secure solutions - s1.q4cdn.coms1.q4cdn.com/.../2018/jacobs-secure-solutions-booklet_final.pdf ·...

Jacobs Secure Solutions | 1

S EC U R E S O LU T I O N SCybersecurity for a Connected World

“As we enter a fourth industrial revolution characterized by hyper-connectivity, cybersecurity solutions must go beyond traditional information technology. Jacobs Secure Solutions build on our unparalleled experience across both the advanced technology and industrial landscapes to deliver holistic cybersecurity services and solutions that span your information and operational networks and systems.”

~ Terry Hagen President, Jacobs Aerospace and Technology


CONTENTS OUR COMPANY AT A GLANCE

founded employees locations countries 2017revenue

NYSE Dallas,TX

2016clientsavings

1947 400+ 25+ $15B $7.8B JEC HQ74K

GLOBAL LOCATIONS

ABOUT JACOBS

Jacobs Overview

Industry Recognition

Leading Capabilities

Cybersecurity Services

CISO Advisory

Persistent Risk Management

Cybersecurity Operations and Analytics

Cybersecurity Engineering and Innovation

Selected Case Studies

Jacobs Differentiation

Jacobs is one of the world’s largest and most diverse providers of technical, professional, and construction services, including all aspects of architecture, engineering and construction, operations and maintenance, asset management, scientific and specialty consulting, as well as cybersecurity. We provide superior customer value, and in fact, more than 90% of our work is repeat business. This strategy yields cost advantages and growth opportunities allowing us to maintain long-term client relationships, attract and retain top talent, and prosper in diverse markets worldwide. Our global network includes operations in North America, South America, Europe, the Middle East, India, Australia, Africa, and Asia.

1

2

3

4

7

9

11

13

14

21

INDUSTRY RECOGNITIONFortune Magazine

Jacobs ranked No. 3 Most Admired Company in the World among engineering and construction companies. Jacobs has held a top-5 spot on the coveted list since 1999. CH2M ranked No. 22 in FORTUNE Magazine’s Top 50 Companies to Change the World list in 2017.

Forbes

Jacobs and CH2M named to the Forbes America’s Best Employers list.

Small Business Administration Eisenhower Award for Excellence

Given to Jacobs in 2017, as a Federal prime contractor, for using small businesses in areas of research and development, manufacturing, service, construction and utility.

The Occupational Safety and Health Administration

Recognized Jacobs for excellence in worker safety and health as a Voluntary Protection Programs (VPP) Corporate participant. Only four other corporations currently hold this recognition in the United States.

Engineering News-Record

Jacobs and CH2M are consistently recognized in a number of ENR’s Top Lists. In 2017 Jacobs was ranked No. 2 and CH2M was ranked No. 3 in the Top 500 Design Firms.

Building Design & Construction

Jacobs is ranked No.2 in the Top Architecture / Engineering Firm category in Giants 300 Report.


LEADING CAPABILITIES IN CYBERSECURITYAs a foundational component of our Jacobs Connected Enterprise (JCE) suite of capabilities, we offer highly integrated, enterprise-scale cyber solutions spanning the cybersecurity lifecycle. Clients can also access discrete, stand-alone capabilities that address specific security challenges across the cybersecurity lifecycle. Because our services are engineered to align with cybersecurity standards defined by the National Institute of Standards and Technology (NIST), you can choose the engagement model and service level that aligns with your organizational requirements.

Security Automation Cyber Data Analytics Cybersecurity Innovation

ALERT ANALYSTS

SECURE SOLUTIONS

DETECT THREATS


CYBERSECURITY SERVICES

Chief Information Security Officer (CISO) AdvisoryOur CISO Advisory services are based on industry-leading commercial and federal experience in security program development, governance, policy development and communication, market trend analysis, and identifying areas of regulatory compliance like FISMA, HIPAA, HITECH, and the Privacy Act.

> Security Design and Innovation> Continuous Monitoring Strategy Development> Technology Architecture and Governance Support> Cloud and Big Data Security Strategy

Persistent Risk ManagementOur services offer a wide-angle view of the risk posture as well as pinpointed security vulnerabilities.

> Security Control/Cloud Security Assessments> Cyber Attack Simulation/Penetration Testing> Mobile and Internet of Things (IoT) Device Testing> Application Code Analysis/Vulnerability Inventory Management

Cybersecurity Operations and AnalyticsWe help our clients define and implement a highly-resilient cybersecurity strategy that can continuously monitor threats, identify compromise patterns, and reduce overall exposure while improving security posture.

> Security Operations Center (SOC) Services > Insider Threat Detection> Forensics and Reverse Malware Engineering/Analysis> Network Operations Center (NOC) Services

Cybersecurity EngineeringCore cybersecurity principles in attack prevention, detection, and response allow our teams to identify critical threats and risks before they occur.

> Security Infrastructure, Architecture, and Design> Attack Prevention, Detection, and Response Solutions> Security Technology Evaluation and Prototyping> Virtual Security Datacenter Implementation

CURRENT STATE OF THE THREAT•Traditional computer network defenses are designed to repel attackers with low-to-medium-level capabilities by increasing the cost

and time required to identify vulnerabilities and conduct cyber-attacks.

•Most risk assessments avoid the uncomfortable fact that Nation States and Cyber Criminals possess the resources and capabilities necessary to exploit and defeat commercial-grade cybersecurity defenses.

THE JACOBS ADVANTAGE• Our approach is based on robust security architecture, continuous monitoring, governance support, cloud and big security strategy.

• We implement our solutions by developing an in-depth understanding of your Enterprise Architecture, identifying your most sensitive systems and data and providing visibility into your cyber vulnerabilities.

CHIEF INFORMATION SECURITY OFFICER (CISO) ADVISORY


ENTERPRISE IT SECURITY ARCHITECTURE AND ENGINEERING

Security architectures that complement organizational delivery models are vital to a secure enterprise. Our security experts work with your staff to develop a secure and resilient architecture to meet the operational and security needs of your organization. We engineer network interfaces and cloud gateways, develop private cloud routing protocols, enable peering between organizations, and facilitate the migration of applications to the cloud as we deploy cohesive security solutions across all of your computing environments.

CONTINUOUS MONITORING

Continuous monitoring for internal and external threats in real-time lowers overall enterprise security risk. Our engineers and analysts leverage real-world operational experience in some of the most demanding national security environments. We design and manage

monitoring programs that transform a static security assessment and risk determination process into a dynamic process that provides essential, near real time security status including innovative code-based solutions to autonomously identify and eliminate threats without tripping static sensors or degrading network or system performance.

GOVERNANCE AND POLICY

Cybersecurity governance, standards, policy, procedures, training, and awareness serve as a critical foundation for a mature cyber-aware computing environment. Our expertise managing sensitive programs of government and commercial industries contributes to our refined set of leading practices that can be tailored toward your environment and provide the basis for establishing a secure operational environment.

OUR CISO ADVISORY SERVICES

CURRENT STATE OF THE THREAT• The growing cyber sophistication of Nation State actors, cyber criminals, and insider threats contributes to a dynamic environment

fraught with risk.

• Advanced threats have mastered the art of deception, have prepared the operational environment in advance, attack at the time of their choosing, and are experts at hiding their tracks.

THE JACOBS ADVANTAGE• Our engineers are committed to evolving and advancing your overall enterprise cybersecurity. We develop, engineer, and integrate

active defense protection schemes to include innovative approaches toward software defined networking, identity and access management, encryption, cloud and mobile security, and software assurance solutions typically only found on national security systems.

• Our innovative solutions also include insider threat solutions built to leverage industry leading predictive analytics, as well as advanced modeling and simulation of networks to address multiple threat vectors and deliver resilient and secure enterprise technology solutions.

PERSISTENT RISK MANAGEMENT


CYBER ATTACK SIMULATION/PENETRATION TESTING Ethical hacking of systems and networks is a central component of a mature cybersecurity program. Our analysts leverage proprietary frameworks developed in support of national security systems, and we conduct our end-to-end system evaluations leveraging real-world threat simulations. Our cadre of penetration testers and cybersecurity experts has up-to-date experience conducting information and operational technology assessments and eliminating or mitigating vulnerability to critical systems.

SECURITY CONTROL/CLOUD SECURITY ASSESSMENT No two clouds are alike. Whether deploying a private or public cloud, we have developed a hybrid cloud solution to take advantage of the strengths of both. As a trusted cloud broker, we manage cloud service launches, from evaluating cloud service providers to negotiating contracts and documenting vendor deliverables. As a certified FedRAMP 3PAO, we

are able to assist both cloud solution providers and government agencies in meeting FedRAMP compliance. We have been an AWS Standard Level Consulting Partner since 2013 and are an AWS HIPAA Business Associate.

APPLICATION CODE ANALYSIS/VULNERABILITY INVENTORY MANAGEMENT Vulnerability assessments are a prerequisite for a robust cybersecurity program and are often challenged by the volumes of data collected during network security assessments. Our Vulnerability Analysis framework is a methodical and mature process used to assess the security posture of some of the most sensitive networks and systems in the world. Using a combination of industry leading commercial scanning products along with custom written tools and scripts, our teams quickly identify and remediate vulnerabilities that could potentially allow compromise of your systems and data.

OUR PERSISTENT RISK MANAGEMENT SERVICES

CURRENT STATE OF THE THREAT• Traditional approaches toward enterprise monitoring rely largely on ineffective and resource insensitive “Detect and Respond”

cycles that leave you in a reactive mode and increase the risk to your enterprise.

• High exposure networks are not sufficiently monitored and advanced monitoring technologies are seldom evaluated, optimized, and deployed to detect threats and anomalous activity on critical systems.

THE JACOBS ADVANTAGE

• Our solutions enable enterprise risk management by prioritizing indicators of compromise and efficiently and effectively deploying resources to address threats.

• We shift your security posture from reactive to proactive through delivery of enhanced cyber situational awareness and rapid cyber event response solutions enabled by advanced data analytics.

CYBERSECURITY OPERATIONS AND ANALYTICS


NETWORK AND SECURITY OPERATIONS Network and security operations centers typically spend an inordinate amount of time determining whether a cyber threat Indicator of Compromise is relevant to their environment, resulting in a large risk exposure window. Our 24/7 network cybersecurity monitoring capabilities identify and track security incidents and immediately take action to physically or electronically isolate the affected systems from the network to prevent any further risk from the incident. We prioritize our efforts on monitoring critical systems, data, and configurations settings to detect attacks or attempted unauthorized access in real time.

INSIDER THREAT DETECTIONThreat intelligence provides a broad understanding of the capabilities of potential adversaries and awareness of ongoing cyber activities. Our solution fuses information from a variety of sources to provide threat alerts that can be acted upon in a coordinated manner and assist with

attribution of malicious threats. A key component of our solution is the seamless integration and sharing of threat information leveraging interface standards like STIX and TAXII, and unique data sources augmented by reporting from commercial and government sources.

FORENSICS AND REVERSE MALWARE ENGINEERING ANALYSISModern malware replicates and mutates faster than most defensive systems can evolve, rendering conventional anti-malware technologies useless in identifying and defending these cyber threats. In our Cyber Innovation Laboratory, our engineers are seeing promising results from their testing of next generation technologies that use machine learning and artificial intelligence to detect and counter malware behavior before a threat can execute. We are also deploying best-of-breed defensive tools, predictive analytics, and behavioral analysis along with emerging technologies to identify, mitigate, and defeat threats to your sensitive systems and data.

CYBERSECURITY OPERATIONS AND ANALYTIC SERVICES

CURRENT STATE OF THE THREAT• The growing cyber sophistication of Nation State actors, cyber criminals, and insider threats contributes to a dynamic environment

fraught with risk.

• Advanced threats have mastered the art of deception, have prepared the operational environment in advance, attack at the time of their choosing, and are experts at hiding their tracks.

THE JACOBS ADVANTAGE

• Our engineers are committed to evolving and advancing your overall enterprise cybersecurity. We develop, engineer, and integrate active defense protection schemes to include innovative approaches toward software defined networking, identity and access management, encryption, cloud and mobile security, and software assurance solutions typically only found on national security systems.

• Our innovative solutions also include insider threat solutions built to leverage industry leading predictive analytics, as well as advanced modeling and simulation of networks to address multiple threat vectors and deliver resilient and secure enterprise technology solutions.

CYBERSECURITY ENGINEERING


CYBER SITUATIONAL AWARENESS The evolution of defensive cyber operations requires real-time situational

awareness crucial to an overall robust security posture. Our cyber situational

awareness solutions are tailored for your environment across multiple network

domains to present a comprehensive understanding of your enterprise.

Knowledge Wall visualizations are tuned to report status on only metrics that

matter to your security and include a variety of feeds including threat reporting,

malware and intrusion analysis, IDS/IPS status, and trending of malicious

activity.

ATTACK, PREVENTION, RESPONSE SOLUTIONS

The safeguarding of sensitive data while deploying strong access controls is a

critical prerequisite to enable information and data sharing across technology

architectures. Our national security grade IdAM solutions are engineered

with strong, multi-factor identification, credentialing, and authentication

and authorization capabilities that allow our customers to make fine-grained

access control decisions to protect their critical assets from unauthorized

access and disclosure. Our authorization solutions safeguard sensitive data

while in storage or in transit to ensure strong access controls and data rights

management protection.

CYBER INNOVATION LAB Our Cyber Innovation Laboratory focuses on developing, evaluating, and

demonstrating innovative cybersecurity solutions. Its private cloud is a

flexible environment that emulates networks to model cyber problems and

challenges. The lab also conducts independent verification and validation of

third-party solutions, integrates technologies, and conducts demonstrations

for our customers. Our research priorities are driven by the toughest cyber

technical challenges in the world and our customers directly benefit from those

innovations with real-time implementation of leading-edge solutions, often

available days before commercially released patches and solutions.

CYBERSECURITY ENGINEERING SERVICES

SELECTED CASE STUDIES


IDENTITY AND ACCESS MANAGEMENT (IdAM)CUSTOMER:

LOCATION:

Intelligence Community ClientGlobal Organization

TECHNICAL CHALLENGE:

• Engineer and develop a hybrid cloud-based identity and access management capability to safeguard sensitive data stored and transmitted within a private cloud architecture. The end state solution required data-level access controls to ensure sensitive information is only made available through validated permissions.

JACOBS SECURE SOLUTION:

• Our team led the architecture, development, and engineering of an identity management engine that defines, coordinates, and enforces data-level access control and Digital Rights Management (DRM) across the customer’s cloud-based environment.

• Jacobs delivered an integrated IdAM solution leveraging broad capabilities across the entire security engineering lifecycle. The resulting security services automate the identification, authentication, and authorization (IAA) of services for internal and external users seeking access to requested resources.

MISSION IMPACT AND RESULTS:

• Jacobs played a crucial role in enabling the advancement of our customer’s enterprise technology transformation effort. The deployed cloud-based solution enforces data policies required for data security while enabling critical information sharing capabilities across the organization.

INCIDENT RESPONSE AND REMEDIATIONCUSTOMER:

LOCATION:

Department of DefenseNorth America


• Remediate the Heartbleed security vulnerability impacting all HTTPS web browser sessions and remote login capabilities commonly used by network and system administrators.

• Exploitation of the vulnerability could enable the theft of a server’s private cryptographic keys and session cookies and passwords, resulting in compromise of legitimate credentials.


• Our team led the development of the original network security testing scripts used to scan customer networks for the Heartbleed vulnerability impacting OpenSSL cryptography and the Transport Layer Security (TLS) protocol.

• Our engineers developed the security testing scripts and assisted the customer in development and implementation of a remediation program to patch vulnerable systems.


• The Jacobs solution was developed within 48 hours after the vulnerability was discovered and a full week before any form of testing was made available by commercial vendors.


SOFTWARE/APPLICATIONS ASSURANCECUSTOMER:

LOCATION:

Intelligence Community ClientGlobal Organization


• Previously-tested and operationally-accredited software applications required re-testing to ensure operational security and data integrity. Multiple working groups were unable to identify the source of the security concern despite repeated efforts to secure the application and eliminate the risk introduced by this vulnerability.


• Our engineers developed a proprietary toolset to integrate and enhance more than 30 existing software scanning/testing toolsets.

• Our solution was built on a highly flexible, modular and customizable framework that facilitated the automation of antivirus, network data, TRID, PII, strings, and hash data analysis to identify, test, and isolate embedded malware through the application of proprietary enhancements to foundational open-source tool sets.


• The Jacobs solution identified multiple embedded malware instances within previously-accredited software applications and provided a detailed forensic risk analysis of geolocated anomalous network behavior.

• Our solution has been adopted as the primary applications testing capability for this customer and has been applied across a portfolio of 38,000 applications.

CROSS-DOMAIN SOLUTIONS (CDS)CUSTOMER:

LOCATION:

Department of DefenseNorth America


• Develop a cross-domain information sharing capability to ensure that stakeholders are able to share and exchange information across segregated networks while ensuring data is not compromised across sensitive networks. The end-state solution needed to accommodate data access permissions, multiple networks, and various applications and servers interfacing with the cross-domain solution.


• Our team served as the security lead for the solution development, which consisted of multiple Linux and Solaris Trusted application servers, CISCO network switches and firewalls, Oracle Database Vault, and other enabling technology.

• The solution also included deployment of customized cross-domain data ingestion and query capabilities to comply with the customer’s security requirements.


• The Jacobs solution resulted in a functional and secure cross-domain solution, and our implementation enabled the customer to implement a single database queriable from two adjacent security enclaves.

• This solution also pioneered a repeatable, real-time, agile development certification methodology employed throughout the program lifecycle.


CYBER SITUATIONAL AWARENESSCUSTOMER:

LOCATION:

Centers for Medicare and Medicaid Services (CMS)North America


• Implement a comprehensive program to perform Security Controls Assessments (SCAs) and Risk and Vulnerability Assessments (RVAs) of High Value Assets, as well as to provide Security Training to ISSOs and other system security personnel.


• Our engineers brought to bear engineering and innovation solutions to conduct application code analysis, RVAs, and penetration testing for the client.

• IT security training was developed and conducted to ensure compliance with network security protocols were understood and executed.


• Since 2013, the team successfully performed over 450 SCAs and RVAs on-time and within budget for CMS’ FIMSA systems including their High Value Assets and Affordable Care Act Marketplace systems.

• In 2016, the Online Trust Alliance rated the CMS cybersecurity program as the #1 cybersecurity program in the Federal Government.

• The CMS client rated our team all 5s (“EXCEPTIONAL”) on our CPARs in 2015 and 2016.

`

INDUSTRIAL CONTROL SYSTEMS AND SCADACUSTOMER:

LOCATION:

Undisclosed Oil and Gas ClientMiddle East


• Cyber attacks in the Middle East prompted the initiation of security requirements for all Physical Security Information Systems and Industrial Control Systems for an oil and gas client.


• As a central aspect of a client’s $20B refinery expansion project, our engineers performed an in-depth risk assessment, audited plant and control networks, and assessed proposed architectures to secure more than 1,000 endpoints covering seven major units across Plant, Process, and Business networks.

• Our engineers designed and developed requirements that incorporated Security Information and Event Management (SIEM) solutions optimized for an ICS/SCADA environment, and Intrusion Detection Systems (IDS), Network Monitoring, and Industrial Firewall solutions.


• The Jacobs solution raised the overall security posture of the customer through the deployment of security management and monitoring technologies optimized for the customer’s environment.

• Jacobs also increased the overall ICS security awareness of client staff, thereby influencing the security and safety consciousness of the organization.


`

Phone: +800.251.3540www.jacobs.com

secure solutions - s1.q4cdn.coms1.q4cdn.com/.../2018/jacobs-secure-solutions-booklet_final.pdf ·...

Documents