more proactive in the way they managed the security and privacy of their data and systems.

SOLUTION

Electrosoft supported the agency with the planning and execution of risk-based methodologies to protect the critical IT assets for the agency, ensuring the confidentiality, integrity and availability of data and systems while providing privacy protections and meeting compliance mandates

The team followed a proven, continuous assessment and authorization (A&A) approach to modernize the agency’s systems and procedures. Using practices such as DevSecOps, automation and services, the team delivered system development and introduced continuous monitoring and improvement of information security operations, information system security risk management and compliance, and privacy program development.

For example, Electrosoft helped to revamp the agency’s vulnerability management program, facilitating a cultural change within the agency through transparent, accountable and collaborative processes. One such process automates frequent system scans, which the team utilizes to create Plans of Actions and Milestones (POA&Ms) to track and manage the mitigation and remediation of system vulnerabilities. Through continuous monitoring, the team conducts frequent, short status meetings to find issues during scans and provides an open communication channel with stakeholders. In addition, Electrosoft now handles implementation and daily configuration monitoring on all technical controls and systems. All systems are also subjected to independent, third-party penetration testing on an annual basis.

Electrosoft also supported the implementation of a privacy program for the systems containing PII and/or BII, including privacy impact assessments (PIA) and privacy threshold assessments (PTA). The team applied more than 45 NIST SP-800-53 security and privacy-related controls and helped to ensure that the system privacy documentation and reporting capabilities were compliant with laws and regulations. In addition, Electrosoft led the implementation of data loss prevention tools and strategies to help prevent privacy breaches. Filling an existing gap, the team has become the agency point of contact for privacy issues and information on national and international privacy laws and regulations.

To ensure the agency remains fully in compliance with the latest laws, regulations and standards, the Electrosoft team proactively seeks out information such as new legislative actions, Executive Orders and NIST standards. This information is then passed on to stakeholders, keeping them up-to-date and well-informed.

RESULTS/BENEFITS

Electrosoft supported the agency’s transformation to implement continuous monitoring and improvement of its information security operations, a robust privacy program and a culture of support for information system security risk management.

There are many positive results of the agency’s cybersecurity transformation. A “by the numbers” look at some actions confirms the agency’s success in protecting their systems and assets:

• 22.5M file access attempts captured and blocked by the Security Operations Center (SOC) in year one – and 33.5M in year two – using approved enterprise tools such as Bit9 and cohesive teamwork.
• 2.7K malicious URLs, 69K malware emails and more than 104K phishing attempts were blocked, as the team harnessed the power of Microsoft Office 365 as part of providing engineering support and consistently tuning the agency’s tools.
• 174 Threat Action Reports were successfully closed by the SOC, providing detailed accounts of failed attempts by “Bad Actors” attempting to access the agency’s network.
• 101 POA&Ms closed.
• 13,328 out of 15,912 quarantined emails analyzed and released.
• 100% of systems have a system-specific contingency plan in place to meet CP-2 requirements.

Electrosoft’s activities not only helped to ensure the agency’s compliance with applicable security and privacy laws and regulations, it also:

• Increased efficiencies through automation
• Increased transparency through issue tracking and frequent communication and collaboration with stakeholders, and
• Is continuing to update the agency’s systems with powerful, secure technologies.

Today, the agency is proactively monitoring, detecting and responding to threats and attacks – and complying with evolving cybersecurity regulations and guidance. With a strengthened cybersecurity posture, the agency is confidently staying ahead of its cyber adversaries.