Cybersecurity

    Threat Vigilance – Continuous Risk Management Through Information Security

    Threat Vigilance

    Threats are numerous and constant. We are all one breach away from being featured on the evening news or thrust into emergency mode.  CVP goes beyond compliance, providing cybersecurity solutions that are focused on continuous risk management through information security.

    CVP provides a uniform and evolutionary approach to address an organization’s critical security needs that emphasizes a risk-based approach. Using a proactive security management approach, we reduce overall risk while improving your security posture.

    • Our deep federal security program experience helps us quickly recognize and stop any “bleeding,” while we build, deploy, and improve the program, resulting in threat vigilance for a range of organizations.
    • Have a mature program? We build on your organization’s success by adapting and applying the latest industry best practices.
    • Our techniques mean we hunt threats, prevent attacks, and respond to security incidents more efficiently with fewer personnel.

    Beyond mere compliance with the federal security requirements that flow out of FISMA provisions, Executive Directives, and NIST frameworks, we identify and fill program gaps to create a comprehensive risk management program to give you peace of mind across your mission-essential program portfolio.

    Innovation: Threat Intelligence Lab (TIL)

    CVP’s Threat Intelligence Lab offers a sustainable, customizable solution that serves two purposes: for threat analysis and response and a training ground for security analysts and IT professionals. Using the Lab helps prioritize security operations, sharpens forensic and analytical capabilities, and strengthens the use of data and security resources. Threat analysis is the first line of defense in cybersecurity,

    The Lab creates a small virtualized network that simulates desktops and servers within virtual machines. CVP deploys the Lab on a stand-alone workstation or laptop. This local implementation ensures practical deployment regarding a client’s security policies, reduces dependence on costly commercial licenses, and does not require remote-hosting. In this quarantined environment, CVP analysts open suspect files or links to observe what happens. The Lab may use a dedicated line for accessing the public Internet and connecting to untrusted sources without putting a client’s assets or data at risk – an essential capability to forensically analyze potentially malicious code. We can then formulate and test specific, risk-based response strategies before an actual attack.

    CVP’s security team first developed the Lab as an environment for training cybersecurity specialists. Modern digital defense techniques require hands-on experience with malware and the software that defends digital networks and devices under control conditions. The CVP team soon realized that they could apply the TIL in clients’ environments for malware forensics and incident response.

    See the video above to understand how our analysts use the TIL.

    Subscribe to our Cybersecurity channel

    Representative Projects

    Protecting Enterprise Systems from Cyber Threats
    CVP manages the security operations center (SOC) of a food inspection agency that has a workforce of over of 11,000 employees and contractors that operates nationwide. Because three quarters of workforce is mobile working on-site inspections across the country, CVP handles security operations and incident handling with an integrated, multidisciplinary team that does not disrupt critical public health-related business operations. We hunt threats, prevent attacks, and respond to security incidents with tools and processes aligned with federal policies and guidelines. Each month, we analyze thousands of security events and respond to 30 declared incidents a month on average. Our plan safeguards operations, stops unauthorized access, protects against malware, prevents data loss, ensures availability, and eases network management. Our SOC team has better situational awareness and can use event and threat information to better assess and mitigate the risk.
    Restructuring an Enterprise Security Program
    CVP helped a federal financial management agency restructure its cybersecurity program. CVP started a vulnerability scanning program customized to the agency’s environment and made it into a defined, repeatable, and scheduled operation. We defined the agency’s set of common controls and introduced system owners and stakeholders to the integration of enterprise controls into previously insular security plans. We worked collaboratively to structure a mitigation tracking plan, define standards, map a common set of fields, terms, and methods, and distribute templates for consolidated use by the organization.
    Remediating Security Weaknesses
    A health insurance contractor had failed several external security audits. It brought in CVP to rewrite its System Security Plan to address audit red flags and achieve compliance with federal guidelines and regulations. CVP provided security expertise and technical writing to assist the Systems Security Officer and system owners with the review and development of the info sec program, policies, standards, and procedures. We also produced the lifecycle documentation required to meet federal requirements. In less than 60 days, CVP helped re-establish system boundaries and common controls, and document control implementations, clearing all audit findings.
    Supporting System Security Authorization
    CVP carried out a security assessment and authorization (A&A) program for the federal agency. CVP developed a standardized methodology across the organization, engaging and integrating all stakeholders. Our support included package creation, testing and delivery; developing and refining A&A policy, procedures and guidelines; and compliance monitoring. CVP tracked and maintained data relevant to Federal Information Security Management Act reporting, including system inventories, mitigation tracking plans, and self-assessments. We also updated all A&A package components to comply with new federal standards. This work included reworking the Continuity of Operations, Contingency, and Disaster Recovery plans.

    Meet Featured CVPros

    Eric Tompkins

    Eric Tompkins

    Info Security Services Lead

    Leads the Info Sec Community of Innovation. Co-creator of CVP’s Threat Intelligence Lab (TIL). 30 years experience in managing operational risk and cybersecurity programs.

    MEET ERIC

    Chris Pilkington

    Chris Pilkington

    Senior Technologist

    20 years of experience in IT infrastructure and security engineering. Leads efforts to incorporate dynamic security testing in QA automation and system deployment.

    MEET CHRIS