Detect, Analyze and Mitigate Intrusions

Abstract

Provide cybersecurity activities including: Federal Incident Response Centers; National Institute of Standards for Technology (NIST) SP 800.53 Implementation; Cyber Threat Analysis; Cyber Continuity of Operations (COOP); Incident Response and Remediation; Forensics and Damage Assessment; and Computer Emergency Response Teams. Recurring Activities for the Detect, Analyze and Mitigate Intrusions Accomplishment: -Test Risk Management Framework (RMF) controls on all IT supporting research, development, test and evaluation and DoD-controlled Information Technology (IT) operated by a contractor or other entity on behalf of DoD and reported. -Conduct RMF analysis and reporting for the MDS such as evaluation of residual risk by incorporating current and proposed MDS monitoring and mitigations. -Maintain MDA Computer Emergency Response Team (MDA CERT) as a fully accredited Tier II Cybersecurity Service provider (CSSP) in accordance with CJCSI 6510.01F and DoD O-8530.1. -Perform CSSP services (protect, detect, respond and sustain) for all MDA Common-use IT Services, MDA Mission and test networks and enclaves 24 hours a day, 7 days a week, 365 days a year. -Conduct application testing that looks for vulnerabilities and issues using a number of tactics, technical and procedures. -Conduct vulnerability scanning of MDA network to assess risks to MDA data from inside and outside sources. -Conduct monthly cybersecurity vulnerability audits. -Issue and track implementation of Information Assurance Vulnerability Alerts (IAVA), Bulletins and Technical Advisories. -Implement Information Assurance Vulnerability Alerts (IAVA) and Communication Tasking Orders remediation and patches. -Perform network security monitoring of all MDA subscriber networks and enclaves. -Conduct system forensic analysis, review content of compromised system, document files and data, and identify tactics, techniques and procedures used by an attacker to gain access. -Develop and maintain the RMF package for the MDS Mission System to support a full Authorization to Operation (ATO). -Compile and validate MDS Mission Element-level authorization and assessment documents to include MDS Element-level System Security Plans (SSPs), Security Controls Traceability Matrix (SCTM), Plan of Action and Milestone (POA&M) artifacts and support conduct of Control Validation Testing (CVT). Execute controls validation integration testing as part of developmental testing efforts for the MDS. -Ensure MDA mission, test, and common-use IT systems are operated securely in accordance with DoD Risk Management Framework policies. -Prepare and maintain current RMF documentation for MDA networks and systems reported to DoD and Office of Management and Budget (OMB). Specific and/or unique accomplishments to each FY are as follows:

Document Details

Document Type
Accomplishment
Publication Date
Oct 01, 2022
Source ID
874df873591d55546e77cba435a106fd

Tags

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Defense Financial Management and Audit.

Technology Areas

  • Cyber

Related Documents