odme-solutions-llc_cyber-security_overview_brief

ODME Solutions, LLC

Cybersecurity Capabilities Overview

Company Proprietary Information

ODME Solutions, LLC

ODME Solutions, LLC is a leader in Systems Engineering,

Cyber Security, Software Engineering/Development, and

Information Technology (IT) solutions that enable

Command, Control, Communications, Computers,

Intelligence, Surveillance and Reconnaissance (C4ISR).

ODME, through its Cyber Security Advisors, provide

strategic Cyber mission capabilities and support critical IT

and Cyber mission needs. ODME provides solutions and

services that deliver lasting results for Fortune 500

companies, the Department of Defense (DoD), and

Federal clients. With offices in San Diego, CA and

partners nationwide, including, Charleston, SC;

Washington, DC; and Norfolk, VA, ODME is strategically

located with geographic points of presence to deliver cost

effective solutions tailored to meet our clients needs.

“Our mission is to deliver superior quality service, on time, every time” Company Proprietary Information

Relevant Information Assurance & Cyber/Systems Engineering

Full Lifecycle Expertise

• supporting the DoD Information

• Assurance Certification and Accreditation Process (DIACAP)

• for SABI and TSABI.

• Implementation of NIST SP 800 Controls (Risk Management

• Framework)

• Implementation of DoD 8500 series

• Security Test Procedures (STP)

• Certification and Accreditation (C&A)

• Certification Test and Evaluation (CT&E)

• Security Test and Evaluation (ST&E)

• IAV Automated Patch Management


• Over 30 years experience supporting system

integration with multiple C5ISR systems.

• Distributed Common Ground Station-Navy (DCGS-N)

• Global Command Control Systems Joint (GCCS-J)

• Consolidated Afloat Networks and Enterprise Services

(CANES)

• Integrated Shipboard Network System (ISNS)

• RADIANT MERCURY (RM)

• Ship's Signals Exploitation Equipment (SSEE)

• Global Command and Control System - Maritime

(GCCS-M)

• Intelligence Analysis System (IAS) Family of Systems

(FoS)

• Cross Domain Solutions (CDS)

• Tactical Data Link (TDL)

Information Technology Core Capabilities

Systems Engineering

Systems Integration

Software Engineering

IT Operations

IT & Cyber Engineering

Rapid delivery of innovative IT solutions through proven systems, software and cyber engineering life cycle methodologies

• System Engineering and Integration

• Software Engineering, Coding, and Development

• System Test, Evaluation and Certification

• Cyber Security and Information Assurance/Accreditation

• Network Security/Information Technology

• Fleet Distance Support and Joint Exercise Support

• Site Installation Support

• Configuration Management

• Project, Program and Acquisition Management


Information Assurance & Cyber Engineering Full Lifecycle Expertise

• Information Assurance (IA), Computer Network

Defense (CND) and Cybersecurity Engineering

• Security Requirements Analysis and Management

• Security Architectures

• Platform IT (PIT) Systems Cybersecurity

• Systems Security Design and Engineering

• Vulnerability Analysis and Remediation

• Ethical Hacking, Penetration Testing

• COOP / Disaster Recovery

• DoD IT Risk Management Framework (RMF)

Assessment and Authorization (DoDI 8510.01)

• Fully Qualified Navy IA Validator

• IA Federal Acquisition Process Support

Cybersecurity Engineering

Threat & Vulnerability

Management

Cybersecurity Operations

Cybersecurity Policy

Compliance


Cybersecurity Engineering

Information Assurance (IA), Computer Network

Defense (CND) and Cybersecurity Engineering Platform IT (PIT) Systems Security Design and Engineering

Mission Systems Security Design and Engineering

Security Requirements Analysis and Management

Enterprise Security Architecture

Building Trustworthy Resilient Systems Integrated, lifecycle approach (NIST SP 800-160)

Support effective continuous risk management, with metrics

Build in security, minimize obsolescence and supply chain issues

Enhance information dominance, decision superiority

Follow the DATA – data centric security and privacy by design


Threat & Vulnerability Management

• Information Systems / Enterprise Discovery

• Asset Classification

• Vulnerability Scanning and Analysis

• Documentation and Reporting

• Vulnerability Remediation and Mitigation

• Insider threat detection, isolation

• Forensics, ethical hacking integration

• Integrate open systems intelligence (OSI) Effectively manage the total, overall risk posture:

Threats, vulnerabilities, cyber hygiene, access control…

Key tools: SCM / SIEM, log analysis, dashboards, etc.


Cybersecurity Operations

• Continuous Systems Patching, STIG, and

Configuration Management

• Systems Functional Testing and Security

Testing

• Vulnerability Scanning

• Documentation / Reporting

• Vulnerability Remediation and Mitigation

• Systems Monitoring (Compliance and

Anomaly Detection)

• Policy Compliance Auditing


Cybersecurity Policy Compliance

• Identification of Applicable

Policies, Standards and Controls

• Technical / Logical

• Administrative

• Physical

• Implementation of Policies,

Standards and Controls

• Policy Compliance Documentation

• Compliance Monitoring


DoD Cybersecurity Policy Management

Formerly DIACAP Now DoD IT RMF

IT Definitions

Security Controls Guidance

Enterprise Governance


Platform Information Technology (PIT) DoDI 8500.01 Definitions

PIT – IT, both hardware and software, that is physically part of, dedicated to, or essential in real time to the mission

performance of special purpose systems.

PIT system – A collection of PIT within an identified boundary under the control of a single authority and security

policy. The systems may be structured by physical proximity or by function, independent of location.


Platform Information Technology (PIT)

Increasing focus on cybersecurity of shipboard systems (*)

Navy Platform IT Definitions and

Governance • NAVSEA Instruction 9400.2A -

Implementation of Naval Sea Systems

Command (NAVSEA) Afloat Information

Assurance (IA) Governance and Guidance

• DON CIO Memo 02-10 – Department of the

Navy Chief Information Officer

Memorandum, 02-10, Information Assurance

Policy Update for Platform Information

Technology, 26 April 2010

* = Direct correlation with “Critical Infrastructure Protection (CIP)” issues (ICS, SCADA, etc) Company Proprietary Information

DoD IT Risk Management Lifecycle

Delivering Full Life Cycle

Cybersecurity Solutions…

• Cybersecurity Engineering

• Threat & Vulnerability Management

• Cybersecurity Operation

• Cybersecurity Policy Compliance


DoD / USA Cyber Needs

• DoD Cyber Strategy (2015) • Five strategic goals: information sharing, private sector bridges, build alliances / partnerships – needing

stronger commercial cyber ties.

• Primacy missions: Defend own networks, defend US interests, and integrated cyber operations and

contingency plans – deterrence with transparency.

• Harmonize all capabilities within the JIE single security architecture ecosystem

• Plan for network defense and resilience; Mitigate known vulnerabilities

• Cyber workforce – enable the Cyber Mission Force (CMF) by integrating

reserves, contactors, universities, while also improving automation, efficiencies.

• Minimize the weak cyber posture of legacy programs with decade long lifespans

Cyber is fundamentally about effective enterprise risk management


Leverage New COTS Technologies

• DoD must leverage commercial cyber innovation and its capabilities

• Provide cyber capabilities that integrate and account for the various people, process,

policy and product aspects of cyber (and privacy too)

• Complement / align with U.S. Army Research Lab and other Service R&D Labs

• Integrate / share better with DoD labs and commercial leading edge entities:

• Know what products exist, relatively mature (TRL >6), the DoD best fit

• Innovation, start-ups, incubators – CyberHive, Connect, EvoNexus, iHive

• Effective Information sharing – making disruptive technology work for .mil

• Experience building alliances / partnerships – SOeC, CCOE, etc..

Cyber requires an “integrated fires” collaboration: GOV, MIL, COM effort


ODME Solutions, LLC Delivering Strategic Cybersecurity Solutions…

Special Certifications & Small Business

Classifications:

• 8(m)/Economically Disadvantaged Woman Owned

Small Business (EDWOSB)

• Small Local Business Enterprise(SLBE)

• Emergence Local Business Enterprise (ELBE)

• Minority Business Enterprise(MBE)

• Woman Business Enterprise (WBE)

• Disadvantaged Business Enterprise (DBE)

• 8(a) Certificate In Progress

NAICS Codes: 541330, 541511, 541512, 541513, 541519,

541611,541614, 541618, 611430

Key Customers / Agencies

• SPAWAR Headquarters

• JDISS and DISA

• PEO C4I, PEO EIS and PEO

SPACE

• SSC PAC and SSC LANT

• FCS (US Army)

• JTRS (US Army & US Navy)

• US Army Intelligence & Security

Command

• STRATCOM, CENTCOM,

COMPACFLT and JFCOM

• National Geospatial-Intelligence

Agency (NGA)

Contact Us with any comments or

questions:

• Mannie Keeton, CEO/Founder

• Phone: 619.227.0059

• Email: [email protected]

• Robert Mattox, Director of Engineering

• Phone: 619.992.0390


• Gary Hayslip, CIO, Cyber Security Advisor

• Phone: 619.322.6636


• Mike Davis, CTO / CISO

• Phone: 619.846.1049


http://odmesolutions.com/


mailto:[email protected]






odme-solutions-llc_cyber-security_overview_brief

Documents

certification cyber

cyber security advisors

llc odme solutions

proven systems

system integration

cyber mission needs

evaluation cte security

development system test