An ounce of prevention can be worth a pound of cure.

CSCI’s cybersecurity professionals have both the technical understanding and the security acumen to design and implement systems for the most challenging and sensitive DoD environments. Our experts understand how to prevent risks in the current digital landscape, reducing vulnerabilities before they can be exploited to damage the Nation’s critical infrastructures. We mitigate risk to ensure that such disruptions of cyberspace are infrequent, of minimal duration, manageable, and cause the least damage possible.

CSCI has built effective and innovative custom solutions. Our team pioneered the creation of fully virtualized network environments capable of supporting developmental testing, user training, certification tests, modeling and simulation, and demonstrations. The cost savings and speed of implementation alone have made our virtual environments a favorite for our customers. CSCI’s SMEs are routinely asked to comment on federal legislation in the areas of information technology governance and cyberspace operations and our consultants provide DoD and commercial organizations with training on how to develop more effective cybersecurity processes that permit organizations to maintain system and facility accreditations.

CSCI Cybersecurity icon- white

Information Assurance

In the current digital environment, threats come in many forms. Keeping networks and systems safe requires specialists who understand the big picture and see how everything connects. CSCI has the practical experience and third-party verification through technical certifications to provide the full range of Information Assurance (IA) services required to manage secure information systems throughout their lifecycle. Our experienced SMEs have a thorough understanding of IT and can help organizations navigate complex information system assessment processes.

Our IA team is equipped to provide a full range of services from maintaining classified enclaves to designing information technology enterprises for secure collaboration across the Nation, with a focus on balancing information security and mission needs. CSCI IA professionals have a comprehensive understanding of the system lifecycle from conception to disestablishment and know what it takes to achieve operational approval through the integration of policy, documentation, and operations for our customers.

With this knowledge, our engineers have created a dynamically adaptive, Secure Computing Area Network (DASCAN) framework that has been accredited by both Defense Security Service and the U.S. Marine Corps to operate on classified networks. This solution leverages a virtualization platform with a base security framework to enable the customer to quickly and safely test, evaluate, and deploy new capabilities in both stand-alone and networked secure computing environments.

Through proven processes, CSCI has achieved operational approval and continues to provide support for our DoD and government customers. Our work includes:

  • Risk Management Framework (RMF)
  • Intelligence Community Directive (ICD) 503
  • DoD Joint Security Implementation Guide (DJSIG)
  • Joint Special Access Program Implementation Guide (JSIG)
  • DoDI 8510.01 Information Assurance Certification and Accreditation Process
  • (DIACAP)
  • National Institute of Standards and Technology (NIST) 800 Series
  • Committee of National Security Systems Instruction (CNSSI) 1253
  • National Industrial Security Program Operating Manual (NISPOM)
  • Federal Information Security Management Act (FISMA)

Information Security

CSCI is well-versed in the principals of the Risk Management Framework (RMF) including the improvement of information security, the strengthening of risk management processes, and the improvement of reciprocity among federal agencies. Our team of experts has the capacity and experience to establish, document, and monitor RMF procedures for networks capable of handling information at all levels.

Secure Data Transfer

In our line of work, it is imperative that nothing slips through the cracks. CSCI’s SMEs understand current best practices in moving confidential and proprietary information via a secure channel. Our team is well-versed in determining optimal transmission protocols to prevent a catastrophic breach of security that could lead to data loss.

Protecting Controlled Unclassified Information

The CSCI team has experience complying with a variety of new government clauses and regulations. For example, all new government contracts include a Defense Federal Acquisition Regulation Supplement (DFARS) Clause 252.204-7012 – Safeguarding Covered Defense Information (CDI) and Cyber Incident Reporting. This clause provides requirements on reporting cyber incidents, but its primary focus is the safeguarding of CDI. Our team of experts is up-to-speed on the latest standards for protecting CDI and can bridge the gap between this emerging standard and the legacy standard still in use today. By complying with NIST SP 800-171, CSCI cybersecurity professionals protect Controlled Unclassified Information (CUI) within nonfederal systems including 14 families of security controls requiring compliance of 110 controls.

Cybersecurity Certifications and Training

CSCI cybersecurity professionals are DoD 8570.01-m compliant and possess cybersecurity and technical certifications including:

  • Certified Information System Security Professional (CISSP)
  • Project Management Professional (PMP)
  • VMware Certified Professional (VCP)
  • Certified Host Based Security Services (HBSS) Administrator
  • Microsoft Certified Systems Engineer (MCSE); Microsoft Certified Technical
  • Specialist (MCTS); Microsoft Certified Information Technical Specialist (MSITP)
  •  Information Technology Infrastructure Library (ITIL) Foundation
  • Cisco Certified Network Associate (CCNA)
  • Red Hat Certified System Administrator (RHCSA)

Regulations Experience

CSCI cybersecurity professionals have experience developing and supporting information systems meeting the following federal government and DoD regulations:

  • National Institute of Standards and Technology (NIST) 800 Series
  • Committee of National Security Systems Instruction (CNSSI) 1253
  • Joint Special Access Program (SAP) Implementation Guide (JSIG)
  • DoD Joint Security Implementation Guide (DJSIG)
  • Defense Security Service (DSS) Assessment and Authorization Process Manual (DAAPM)
  • Federal Information Security Management Act (FISMA)