cyber-security assessment, remediation, and identity ... · environmental and security company that...
TRANSCRIPT
ISO 9001:2008
HUBZone Small Business Concern
Microsoft Gold Certified Partner
Oracle Gold Certified Partner
www.FutureNetGroup.com
Submitted To Submitted By
Attn: Joel Atkinson, Associate Category Manager
4050 Esplanade Way, Suite 360
Tallahassee, FL 32399-0950
Phone: (850) 488-1985
Email: [email protected]
FutureNet Group, Inc.
12801 Auburn St.
Detroit, MI 48223-3413
Phone: 313.544.7117
Fax: 313.544.7111
CAGE Code : 3DB92 DUNS No: 933549230
RFI Response
Due Date: Sep 3, 2015 12:00 PM ET
This proposal/quotation includes data that shall not be disclosed outside the Government and shall not be duplicated, used, or disclosed-in whole or in part- for any purpose other
than to evaluate this proposal. If, however, a contract is awarded to this offeror as a result of – or in connection with- the submission of this data, the Government shall have the
right to duplicate, use, or disclose the data to the extent to provide in the resulting contract. This restriction does not limit the Government’s right to use information contained in this data if it is obtained from another source without restriction. The information contained herein is protected by the Trade Secrets Act, as codified, and any improper use,
distribution, or reproduction is specifically prohibited. No license of any kind whatsoever is granted to any third party to use the information contained herein unless a written
agreement exists between the offeror and the third party which desires access to the information. No other use of the information and data contained herein is permitted without the express written permission of the offeror.
Cyber-Security Assessment, Remediation, and Identity Protection,
Monitoring, and Restoration Services
State of Florida, Department of Management Services, Division of State
Purchasing
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page i
Table of Contents
Executive Summary ........................................................................................................................... 1
Introduction ........................................................................................................................................ 1
Background ......................................................................................................................................... 2
Company Information ....................................................................................................................... 4
Response to Section IV ....................................................................................................................... 6
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page 1
Executive Summary
FutureNet Group, Inc. (FNG) is a Certified HUBZone Business Technology, Construction,
Environmental and Security Company that was incorporated in the State of Michigan in 1994.
Headquartered in Detroit, Michigan, FNG is certified as a HUB Zone, GSA, and ISO 9001:2008,
MBE firm. Today, the company has approximately 200 employees throughout its local and West
Palm Beach, FL Washington, DC, and Ft. Jackson, SC, offices.
We offer Enterprise IT Infrastructure, building technology centers that reduce operating costs and
your carbon footprint. We manage multiple IDIQ, MATOC and BPA contracts, and have worked
with many federal clients providing IT services including the U.S. Army Corps of Engineers
(multiple locations), Army Contracting Agency, Defense Logistics Agency (DLA), U.S.
Department of State, U.S. Defense Information System Agency, U.S. Air Force, U.S. Department
of Agriculture (FS, ARS, ITD), U.S. Navy (ONR, NUWC, DDITS, OJAG, FCC/C10F, Marine
Corps, NSWC), U.S. Department of Justice, U.S. Department of Housing and Urban Development,
and Humphries Engineer Center Support Activity. FNG has received its 8(a) STARS II GWAC
award. In short, FNG has a proven track record that demonstrates the quality of our services.
FutureNet Group holds a DSS Top Secret Facility Clearance.
Certifications:
Awards:
Technology Partners & Resellers:
Microsoft Gold Certified
Partner
Oracle Gold Certified
Partner
IBM Partner
Laserfiche Authorized
Reseller
PARASCRIPT Accela Certified Partner
Esri Partner Network apprenda
FNG is responding to this RFI request, and has an extensive experience in providing Cyber
Security support to various city and federal agencies - providing a solution that delivers the
personnel, technology, and facilities, necessary to deliver Cyber-Security Assessment,
Remediation, and Identity Protection, Monitoring, and Restoration Services.
Regional Finance Monthly CEO Award for North America—Perry Mehta, 2013
Ernst and Young Entrepreneur of the Year Award, Business Products and
Services Categories, Michigan and North-western Ohio Region—CEO Perry
Mehta, 2013
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page 2
We appreciate this opportunity to provide our RFI response for the State of Florida, Department
of Management Services, Division of State Purchasing Department (DoM-DSPD), to deliver a
broad range of Cyber Security services.
Our experience with this service will enable us to help you avoid downtime and improve
productivity.
We demonstrate our expertise in providing highly effective and fully capable of performing all the
requirements of the State of Florida.
Regards,
Jay Mehta, Sr. Vice President,
FutureNet Group, Inc.
Tel: 313-544- 7117, Fax: 313-544-7111
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page 1
Introduction
Team FNG understands the mission of DoM-DSPD and has an extensive experience in providing
Cyber Security support to various city and federal agencies. Our team is able to perform cyber-
security assessment and remediation, as well as identity protection, monitoring and restoration
services. We have earned a national reputation as a valuable partner that consistently exceeds our
customers’ expectations. We focus on executing the deliverables of the contract to meet or exceed
your requirements, on-time and within cost. Our business model focuses on integrity—doing what
we say we will do. Our ability to efficiently deliver timely cyber security services is demonstrated
by our growth as a company and the number of contracts we win and retain.
Our experience enables us to focus on helping you to achieve your mission and not just meeting
the contractual requirements.
Critical elements of our contract execution:
• Program Management: We have a standardized contract execution process with a layered
management model process that ensures: (1) All the contract deliverables (specified and
implied) are captured and a responsible agent is identified, (2) Deliverables are tracked
systematically and reported, and (3) The contract leadership has a direct access to the corporate
executive that has authority to commit the company—allowing for timely and immediate
mitigation of any issues that may arise.
• Personnel: Our employees are our most important asset—because we hire the best, train them
for success and provide them with meaningful work. Simply—happy employees are productive
employees.
• Timeliness: Delivering what you say you will deliver—on time— is the cornerstone for a
successful contract execution. Timeliness of deliverables, tasks and mitigation of issues receive
immediate attention. To ensure timeliness, we pay close attention to deliverables at the task
level and the subsequent reporting of these to the Government.
• Quality Services and Products: Quality control is an active, not reactive, function in delivering
quality training services and products. Our planning activities recognize continuous
improvement as a primary business objective, which has established our image as a high
quality, services and products supplier. We are committed to customer satisfaction and
encourage a healthy environment for continuous growth, achievement and prosperity.
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page 2
Background
Past Performance # 1
Contract Name MCS Cyber Security Advisor Service
Contract Number AG-3142-B-11-0015
Order Number AG-3144-K-14-0128
Agency Department of Agriculture - Office Of The Chief Information Officer
Address of Agency USDA, OPPM-POD/ Information Technology Center
300 7th St., S.W.
Suite 377, Washington DC 20024
Type of Contract Firm Fixed Price
Place of Performance Detroit, Michigan 48226-4375
Period of Performance 08/12/2014 to 06/02/2016
Contract Value $75,092.80
Status Ongoing
Point of Contact Danielle c. Knipper, Contracting Officer
Description of work:
FutureNet Group (FNG) – Microsoft (MS) Team Services will provide a senior cyber security technical
and thought leader who will assist the USDA ITS with addressing IT security obstacles and challenges
with a lifecycle approach that develops an effective roadmap for achieving comprehensive IT security.
FNG-MS Team's four-phase Protect, Detect, Respond, and Recover framework treats cyber security as
a continuum rather than individual security tactics.
The core engagement offering elements that are going to be performed include:
1. Security Architecture Assessment
Kick-off meeting report and engagement plan
Qualitative Cyber Risk Assessment and risk mitigation recommendations
“As-is” Security Architecture Review
Cyber security Gap Analysis Assessment and Review
Identification of cyber security solutions and tactics
Strategic Cyber security Plan
Cyber security Tactics Investment Roadmap
2. Security Project and Architecture Reviews
Security project/architecture review content
Recommendations based on findings of projects and architecture reviews
Cyber security Plan and Tactics progress report to security and IT leadership
3. Security Workshops and Solution Reviews
Meeting/Workshop content and notes
Workshop summary technical report
FNG-MS Team solution offering briefings delivered at USDA-ITS request
Solution issue tracking and resolution
4. Technical and Cyber Threat Intelligence Interchange
Technical Interchange Documentation, Content and Meeting Summaries
Cyber Threat Intelligence products (i.e. Security Intel Report)
Solution and other technical documentation
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page 3
Captures technical inquiries from USDA-ITS team and manages resolutions and
escalations to internal FNG-MS Team security teams
Security solution research and recommendations based on cyber security plan and
roadmap and changing threat landscape
Issue tracking, management and reporting
Point of contact for FNG-MS Team internal product groups and operations team
5. Architect Engagement Reach back.
Delivers security technical inquiries to USDA-ITS team
Security solution research and recommendations based on cyber security plan and
roadmap and changing threat landscape
Issue tracking, management and reporting
Technologies: Microsoft Cyber security Architect.
Labor Category: Architectural Consultant, Principal Consultant, Engagement Manager.
Past Performance # 2
Name and Address of Agency Washington Headquarters Services (WHS)
Acquisition Directorate 2521 South Clark ST
Arlington VA 22202-3909
Contract Number GS-35F-0513T
Order Number HQ0034-12-F-0271
Contract Name Microsoft OSD IT Modernization – Phase 2
Type of Contract Firm Fixed Price
Place of Performance Pentagon, Mark Center, Crystal City and other Government facilities
within the National Capitol Region (NCR)
Type/Extent of
Subcontracting
FutureNet Group Inc. - Prime contractor
Microsoft Corporation – Subcontractor
Period of Performance 09/24/2012 to 09/23/2013
Total Contract Value $6,081,931.94
Contracting Officer Bolton Emily
Kasule Florence, Contracting Officer
Sitton, James M Jr CTR WHS EM (US) [email protected]
703-545-1667
Brief Description of Work: Team FNG provided Microsoft Enterprise Services for OSD IT
Modernization – Phase 2, including a full range of project-based technical consulting service customized
to OSD needs. We assisted OSD in meeting their current and future enterprise transformational
requirements. Our services included implementation support, informal knowledge transfer on software
technologies and recommended practices in design and implementation of the OSD infrastructure. Our
IT Services and Support included:
• Migration and Deployment Services
• Application Development Assistance
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page 4
• Cyber security Services
Our tasks included:
Migration and Deployment Services: We provided Microsoft Enterprise Services (MES)
subject matter expertise and advice for migration/deployment services related to upgrading
operating system software or communication, messaging software or transitioning from
disparate platforms or email systems.
Application Development Assistance: We provided Microsoft Enterprise Services subject
matter advice related to MS application development technologies and platforms.
Cyber security Services: We provided Microsoft Enterprise Services subject matter advisement
in cyber security technologies and platforms.
Technologies used: Windows 7 Deployment, Windows Server 2008R2/2012, Active Directory (Direct
Access), System Center, SQL Server 2008R2/2012, Exchange Server 2010, Lync Server 2010, Microsoft
CRM, Visual Studio Team Foundation Server 2010, SharePoint Server 2010, Project Server 2010, New
Product Evaluation (Windows 8 and Mobile Technology Pilot)
Company Information
Company Information
Company Name FutureNet Group, Inc.
Location of corporate
headquarters
12801 Auburn St., Detroit, MI 48223-3413
Bus: 313.544.7117 Fax: 313.544.7111
Industry (NAICS) Codes 518210, 519130, 519190, 541370, 541511, 541512, 541513
541519, 561210, 561311, 561312, 561320, 561410
Company ownership
(public, private, joint venture) Private
Business Classification / Socio-
Economic Status Small Business
Certified HUB Zone business Minority Owned Business
Locations of facilities
OCONUS India and Qatar
Location where incorporated Detroit, MI 48223-3413
Address Headquarters 12801 Auburn St., Detroit, MI 48223-3413
Bus: 313.544.7117 Fax: 313.544.7111
Washington, DC 5107-A Berwyn RD, College Park, MD 20740-4128
Bus: 202.558.7131 Fax: 202.640.2561
Regional Offices
Southeast · East Coast · Southwest · Midwest
Website www.FutureNetGroup.com
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page 5
Point of Contact Primary:
Name & Title : Jay Mehta, Sr. Vice President
Phone : 313-544-7117 | Fax : 313-544-7111
Email ID : [email protected]
Alternate:
Name & Title : Mary Loefller, Proposal Manager
Phone : 313.544.7117 Ext: 321
Contracts Vehicle GSA 8(a) STARS II GWAC
GS-06F-1221Z – Constellation – II
FA1, FA2, FA3, FA4
GS-06F-0868Z – Constellation – I
FA1, FA2, FA3, FA4
GSA IT Schedule 70, Contract GS-35F-0513T
Navy Seaport-e Contract(SUB)
CAGE Code
DUNS
EIN
3DB92
933549230
38-3217146
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page 6
Response to Section IV
The following section demonstrates our team’s abilities to provide the services related to this
RFI:
Required Services FNG’s Capabilities
1) Pre-Incident Services
a) Incident Response
Agreements – Terms and
conditions in place ahead of
time to allow for quicker
response in the event of a
cyber-security incident.
FNG agrees that having the terms and conditions in place ahead of
time allows for quicker response in the event of a cyber-security
incident.
b) Assessments – Evaluate a
State Agency’s current state of
information security and cyber-
security incident response
capability.
When dealing with a cyber-security incident, one of the most
important actions is to be properly prepared. This will help to
recover the systems more quickly, minimize the impact of the attack,
instill confidence in your customers, and even save money in the
long term. To be effectively prepared, you should be able to
determine the criticality of your key assets; analyze threats to them;
and implement a set of complimentary controls to provide an
appropriate level of protection.
Below are the steps of preparing for a cyber-security incident:
Step 1: Conduct a criticality assessment
Step 2: Carry out a cyber-security threat analysis, supported by
realistic scenarios and rehearsals
Step 3: Consider the implications of people, process, technology and
information
Step 4: Create an appropriate control framework
Step 5: Review state of readiness in cyber security incident response
c) Preparation – Provide
guidance on requirements and
best practices.
Our team understands that Security awareness should be conducted
as an on-going program to ensure that training and knowledge is
not just delivered as an annual activity; rather, it is used to maintain
a high level of security awareness on a daily basis. Keeping the
number of incidents reasonably low is very important to protect the
business processes of the organization.
Steps for providing guidance on the requirements:
1. Assemble the Security Awareness Team
2. Determine Roles for Security Awareness
d) Developing Cyber-Security
Incident Response Plans –
Develop or assist in
development of written State
The following steps demonstrate our procedure to develop or assist
in development of a State Agency’s plan for incident response in
the event of a cyber-security incident:
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page 7
Agency plans for incident
response in the event of a
cyber-security incident.
1. Prepare for a cyber-security incident: Performing a
criticality assessment; carrying out threat analysis; addressing
issues related to people, process, technology and information;
and getting the fundamentals in place.
2. Respond to a cyber-security incident: Covering
identification of a cyber-security incident; investigation of the
situation (including triage); taking appropriate action (e.g.
containing the incident and eradicating its source); and
recovering from a cyber-security incident.
3. Follow up a cyber-security incident: Considering your need
to investigate the incident more thoroughly; report the incident
to relevant stakeholders; carry out a post incident review; build
on lessons learned; and update key information, controls and
processes.
e) Training – Provide training
for State Agency staff from
basic user awareness to
technical education
Our incident response team will provide the basic user awareness
training to your State Agency staff. Our training program requires
that personnel acknowledge that they have received and understand
the content being delivered. Feedback on training content and
comprehension are keys to ensure that personnel understand the
content and the organization’s security policies.
Below is the content that is commonly included in general
security awareness training provided to different State Agency
staff: a. Users.
i. Follow security procedures, report security problems, and
complete required computer security training.
1. Central accounts through the IS office provide access
to:
a. Workstations.
b. E-mail (including webmail).
c. Remote connectivity (VPN, SSH, modem/dialup).
2. Central services (Central File Services, administrative
applications, web publishing, etc.).
3. Passwords are keys to compute resources, just as door
keys are for facilities.
4. Different passwords should be used to access Internet
resources (i.e. an ISU or Hotmail account). To
facilitate this, the use of a cryptographic password
safe is recommended. The DOE requires those
passwords:
b. Privileged Users.
i. Administer their own systems and configuration
management including
1. Anti-virus software.
2. Anti-spyware software.
3. Current patches for operating systems and
applications.
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page 8
c. Group Administrators.
i. Manage computers and implement the cyber security
program within their group.
d. Assistant Cyber Security Managers (ACSM).
i. Program point of contact.
ii. Implement the cyber security program within their program.
e. Cyber Security Team.
i. Manages day-to-day operation of the cyber security
program.
f. Directors / Associate Directors.
i. Responsible for the Laboratory’s cyber security program.
ii. Establish the program’s overall goals, objectives and
priorities.
2) Post-Incident Services:
a) Breach Services Toll-free
Hotline – Provide a scalable,
resilient call center for incident
response information to State
Agencies.
The following diagram depicts our Service Desk support procedure:
FNG will use a custom ticketing system having a single Point of
Contact (POC) to gather requests via various methods; phone
calls, email, documents, in-person all resulting in Service Desk
tickets. Tickets will be classified “Low”, “Medium” and “High”
and handled in an efficient manner.
FNG will provide maintenance of the State requests routed
through the Service Desk Tickets. Each request will be reviewed
and analyzed, and a timeline for resolution is defined and
communicated within the state.
Our team includes technical experts with a wide depth and
breadth of expertise in Call Center, helpdesk, Service Desk, and
Remote Monitoring/Support capabilities.
b) Investigation/Clean-up –
Conduct rapid evaluation of
incidents, lead investigations
and provide remediation
services to restore State
Agency operations to pre-
incident levels.
c) Incident response – Provide
guidance or technical staff to
assist State Agencies in
response to an incident.
Use, duplication, or disclosure of data contained on this sheet is subject to the restriction on the cover page of this proposal.
Page 9
Our Service Desk is manned 24/7/365 to ensure that all service
calls are answered by a human in order to address critical
situations.
d) Mitigation Plans – Assist
State Agency staff in
development of mitigation
plans based on investigation
and incident response. Assist
State Agency staff with
incident mitigation activities.
Mitigation plans are generally developed to lower the risk for the
planned approach or redirect design, labor or other resources to
reduce risk. Our team will assist the state agency staff in the
development of mitigation plans based on our investigation and
incident response.
The above figure shows our processes for Risk Mitigation planning,
implementing and progress monitoring.
As a part of an iterative process, the risk tracking tool is used to
record the results of risk prioritization analysis (step 3) that provides
input to both risk mitigation (step 4) and risk impact assessment
(step 2).
e) Identity Monitoring,
Protection, and Restoration –
Provide identity monitoring,
protection, and restoration
services to any individuals
potentially affected by a cyber-
security incident.
We follow a number of steps in our cyber security incident response
to handle an incident effectively, which is a part of our wider
approach, with an emphasis on investigation.
In order to provide identity monitoring, protection and restoration
services to individuals affected by a cyber-security incident, we
have developed the following steps:
1. Identify cyber security incident
2. Define objectives and investigate situation
3. Take appropriate action
4. Recover systems, data and connectivity