Intelligent Designs For Intelligence Solutions

Intelligence Services – Cybersecurity

VNE has extensive experience in protecting the integrity of unclassified and classified systems and data in compliance with USMC, DoN, DoD, and Intelligence Community (IC) standards. We implement and execute Risk Management Framework (RMF) processes to ensure acceptable security controls are established for maintaining the security posture of these systems.  Our experience includes providing Cybersecurity, IA, and Computer Network Defense (CND) analysis for the identification, analysis, and reporting for the protection of information, information systems, and networks that included an enclave of 13,000 combined servers, workstations, and appliances.

Service/Capability Provided Key Attributes and Certifications
  • RMF support
  • Assessment & Authorization (A&A) and Certification and Accreditation (C&A) to achieve Authority to Operate (ATO) compliance
  • CND, IA Security Architecture Engineering, and IA Management
  • Enterprise Information Services (EIS) systems/software/networks
  • Network Operations Center (NOC) and Process, Exploitation and Dissemination (PED) support
  • Support to Cyber Offense:
    • Conducting analysis of networks
    • Employing ethical hackers to analyze network information
    • Conducting IP exploration and identification
    • Open Source Research on adversary networks, finances, and resources
    • Software asset management
    • Vulnerability testing and IV&V
    • Infrastructure management
  • Support to Cyber Defense:
    • Access controls, data dictionaries, indexes
    • VMWare workstations, servers, and virtual networks for defensive analysis
    • Infrastructure management (DoD Cyber Range operations support)
    • Security management (SETA support for IC Directive 503 (IC C&A) and Shared Security Model)
    • Software asset management
  • SMEs with expertise supporting Cybersecurity, Information Warfare and Operations in the Information Environment
  • Expertise in DFARS 252.204-7012 implementation requirements
  • Staff experienced with implementing USMC Cybersecurity, EW and Information Warfare doctrine and requirements
  • DoD Cyber Workforce Framework (DCWF) certified staff under DoD 8570.01-M
  • DoD 8570 to DoD 8140 DCWF transition requirements
  • Expertise in implementing DoD Instruction 8510.01 RMF, Intelligence Community Directive (ICD) 503, and RMF/National Institute of Standards and Technology (NIST) Special Publication 800-53 requirements
  • Compliance with Safeguarding Covered Defense Information Controls
  • Expertise in performing security assessments; Information Assurance Vulnerability Monitoring (Information Assurance Vulnerability Alerts (IAVA), Bulletins (IAVB) and Technical Advisories (TA)); Defense Information Security Agency (DISA) Security Technical Implementation Guide (STIG) testing; and system security scans
  • System Security Plan (SSP) development IAW DFARS 252.204-7008
  • Protecting Controlled Unclassified Information (CUI) in Non-Federal Information Systems and Organizations
  • Cybersecurity tool expertise to include: MCCAST, JWICS Xacta, Retina, ACAS suite, HBSS, IDS, IPS, SCOM, SCCM and SIEM tools.
Recent/Relevant Experience
Intelligence Services – Cybersecurity

  • Researched, designed, acquired, built, tested, and continue to manage a secure Development Network, IAW DFARS 252.204-700 and NIST 800-171 Rev 2, for the USMC DCI, WRD, Info Mods program.
  • Provided cybersecurity, IA, RMF, A&A and C&A services to MCIA’s S-6 Information Systems Directorate (ISD) and Sensitive Compartmented Information (SCI) Enterprise Office (SEO) in support of the MCISRE and Joint Worldwide Intelligence Communications System (JWICS) Enterprise computer systems, networks and enclaves.
  • Provided Information System Security Engineering support to the MCIA Chief Information Assurance Officer and CND that included: generating security assessment/authorization packages that identified the required security controls for planned accreditation. VNE also provided IA Planning and Documentation, IA Manager (IAM), Information System Security Manager (ISSM), IA Officer (IAO), Information System Security Officer (ISSO) and IA Technical (IAT) support to include: developing vulnerability management processes; ensuring MCIA systems were in compliance with necessary requirements; preparing vulnerability management workflow diagram documentation to complement the procedures; providing RMF compliance verification, enforcement, and remediation for MCIA systems and networks; and, maintained SW baselines and completed RMF A&A to achieve ATOs.
  • In support of maintaining the ATOs for our customer’s C5ISR and Intelligence systems, software and networks, VNE provides cybersecurity support that includes, but is not limited to: monitoring IAVAs, IAVBs and TAs; applying associated updates and patches; performing STIG testing; developing security documentation and testing system configurations using SCAP and ACAS in accordance with RMF requirements; conducting system security scans and vulnerability assessments; performing remediation to rectify critical findings, documenting mitigation actions and updating systems’ POA&M as required; and providing results to the Delegated Authorizing Official (DAO)/Authorizing Official (AO). VNE provides these services to our NIWC Atlantic, MCIA, USMC DCI WRD, ONI, JIEDDO Counter-IED Operations Integration Center (COIC), JIDO Software Integration Lab (SIL), and USMC and DIA Cyber Range customers.
  • VNE operated, tuned, and maintained the MCISR-E cybersecurity tools, software, devices, appliances, systems, and networks supporting the MCIA ISD. We provided expertise in conducting security scans, monitoring system activity, identifying and tracking security vulnerabilities and incidents, determining remediation, resolution or mitigation, and reporting.
  • VNE provides cybersecurity support to the USMC and DIA Cyber Range with virtual machines, networking, and computer replication of the Cyber Range customer’s networks; Cyber Range customer coordination, in-brief and out-brief services; and cybersecurity gaming attacks on the virtual systems.