odme-solutions-llc_cyber-security_overview_brief
TRANSCRIPT
![Page 1: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/1.jpg)
ODME Solutions, LLC
Cybersecurity Capabilities Overview
Company Proprietary Information
![Page 2: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/2.jpg)
ODME Solutions, LLC
ODME Solutions, LLC is a leader in Systems Engineering,
Cyber Security, Software Engineering/Development, and
Information Technology (IT) solutions that enable
Command, Control, Communications, Computers,
Intelligence, Surveillance and Reconnaissance (C4ISR).
ODME, through its Cyber Security Advisors, provide
strategic Cyber mission capabilities and support critical IT
and Cyber mission needs. ODME provides solutions and
services that deliver lasting results for Fortune 500
companies, the Department of Defense (DoD), and
Federal clients. With offices in San Diego, CA and
partners nationwide, including, Charleston, SC;
Washington, DC; and Norfolk, VA, ODME is strategically
located with geographic points of presence to deliver cost
effective solutions tailored to meet our clients needs.
“Our mission is to deliver superior quality service, on time, every time” Company Proprietary Information
![Page 3: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/3.jpg)
Relevant Information Assurance & Cyber/Systems Engineering
Full Lifecycle Expertise
• supporting the DoD Information
• Assurance Certification and Accreditation Process (DIACAP)
• for SABI and TSABI.
• Implementation of NIST SP 800 Controls (Risk Management
• Framework)
• Implementation of DoD 8500 series
• Security Test Procedures (STP)
• Certification and Accreditation (C&A)
• Certification Test and Evaluation (CT&E)
• Security Test and Evaluation (ST&E)
• IAV Automated Patch Management
Company Proprietary Information
• Over 30 years experience supporting system
integration with multiple C5ISR systems.
• Distributed Common Ground Station-Navy (DCGS-N)
• Global Command Control Systems Joint (GCCS-J)
• Consolidated Afloat Networks and Enterprise Services
(CANES)
• Integrated Shipboard Network System (ISNS)
• RADIANT MERCURY (RM)
• Ship's Signals Exploitation Equipment (SSEE)
• Global Command and Control System - Maritime
(GCCS-M)
• Intelligence Analysis System (IAS) Family of Systems
(FoS)
• Cross Domain Solutions (CDS)
• Tactical Data Link (TDL)
![Page 4: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/4.jpg)
Information Technology Core Capabilities
Systems Engineering
Systems Integration
Software Engineering
IT Operations
IT & Cyber Engineering
Rapid delivery of innovative IT solutions through proven systems, software and cyber engineering life cycle methodologies
• System Engineering and Integration
• Software Engineering, Coding, and Development
• System Test, Evaluation and Certification
• Cyber Security and Information Assurance/Accreditation
• Network Security/Information Technology
• Fleet Distance Support and Joint Exercise Support
• Site Installation Support
• Configuration Management
• Project, Program and Acquisition Management
Company Proprietary Information
![Page 5: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/5.jpg)
Information Assurance & Cyber Engineering Full Lifecycle Expertise
• Information Assurance (IA), Computer Network
Defense (CND) and Cybersecurity Engineering
• Security Requirements Analysis and Management
• Security Architectures
• Platform IT (PIT) Systems Cybersecurity
• Systems Security Design and Engineering
• Vulnerability Analysis and Remediation
• Ethical Hacking, Penetration Testing
• COOP / Disaster Recovery
• DoD IT Risk Management Framework (RMF)
Assessment and Authorization (DoDI 8510.01)
• Fully Qualified Navy IA Validator
• IA Federal Acquisition Process Support
Cybersecurity Engineering
Threat & Vulnerability
Management
Cybersecurity Operations
Cybersecurity Policy
Compliance
Company Proprietary Information
![Page 6: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/6.jpg)
Cybersecurity Engineering
Information Assurance (IA), Computer Network
Defense (CND) and Cybersecurity Engineering Platform IT (PIT) Systems Security Design and Engineering
Mission Systems Security Design and Engineering
Security Requirements Analysis and Management
Enterprise Security Architecture
Building Trustworthy Resilient Systems Integrated, lifecycle approach (NIST SP 800-160)
Support effective continuous risk management, with metrics
Build in security, minimize obsolescence and supply chain issues
Enhance information dominance, decision superiority
Follow the DATA – data centric security and privacy by design
Company Proprietary Information
![Page 7: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/7.jpg)
Threat & Vulnerability Management
• Information Systems / Enterprise Discovery
• Asset Classification
• Vulnerability Scanning and Analysis
• Documentation and Reporting
• Vulnerability Remediation and Mitigation
• Insider threat detection, isolation
• Forensics, ethical hacking integration
• Integrate open systems intelligence (OSI) Effectively manage the total, overall risk posture:
Threats, vulnerabilities, cyber hygiene, access control…
Key tools: SCM / SIEM, log analysis, dashboards, etc.
Company Proprietary Information
![Page 8: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/8.jpg)
Cybersecurity Operations
• Continuous Systems Patching, STIG, and
Configuration Management
• Systems Functional Testing and Security
Testing
• Vulnerability Scanning
• Documentation / Reporting
• Vulnerability Remediation and Mitigation
• Systems Monitoring (Compliance and
Anomaly Detection)
• Policy Compliance Auditing
Company Proprietary Information
![Page 9: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/9.jpg)
Cybersecurity Policy Compliance
• Identification of Applicable
Policies, Standards and Controls
• Technical / Logical
• Administrative
• Physical
• Implementation of Policies,
Standards and Controls
• Policy Compliance Documentation
• Compliance Monitoring
Company Proprietary Information
![Page 10: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/10.jpg)
DoD Cybersecurity Policy Management
Formerly DIACAP Now DoD IT RMF
IT Definitions
Security Controls Guidance
Enterprise Governance
Company Proprietary Information
![Page 11: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/11.jpg)
Platform Information Technology (PIT) DoDI 8500.01 Definitions
PIT – IT, both hardware and software, that is physically part of, dedicated to, or essential in real time to the mission
performance of special purpose systems.
PIT system – A collection of PIT within an identified boundary under the control of a single authority and security
policy. The systems may be structured by physical proximity or by function, independent of location.
Company Proprietary Information
![Page 12: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/12.jpg)
Platform Information Technology (PIT)
Increasing focus on cybersecurity of shipboard systems (*)
Navy Platform IT Definitions and
Governance • NAVSEA Instruction 9400.2A -
Implementation of Naval Sea Systems
Command (NAVSEA) Afloat Information
Assurance (IA) Governance and Guidance
• DON CIO Memo 02-10 – Department of the
Navy Chief Information Officer
Memorandum, 02-10, Information Assurance
Policy Update for Platform Information
Technology, 26 April 2010
* = Direct correlation with “Critical Infrastructure Protection (CIP)” issues (ICS, SCADA, etc) Company Proprietary Information
![Page 13: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/13.jpg)
DoD IT Risk Management Lifecycle
Delivering Full Life Cycle
Cybersecurity Solutions…
• Cybersecurity Engineering
• Threat & Vulnerability Management
• Cybersecurity Operation
• Cybersecurity Policy Compliance
Company Proprietary Information
![Page 14: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/14.jpg)
DoD / USA Cyber Needs
• DoD Cyber Strategy (2015) • Five strategic goals: information sharing, private sector bridges, build alliances / partnerships – needing
stronger commercial cyber ties.
• Primacy missions: Defend own networks, defend US interests, and integrated cyber operations and
contingency plans – deterrence with transparency.
• Harmonize all capabilities within the JIE single security architecture ecosystem
• Plan for network defense and resilience; Mitigate known vulnerabilities
• Cyber workforce – enable the Cyber Mission Force (CMF) by integrating
reserves, contactors, universities, while also improving automation, efficiencies.
• Minimize the weak cyber posture of legacy programs with decade long lifespans
Cyber is fundamentally about effective enterprise risk management
Company Proprietary Information
![Page 15: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/15.jpg)
Leverage New COTS Technologies
• DoD must leverage commercial cyber innovation and its capabilities
• Provide cyber capabilities that integrate and account for the various people, process,
policy and product aspects of cyber (and privacy too)
• Complement / align with U.S. Army Research Lab and other Service R&D Labs
• Integrate / share better with DoD labs and commercial leading edge entities:
• Know what products exist, relatively mature (TRL >6), the DoD best fit
• Innovation, start-ups, incubators – CyberHive, Connect, EvoNexus, iHive
• Effective Information sharing – making disruptive technology work for .mil
• Experience building alliances / partnerships – SOeC, CCOE, etc..
Cyber requires an “integrated fires” collaboration: GOV, MIL, COM effort
Company Proprietary Information
![Page 16: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/16.jpg)
ODME Solutions, LLC Delivering Strategic Cybersecurity Solutions…
Special Certifications & Small Business
Classifications:
• 8(m)/Economically Disadvantaged Woman Owned
Small Business (EDWOSB)
• Small Local Business Enterprise(SLBE)
• Emergence Local Business Enterprise (ELBE)
• Minority Business Enterprise(MBE)
• Woman Business Enterprise (WBE)
• Disadvantaged Business Enterprise (DBE)
• 8(a) Certificate In Progress
NAICS Codes: 541330, 541511, 541512, 541513, 541519,
541611,541614, 541618, 611430
Key Customers / Agencies
• SPAWAR Headquarters
• JDISS and DISA
• PEO C4I, PEO EIS and PEO
SPACE
• SSC PAC and SSC LANT
• FCS (US Army)
• JTRS (US Army & US Navy)
• US Army Intelligence & Security
Command
• STRATCOM, CENTCOM,
COMPACFLT and JFCOM
• National Geospatial-Intelligence
Agency (NGA)
Contact Us with any comments or
questions:
• Mannie Keeton, CEO/Founder
• Phone: 619.227.0059
• Email: [email protected]
• Robert Mattox, Director of Engineering
• Phone: 619.992.0390
• Email: [email protected]
• Gary Hayslip, CIO, Cyber Security Advisor
• Phone: 619.322.6636
• Email: [email protected]
• Mike Davis, CTO / CISO
• Phone: 619.846.1049
• Email: [email protected]
http://odmesolutions.com/
Company Proprietary Information
![Page 17: ODME-Solutions-LLC_Cyber-Security_Overview_Brief](https://reader033.vdocuments.net/reader033/viewer/2022050721/55ce0b5abb61eb29668b4603/html5/thumbnails/17.jpg)
Company Proprietary Information