Over the years, the Department of Defense (DOD) has continued to improve and optimize its capacity and capability to prevent and respond to an ever-increasing number of cyber threats and challenges. These include attributing cyber-attacks to their source; maneuvering in foreign cyberspace; relying on contracted commercial assets, including Internet service providers and global supply chains; and procuring mission-essential information technology products and services from foreign vendors.
Today, cyberspace missions including Offensive Cyberspace Operations (OCO), Defensive Cyberspace Operations (DCO), or Department of Defense Information Networks (DODIN) operations are becoming more and more complex. Among others, this is due to the operational tempo for execution requiring a higher level of integration and synchronization, significant pre-operational collaboration, and constant vigilance after initiation – all key components for effective coordination and deconfliction as the mission evolves through the operational environment.
While the line of sight may be blurry for the average cyber enthusiast, strategically, the DOD methodically executes cyberspace missions in and through cyberspace through defined relationships, roles, and responsibilities that are carefully shared among the Joint Staff, combatant commands, United States Cyber Command, the service cyberspace component commands, and combat support agencies.
Operationally, key organizations such as Defense Information Systems Agency (DISA) and National Security Agency (NSA) cooperate, collaborate, and coordinate continually to introduce products, services, and solutions to operationalize the DOD cyber vision.
Tactically, 27 DOD Cybersecurity Service Providers (CSSPs) play a usually unnoticed but key function provisioning 24x7x365 DCO services to implement and protect what has become the most complex and largest cyber terrain in the world, the DODIN, which is simply all DOD cyberspace.
CSIOS, a Maryland-based, veteran-owned provider of cyberspace operations that specializes in supporting 24x7x365 U.S. federal cyber providers worldwide, is creating new value chains through disruptive cyber innovations related to concepts, products, and 24x7x365 cybersecurity services. Led by President Cesar Pie and Vice President Clinton Hackney, CSIOS cultivates and continually refines its 24x7x365 cyber services through the knowledge gained from conducting countless site assistance visits, mock inspections, and formal inspections at Federal CSSPs, Network Operation Centers (NOCs), Security Operating Centers (SOCs), and Cybersecurity Integrity Centers (CICs) provisioning critical cybersecurity services to protect and defend U.S. data, information systems, and networks.
The Operational Threat Environment
It is no secret that the federal government’s segment of the country’s cyberspace domain is under persistent attacks from nation-state- and non-state-sponsored enemies. The enormous size and value of America’s federal information systems and networks has made it a relatively easier and more appealing target for a growing number of cyber-attacks and exploitation activities which are becoming more repeated, sophisticated, aggressive, and dynamic. In fact, when combined, all U.S. Government information systems and networks represent the largest attack-surface in the world. This cyber terrain is not only open to thousands of known (and potentially unknown) vulnerabilities for adversaries to exploit, it is also subject to serious cyber-attacks and exploitation activities, any of which could have adverse effects on our nation’s and allies’ missions and operational priorities.
In recent years, U.S. Federal CSSPs, NOCs, SOCs, and CICs provisioning 24x7x365 cybersecurity services have progressively and systematically matured to become one of the most critical components of our federal defensive strategy. Today, more than 100 federal CSSPs, NOCs, SOCs, and CICs are responsible for provisioning these DCO services (e.g., identify, protect, detect, respond, recover, and sustain) to implement and protect our federal government’s information networks.
These organizations face a constant uphill battle as the attack-surface they have to protect has grown considerably and is expected to spread even further. While it was sufficient in the past to focus on network and endpoint protection, today’s applications, cloud services, mobile devices, and the Internet of Things represent a much broader cyber terrain to defend. This wider and deeper mission-relevant cyberspace terrain is further complexed by the volume, variety, veracity, and velocity of data generated by myriad information technology and cybersecurity tools.
According to Pie, “U.S. cyber defenders are challenged to protect an attack-surface that continues to grow rapidly and significantly. Running on what appears to be an endless hamster wheel, we are now, as a cyber nation, coming to the realization that we are basically unable to defend every information system and network against every intrusion as our portion of the cyberspace domain has simply become too large and vast to close vulnerabilities that surface daily.”
Creating New Value Chains Through Disruptive Cyber Innovations
Over the past decade, Pie and Hackney have uniquely and comprehensively helped build and advance the mission of Federal CSSPs, NOCs, SOCs, and CICs provisioning 24x7x365 cybersecurity services to protect and defend U.S. information systems and networks with a culture is guided by 10 core business values: honor, integrity, trust, respect, leadership, accountability, excellence, teamwork, corporate citizenship and customer focus; and the team is committed to innovation, collaboration and results.
“We are collaborating and cooperating within and across the federal government with industry, research organizations, with international allies and partners, and with state and local governments to build the capacity for our federal customers to conduct combined cyberspace operations to deter and if necessary, defeat aggression in cyberspace. Together with our partners, we are crafting the strategies, plans, capabilities, and processes now to better service and defend U.S. federal networks, systems, and information, defend the U.S. and its interests against cyberattacks of significant consequence, and provide integrated cyber capabilities to support continuous improvement and optimization of operations, as well as contingency plans in the future,” noted Hackney.
A key component of services and processes is the blending of its quadruple International Organization for Standardization (ISO) and double Capability Maturity Model Integration (CMMI) V2.0 Maturity Level 3 ratings for Development (CMMI–DEV) and Services (CMMI–SVC) with its provisioned 24x7x365 cyber services. Pie and Hackney have led CSIOS to be recognized as the only cyber firm with OCO, DCO, and Information Network Operations services certified under ISO 9001:2015 (Quality Management System), ISO/IEC 20000–1: 2011 (Information Technology Service Management System), ISO 22301: 2012 (Business Continuity Management System), and ISO/IEC 27001: 2013 (Information Security Management System). CSIOS’ “Cyberspace Operations Division” is fully appraised to operate under CMMI–DEV and CMMI–SVC Maturity Level 3 ratings. CSIOS ISO- certified and CMMI-appraised services guarantee that every cyber capability and service developed or provisioned by its “Cyberspace Operations Division” will meet a distinctly unique and unmatched level of maturity and excellence before release.
CSIOS’ services to Federal cyber service providers go beyond fusing ISO and CMMI methods with proven cybersecurity approaches and principles (e.g., defense-in-depth, layered defenses, mission relevant cyber terrain prioritization, attack surface target reduction, domain separation, process isolation, abstraction, resource encapsulation, least privilege, data hiding, modularity, simplicity, adaptation and operational resiliency) to achieve the ideal made-to-measure solution for each of its customers. In fact, through its unique continuous improvement and optimization construct, CSIOS has been able to identify more efficient, effective, and time-saving management processes; improve incident response times; and minimize disruptions to cybersecurity services, all while reducing operating costs and continuing to maintain compliance with customers’ legislative and regulatory requirements.
A Must Have for all 24x7x365 CSSPs, NOCs, SOCs, and CICs
CSIOS’ approach to CSSPs, NOCs, SOCs, and CICs services has become the blueprint for next-generation cybersecurity services, helping evolve these organizations into high-performing cybersecurity service providers. While CSIOS’ compliant and mission-ready cybersecurity services have unlocked new service delivery levels for its federal customers worldwide, the company is currently widening its focus to include product innovation. This is in an effort to automate and optimize the nature and characteristics of the CSSPs, NOCs, SOCs, and CICs missions in a way that has never been done before.
CSIOS’ new technology solution provides CSSPs, NOCs, SOCs, and CICs organizational leaders, managers, and operators with a centralized capability to continuously improve and optimize operators, technologies, processes, services, and subscriber‘s efforts. Simply put, by centralizing and making data and information in these areas immediately available, leadership is better positioned to support informed and actionable resource and risk management decisions; drive behavior; and empower stakeholders to be responsible owners accountable for the cybersecurity of their users, information systems, and networks. CSIOS’ solution also shortens assessment preparation timeframes and increases productivity allowing operators to focus their efforts on other operational and technical tasks, as well as reducing surge events and costs during audit cycles.
Additionally, quantifiable cybersecurity metrics, shortfalls and limitations can be tracked, documented, and researched easily and quickly as the organization continuously baselines and evaluates improvements in all 5 cybersecurity areas at regular intervals and in detail. Through CSIOS’ solution, reactive processes are simply replaced by proactive ones, processes to provision cybersecurity services are fully controlled and managed, with focus on tracking deficiencies and integrating lessons learned to continually drive operational improvement and ultimately helping shape the integrated cyber mission space through collaboration with Federal and industry mission partner organizations.
“We have initiated the testing lifecycle of a new capability designed to assist Federal cybersecurity service providers achieve higher levels of cybersecurity services and process maturity while maintaining regulatory compliance and facilitating operational readiness and reporting. This solution will provide organizational leaders, managers, and operators with the ability to monitor, measure, and report the maturity of 24x7x365 operators, the technologies they use, the processes they follow, the cybersecurity services they provision, and the subscriber’s networks they protect,” stated Pie.
Kristi S. Halford