fbpx

Securing Enterprise Operations, 24x7x365, for the FBI

  • Customer Story
  • Cyber Engineering
  • Health & Civilian

Background

The Federal Bureau of Investigation’s (FBI) Office of the Chief Information Officer (OCIO) protects the agency’s information, defends its information systems and cyber networks, provides integrated situational awareness, transforms and enables the agency’s information assurance (IA) capabilities, and creates an IA-empowered workforce.

The OCIO’s Information Assurance Section (IAS) program is driven by mission needs. Given the FBI’s intelligence, national security, and law enforcement missions, its IA program must comply with federal regulations, policies, and standards, including those of the Office of the Director of National Intelligence, Committee on National Security Systems, and Department of Justice (DoJ).

Understanding the Need

With growing cyber threats and technological advances of malicious actors, the FBI needed a range of technical and analytical services to provide flexible and expedient cyber security support. The FBI needed an expert contracting team to:

  • Provide frameworks for cyber security engineering, architecture, and governance.
  • Assist in formulating strategies, cyber security policies, and information security (InfoSec) awareness materials.
  • Develop scorecards for cyber-related metrics to show the health of the FBI’s cyber posture.
  • Establish a team of virtual Information Systems Security Officers (ISSO) to operate a cyber help desk for the FBI’s InfoSec community.
  • Facilitate cyber security audits and remediate findings and recommendations to enforce FISMA.
6
FBI Achievement Awards received.
12
Month decrease in the time needed for the SAA process.
< 45
Days needed to achieve ATO for Microsoft Teams.

GovCIO’s Solution

Since 2018, GovCIO (formerly Salient CRGT) has provided the FBI with a diverse set of highly cleared cyber talent, including ISSOs, cyber engineers, information system auditors, data analysts, and incident responders.

Our approach to cyber security services uses well-defined, FBI-aligned processes to efficiently and flexibly support FBI’s programs and enhance its systems’ security posture. This includes a hybrid Agile methodology, incorporating Kanban and Scrum practices, to rapidly deliver high-quality cyber engineering projects across cloud, on-prem, and hybrid environments.

Optimizing FBI Cyber Capabilities

By creating a modern and integrated enterprise security architecture, implementing tools such as Cisco FireSIGHT management console and FirePOWER IDS/IPS, McAfee Endpoint Security, Splunk, and Wireshark, as well as tools developed in-house, developing an effective continuous monitoring process, and establishing the Virtual ISSO Program, GovCIO has increased the FBI’s ability to securely operate 24X7X365.

Training the FBI Workforce

To keep the FBI InfoSec workforce continually up-to-date with the latest cyber approaches, ideas, and threats, we supplement our services by providing bi-weekly InfoSec Forum training sessions and created a knowledge repository with easy to access cyber guidance, policies, and SOPs.

Supporting Secure Remote Work

As the pandemic sustained the need for telework, GovCIO helped the FBI effectively computerize remote work. Employing two trusted remote end-user devices (EUD), our solution allows end users to securely login by booting the device from any USB-capable computer system to a temporary, trusted operating system without using the host computer’s operating system.

Driving Engagement Across the Cyber Community

GovCIO planned, coordinated, advertised, and executed the annual FBI Cybersecurity Conference to deliver best practices and current trends to over 11,000 participants. While initially planned as an in-person event, due to COVID-19, GovCIO had to quickly pivot to create a virtual conference. GovCIO successfully hosted this event— the largest virtual event the FBI has ever held.

Customer Praise for GovCIO

"I have never met a set of people who are more professional, able to adapt, never complain. This is a team of innovators. More has been accomplished in the last 12 months with this team than in the last 15 years combined."

Unit Chief
FBI OCIO

Results

Our team has exceeded requirements across all program criteria and measurements, successfully and expediently deploying highly cleared, sought-after cyber security talent to seven discrete FBI divisions and offices. Through our efforts, working in collaboration with the FBI OCIO, GovCIO improved how the FBI:

  • Delivers enterprise-wide support of the FBI INFOSEC community
  • Provides real-time risk management and continuous authorization of IT systems.
  • Supports FISMA requirements, maintains documentation.
  • Adjudicates security controls.
  • Performs system and security engineering tasks.
  • Conducts incident response activities.

Key program highlights for GovCIO include:

  • Our virtual ISSO team being regarded as the “center of excellence” for the FBI InfoSec community as a result of our unparalleled support.
  • Being awarded the prestigious Assistant Director’s Award for Teamwork.
  • Receiving six FBI achievement awards as a result of significant improvements to FISMA audit results.
  • Helping to reduce the FBI’s Security Assessment and Authorization process from 18 to six months.
  • Successfully assisting the FBI in attaining an ATO for Microsoft Teams in less than 45 days, allowing the FBI to rollout Teams to the newly remote workforce in response to COVID-19 requirements.
  • Helping the FBI achieve an ATO for a national security system three months ahead of schedule.