The significant increase in the use of off-premises and cloud computing resources, remote sensor and data collection systems, along with the explosion of work-from-home requirements and exponential growth of data stores has put even more emphasis on securing the networks, computing systems, and data collection systems used by commercial and government agencies. IT and Cyber Security emerged as the key element in ensuring the benefits of automation and computing over the last decade or more. As the ability to collect and store data, much of it sensitive, and automate tasks via the use of computing systems over networks has increased, so has the need to secure all of the above from sophisticated and malicious attacks.
All Native Group (ANG) recognized the growing needs of its commercial and government clients for IT and Cyber Security support and has worked to develop our capabilities and competencies to ensure we continue to provide the services and support our clients need in today’s challenging environment. ANG provides Information Assurance (IA), Information Systems Security oversight and management, and Security Engineering services to multiple clients, both commercial and government. Here are a few examples of how ANG assists our customers in securing their networks, computing systems, and their agencies.
Cyber Security Training
Thunderridge Solutions, a division of Ho-Chunk, Inc., Information Assurance staff assigned to the Foreign Service Institute provide instructional design, curriculum development, classroom instruction, and Just-in-Time Cybersecurity related training to State Department Information Assurance personnel. Fulfillment of this requirement is via instructor-led, asynchronous, hybrid, virtual training, webinars, podcasts, and IA workshops. This training helps the Department of State ensure that it has trained and competent personnel on staff to secure its systems all over the world.
Security Engineering & Information Assurance
ANG worked with NETCOM G-3/5 to secure its systems via Security Engineering and Information Assurance assistance. In conduct of the primary work of proactive analysis, the ANG team monitored hundreds of network and system sensors throughout the continental United States, Korea, Germany, Hawaii, Alaska, Guam, Japan and Southwest Asia for anomalous conditions, behaviors and derivations in operating parameters. During these deep dive efforts into key performance indicators we would find Information Assurance and Cyber Security anomalies. These anomalies were investigated, researched, defined, and documented then sent to the NETCOM, DODIN-A Fusion Center, and the NETCOM Cyber Security Division (CSD) for further investigation and adjudication.
Additionally, as part of our duties the ANG team employed three IA engineers conducting Risk Management Framework (RMF) efforts on the associate sensor arrays, test devices, Platform IT (PIT) and test systems. These efforts included running Security SCANS, Security Technical Implementation Guides (STIG) implementation, system configurations and security configurations, Security Content Automation Protocols (SCAP), Plan of Action and Milestones (POA&M) development as mandated by the Federal Information Systems Management Act of 2002 (FISMA), Enterprise Mission Assurance Support Service (eMASS) control entries, document and artifact development and submission to Information Assurance Program Manager (IAPM) and Authorizing Officials (AO) for Authority to Operate (ATO) determination within NETCOM, Assistant Chief of Staff (AcoFs) G3/5 and CSD.
Information Systems Security Management Support
ANG provides staff augmentation and information systems security support to the Department of Homeland Security, Customs & Border Patrol (CBP). We provide highly qualified and experienced Information Systems Security Officers (ISSOs) that oversee operational systems to ensure constant, consistent, and compliant security. We work directly with our government counterparts to help them ensure compliance to all relevant and required standards and to ultimately ensure the continuous security of the systems, networks, and sensors employed by the CBP.
In addition to the daily duties of system monitoring and incident management, our ISSOs support project and program managers in the development, implementation, and integration of new systems and system upgrades. Working closely with customer Program Managers (PMs), Information Security Managers (ISSMs), and engineers, the ISSOs help develop, implement, verify, and validate security requirements and solutions. This work helps CBP ensure that all new systems or system upgrades are compliant upon implementation. Doing the work upfront reduces the risk of the introduction of security vulnerabilities when integrating new systems and helps to ensure that all CBP systems remain secure.
Michael Olsen, Director – IT Service
All Native Group
Scott J. Freeman, Program Manager
All Native Group