Critical Infrastructure Protection Case Study

Background

The client is establishing an enterprise command center that features Information Technology Infrastructure Library (ITIL) Version 3 best practices, service-based Service Desk and a Remote Management Desk.  The command center when completed will provide 1st line command and control of IT Service disruptions (including incidents and infrastructure exception events) and facilitate the resolution of IT Service Requests for the global enterprise. A suite of enterprise resource management tools including, but not limited to, products such as Hewlett Packard’s Network Node Manager, Discovery and Dependency Mapping Inventory (DDMi) and a universal configuration management database (uCMDB) are being implemented to facilitate critical infrastructure asset identification, detection and monitoring of infrastructure events, change management, incident reporting, incorporate security operations into the service desk and enhance the agency’s event reaction capabilities.

Solution

Ex Nihilo developed the Certification and Accreditation (C&A) package in accordance with the NIST Risk Management Framework and agency-specific information security policies including the Security Requirements Traceability Matrix (SRTM), Security Concept of Operations, Privileged Users Guides, Incident Response Plan and Procedures, Security Training and Awareness Plan, and Backup & Restoration Procedures. Our information assurance professionals developed and executed test plans necessary to assess the vulnerability of information technology assets such as ports, protocols, databases, password protection, user privileges, software, hardware, virtual machines and security support structures. We worked with system, network, and application engineers to minimize operating system loads, harden databases, disable unnecessary services, implement strong passwords and identify the steps necessary to eliminate and/or significantly reduce the vulnerability of these assets.

Results

Ex Nihilo personnel serve a critical role in the protection of information systems by using best of breed information assurance solutions such as Xacta to ensure compliance with the leading government and industry standards including DIACAP, CNSS 1253, NIST, FDCC/SCAP, FISMA reporting, HIPAA, Sarbanes-Oxley, GLBA, COBIT, ISO 27002 (formerly ISO 17799) and PCI DSS. Ex Nihilo professionals perform continuous monitoring, make periodic updates to system security plans based on changes to information systems, report updates to the POA&M and support information systems reaccreditation. We perform FISMA and information system security compliance tasks to include monitoring audit, database, system and access logs, maintaining information assurance vulnerability alerts (IAVA) compliance, verifying and approving changes to the information system such as ports, protocols, routers, IP addresses, DNS names.