Managing Cyber Risks
Perhaps the biggest area of concern for all our clients is their inability to understand their cyber risks so they can effectively manage those risks. From digital roadmaps to quantitative cyber risk modeling, to systematic solutions for deploying new tools across their enterprises, we help our clients make better decisions and smarter investments.
Many of our clients struggle to launch their digital journey simply because they don’t know where to start. Our advice is to think big, start small, and act fast, and then develop a digital roadmap to keep you on track. We leverage our cybersecurity expertise to ensure that roadmap, and the technologies that will be deployed along the way, individually and collectively maintain a secure posture for your mission or business. We’re currently helping the Defense Health Agency understand the risks of connected Medical Devices as part of their digital roadmap to deploy those devices across the DoD enterprise.
Case Study: Securing DOD Health Infrastructure
Military Treatment Facilities lacked the security engineering necessary to remediate vulnerabilities arising within and across a complex cyber domain.
Cyber Modeling for Operations Resiliency
Even if you know what your cyber vulnerabilities are, do you know your system’s susceptibilities to cyber attacks and the associated mission impacts? How should you prioritize investments to address those susceptibilities? Every organization is struggling with those questions. To help address those questions, Sentar has developed MissionValor, an objective and repeatable systems engineering process to assess the susceptibility of a system to specific cyber-attacks and predict the mission impact of such attacks. This is accomplished via the MissionValor methodology, which encapsulates the analysis of threat/attack vectors, maps to mission dependencies, and predicts mission operational impacts, thus enhancing the cyber resilience of the operational/mission system.
Risk Management Framework Solutions
If you’re leading a DoD organization tasked with developing and deploying new or modified systems, you have an obligation to ensure those systems are secure. The selection and specification of security controls for a system is accomplished as part of an organization-wide information security program that involves the management of organizational risk. The Risk Management Framework provides a process that integrates security and risk management activities into the system development life cycle. This risk-based approach to security controls selection and specification considers effectiveness, efficiency, and constraints due to applicable laws, directives, Executive Orders, policies, standards, or regulations. Our RMF expertise has attained national recognition through the successful completion of projects across the Army, Air Force, Navy, Defense Health Agency, Missile Defense Agency, and other DoD organizations. Our RMF expertise extends to Operational Technologies, e.g. Industrial Control Systems, which are increasingly becoming connected to mission networks that enable combat and combat support operations.
Case Study: Developing Secure Systems in Healthcare
The mission objective of the client’s program is to seamlessly deliver critical information to Military Health System (MHS) stakeholders within an exceedingly complex and evolving technology construct to better enhance operational decision-making. A key component, Sentar’s Enterprise Intelligence and Data Solutions (EIDS) Cyber Team, focuses on Risk Management Framework (RMF) support, policy development and evidence collection for Authority to Operate (ATO)/Risk Assessment efforts, Assured Compliance Assessment Solution (ACAS) scanning, and more.