Services and Solutions

Cybersecurity + Information Assurance

The federal government faces a number of challenges in the information assurance (IA) domain. These challenges include balancing among the need for Internet and network security; confidentiality; availability and integrity of information and computer-based systems, and testing and assessment of computer-based systems security. Expanding threats to overall information security requires dynamic strategies for providing computer network defense.

01
Regional Health Command Atlantic (RHC-A)
Cybersecurity is Patient Safety: Transforming RHC-A’s Cybersecurity Operations and Boosting their Defenses
Customer Mission

As a Tier 3 IT operations support mechanism for the entire region and with 28,000 staff dedicated to providing world-class patient care, the Regional Health Command Atlantic (RHC-A) isn’t just one of the largest healthcare systems in the world – it’s also responsible for protecting the sensitive data of more than 600,000 service members, retirees, and their families. 

Challenge

To ensure that the data of these individuals is safeguarded with the highest security standards and confidentiality, RHC-A sought out cybersecurity support to evaluate its current cybersecurity landscape, identify weaknesses in its existing security posture, and implement the necessary protocols and procedures to close these gaps.

Solution

TIAG leveraged our proven RMF implementation methodology and continuous monitoring strategies to ensure compliance with all DoD standards, effectively safeguard the organization’s information assets, and expedite obtaining ATOs.

Security Testing and Evaluation. TIAG evaluated RHC-A’s existing cybersecurity landscape and identified potential problem areas. Our cybersecurity experts conducted a thorough evaluation of the organization’s network, applications, and overall security posture. We proactively protected the system from rapidly changing cyber threats by implementing a host-based security system and continuously scanning all devices – including remote mobile devices, desktop computers, and devices connected to external networks – for vulnerabilities using Microsoft System Center Configuration Manager (SCCM). This system was designed to block viruses and malware and allow us to quickly manage, deploy, and secure devices and applications across the entire enterprise. 

Gap Analysis and Mitigation. After identifying gaps in RHC-A’s systems and security posture, TIAG developed strategies to close these gaps. They implemented robust security controls and developed detailed Security Assessment Report (SAR) and Risk Assessment Report (RAR) reports on their findings to ensure prompt mitigation and improve protection across the organization’s networks.

 

Security Control Implementation Plan. We identified how and where each security control – including technical, physical, and administrative controls – would be documented based on existing policies and procedures and outlined how RHC-A’s security posture would be assessed, evaluated, and maintained over time to protect the enterprise and the systems within it from potential threats.For any controls that could not be implemented, either temporarily or permanently, we thoroughly documented in a Plan of Action and Milestones (POA&M) report with recommendations for mitigation. 

Ongoing Risk Assessments, System Hardening, and Penetration Testing. We implemented system and application hardening measures in accordance with Security Technical Implementation Guides (STIGs), and conducted regular risk assessments and penetration testing to identify vulnerabilities in the network, LAN, and physical systems. TIAG’s proactive approach detected and responded promptly to unauthorized activities and attempts at accessing sensitive information and addressed emerging threats and vulnerabilities before they could be exploited.

SCCM Deployment for Efficient Patch Management and Enhanced Authentication Methods. Deploying SCCM allowed TIAG to ensure that patches and updates were applied consistently across all devices on the network. This contributed to the overall security of the network infrastructure and helped protect the organization’s systems and applications from risks and vulnerabilities. We also implemented more enhanced authentication systems for user accounts and restricted administrator privileges, ensuring that only authorized personnel had access to critical areas of the network. This strategy further protected sensitive data from potential cyberattacks and unauthorized access.

Advanced Risk Management Framework. We developed a comprehensive risk management framework and LAN Authority to Operate (ATO) packages for all sites – including all necessary documents and evidence related to security control implementation, assessments, and improvements for review by the Security Control Assessor (SCA) and Authorization Official (AO), including documentation. As part of this process, we ensured that controls and artifacts were verified to meet Defense Health Agency (DHA) cybersecurity regulations. 

Result

TIAG successfully converted all MTFs within the region from DIACAP to RMF, receiving the most approved three-year ATO accreditations among all regions. Our proactive approach and cutting-edge techniques to improve RHC-A’s cybersecurity posture not only strengthened their defenses and led to a significant reduction in vulnerabilities across the region, but also enabled them to more efficiently track and monitor their security status.

02
Federal Emergency Management Agency (FEMA)
FEMA Achieves Remarkable Security Scorecard Improvement Thanks to TIAG's Intervention
Customer Mission

The Federal Emergency Management Agency (FEMA), plays a pivotal role in the United States by coordinating disaster response and recovery efforts, providing assistance to affected individuals and communities, and promoting emergency preparedness nationwide

Challenge

FEMA was facing significant issues with their cybersecurity infrastructure, scoring the lowest in the Department of Homeland Security on the Federal Information Security Management Act (FISMA) Information Security Scorecard, with only an 18% score. These challenges stemmed from a number of underlying issues, including:

  • Operating systems under expired Authorization to Operate (ATO) designations
  • Inadequate documentation and processes
  • A lapse in contract, resulting in the absence of an Independent Verification & Validation (IV&V) team
  • Incomplete or behind-schedule assessments

With FEMA’s security infrastructure at severe risk, TIAG’s intervention was critical to achieving full FISMA compliance and safeguarding the organization’s operations.

Solution

TIAG stepped in, tackling the challenges head-on with innovative strategies and methodologies. Key actions taken by TIAG included:

  • Conducting TIAG’s Own IV&V Testing: In the absence of a third-party IV&V team, TIAG conducted our own assessments, addressing the backlog of tasks and ensuring continuous progress in the ATO process.
  • Establishing a Knowledge Management Repository: TIAG centralized all critical documentation, streamlining access to up-to-date material and ensuring transparency across all teams.
  • Developing a Compliance Portal: To systematically identify and mitigate existing vulnerabilities, TIAG implemented a compliance portal to provide a streamlined, cohesive view of the security landscape.
  • Implementing a Matrixed Structure: TIAG fostered alignment between FEMA’s security policies and procedures by developing a matrixed infrastructure that accounted for risk type, criticality, on-premises/cloud storage, and target states.
  • Identifying High-Impact Systems: TIAG pinpointed Software as a Service (SaaS) and cloud-based systems that achieved ATO quickly, with a focus on those set for modernization within 12-18 months.
  • Onboarding Assessors: Until a third-party contract was settled, TIAG brought in-house assessors to conduct assessments, ensuring that progress stayed on track.
Result

TIAG’s approach led to a resounding success, with FEMA’s FISMA score soaring from 18% to a remarkable 97%. By achieving full compliance with federal information security standards and regulations, FEMA saw vast improvements in their operational efficiency and significant reductions in government expenditure. Some notable achievements included:

  • Successfully completing over 2,200 Plans of Actions and Milestones
  • Acquiring 110 Authorization to Operates (ATOs)

These accomplishments, alongside TIAG’s expertise in cybersecurity best practices and innovative solutions, ensured that FEMA’s IT infrastructure saw a significant boost in security, better safeguarding critical data, and streamlining the accuracy of their operations.

03
Financial Crimes Enforcement Network (FinCEN)
FinCEN Partners with TIAG to Bolster Cybersecurity Ahead of Audit
Customer Mission

The Financial Crimes Enforcement Network (FinCEN) is responsible for safeguarding the country’s financial system from illicit use, combating money laundering and its related crimes including terrorism, and promoting national security through the strategic use of financial authorities and the collection, analysis, and dissemination of financial intelligence.

Challenge

FinCEN contracted TIAG to strengthen its cybersecurity infrastructure in preparation for an upcoming audit. 

Solution

TIAG’s Mentor-Protégé joint venture with Saliense, SynergisT JV, provided a secure environment where FinCEN’s applications could be scanned, tested, and patched. SynergisT JV also supported FinCEN’s risk management framework through vulnerability mitigation and management, which included modernizing and tailoring FinCEN documentation and cross-training staff to increase personnel flexibility and capabilities. Additionally, the team:

  • Conducted a thorough analysis of FinCEN’s security infrastructure and identified issues with the Nessus Tenable instance.
  • Designed, built, and established a resilient vulnerability management infrastructure utilizing Nessus Tenable and bespoke processes for enhanced automation.
  • Revamped FinCEN’s SSP (System Security Plan) and supporting artifacts for a robust and secure foundation.
  • Modernized and customized FinCEN documentation and cross-trained staff to increase personnel flexibility and capabilities.
Result

TIAG’s cybersecurity overhaul for FinCEN propelled the organization into a secure and compliant cloud environment. With over 1,000 previously undetected vulnerabilities addressed and substantial improvements to the security infrastructure, TIAG’s work with FinCEN yielded impressive results:

  • Significant improvement in FinCEN’s cybersecurity posture and compliance levels.
  • Reaffirmed leadership’s confidence leading up to the annual Cyber Security audit.
  • Expansion of TIAG’s services to support a new area of FinCEN’s operation, resulting in two additional contract positions.
  • Ongoing talks about a direct 5-year award to TIAG.
  • Increased efficiency in maintaining FinCEN’s cloud environment.
04
Naval Information Warfare Center (NIWC)/Cybersecurity and Information Technology Support and Services (CITSS)
TIAG Helps Navy Shore Up Cybersecurity Infrastructure Across the World
Customer Mission

Commander, Navy Installations Command (CNIC) is responsible for the U.S. Navy’s worldwide shore installation management. As the Navy’s shore integrator, CNIC designs and develops integrated solutions for sustainment and development of Navy shore infrastructure. With more than 53,000 military and civilian personnel worldwide across 10 regions, 71 installations, and 123 Naval Operations Support Centers, CNIC is responsible for the operations, maintenance and quality of life programs to support the Navy’s Fleet, Fighters, and Families.

Challenge

Being accountable for over 90 systems varying from a few to a thousand components in size, CNIC must direct, guide, and coordinate with each of the system owners regarding cybersecurity activities. They are required to report status and set priorities at the Echelon II level. When authorizations for several systems expired, they needed a partner to support this effort.

Solution

In support of the contract, TIAG’s team of cybersecurity experts was tasked to authorize the systems located worldwide that vary in size and complexity by maintaining and modernizing the infrastructure to enhance the ability to perform core missions. Through the assessments and authorization process, we are able to identify and report higher security risk areas to CNIC and Navy authorities, which leads to updating and upgrading older technologies. Our team’s combined experience of over 170 years enabled us to execute the tasks in an expeditious and efficient manner. We recommended setting up processes that measured progress quantitatively and anticipated shortcomings, which were addressed proactively. TIAG developed an event-based schedule and resource tracker for the team to support the 6-step RMF activities.

Result

In less than six months, CNIC received authorization for five systems and are on the verge of completing six more in the next couple of months due to the process in place and team of cyber professionals. The graphical view of the resource tracker allows us to easily adjust by augmenting any over-burdened team member. NIWC and CNIC customers have repeatedly praised our accomplishments so much so that they asked us to supplement some of their duties. We continue to improve our way of conducting business.

05
Uniformed Services University of the Health Sciences (USUHS)
TIAG helps the Uniformed Services University of the Health Sciences (USUHS) protect and defend data and information systems and provides security incident response services.
Customer Mission

The primary mission of the USUHS is to train, educate, and prepare uniformed services health professionals, officers, and leaders to directly support the Military Health System, the National Security and National Defense Strategies of the United States, and the readiness of our armed forces.

Challenge

Network vulnerabilities put the USUHS military network at risk of disconnection from the Defense Information Systems Agency (DISA)-managed Global Information Grid (GIG). Unless successfully remediated, these vulnerabilities would have severely affected the USUHS mission and put at risk the education programs it provides.

Solution

After evaluating the USUHS IT environment and security posture, we built and executed a systematic transformation and accreditation strategy, focusing on the USUHS network infrastructure, computing devices, and enterprise management tool set. We created a configuration management database and asset portfolio of all resources and evaluated and addressed any shortcomings in all assigned systems. Finally, our experts in cybersecurity enhanced the organization’s security by hardening server and network infrastructure, addressing security vulnerabilities, and creating unique compliance documentation. The project concluded with full visibility, management, and vulnerability coverage of their non-homogeneous environment and divergent networks, successful disposition and remediation of all systems assigned, and a new accreditation of both their .MIL and .EDU networks–one of the first in the DoD. Currently, we are responsible for all aspects of Risk Management Framework (RMF) preparation and submittal, IAVA tracking and compliance, policy development and enforcement, and ensuring security compliance and accreditation of all USUHS networks and systems. Our approach involves all measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation.

Result

The President of USU gave TIAG an award for our Exceptional Performance implementing the full suite of DoD Information Assurance Certification and Accreditation Process remediation services that helped them achieve an Authority to Operate for their military and .EDU network circuit.