The BGS Center for Cyber Security Innovation (CSCI) leverages four distinct Cybersecurity capability areas: Security Operations Center (Cloud-based or on-premise); Research Cybersecurity (implementing Security by Design); Critical Infrastructure Security (GRID, HVA, ICS, DCS); and Compliance Assessments (NIST 800-53, NIST 800-171, PEN Testing, Security Plan Packages). We deliver the experts with the right tools to prevent, detect, analyze, and respond to all Cybersecurity challenges.
Compliance & Assessments
- Perform Compliance Assessments (NIST 800-53, NIST 800-171, CSF Framework, CMMC Preparation, etc)
- Red/Blue Team Capabilities: Scan, Test, and Evaluate (ST&E)
- Policy, Procedure, and Plan Development and Maintenance
- Vulnerability, Threat, and Risk Assessments with Remediation
- Incident Response & Reporting
- Certification & Accreditation/Security Authorization Packages for ATOs
- Continuous Monitoring Program Planning and Management
- Secure all classification levels and categories
- Security Awareness and Training
Critical Infrastructure Cyber
- Protect Industrial Control Systems Security (ICS/DCS/SCADA)
- Secure Internet of Things (IoT)
- Analyze and Address Supply Chain Threats
- Perform Threat Analysis and Risk Mitigation
- Secure Across Protection Boundaries
- Secure Cloud Environments
- Address Incident Response Needs
- Create Mission Impact Analysis & Contingency Plan
Research Cyber Security
- Enable Security by Design in New Technologies
- Address Supply Chain Concerns
- Leverage Existing Technologies for New Capabilities
- Security for Smart Devices
Security Operations Center (SOC)
- Real-time Security Event Monitoring (SIEM) and Analysis
- On-premise, Cloud, and/or Hybrid solution provider
- Detect, Triage, and Remediate Potential Incidents
- Data Trending, Metrics, and Reporting
- Malware Reverse Engineering
- Cyber Threat Intelligence from Multiple Threat Intelligence Sources and Threat Hunting
- Red Team and Blue Team Assessments for Y-12, Pantex, Savannah River, and N3B: The BGS Cyber team routinely performs red team and blue team assessments to evaluate the threat landscape for organizations, assess for compliance, and conduct penetration testing activities. Recent facilities where we have performed these types of activities include: Y-12, Pantex, Savannah River, and N3B.
- NIST-171 Assessments:
Supply Chain concerns continue to increase for government organizations, and it is critical to building confidence that organizations conducting government business and handling government information are protecting their own information systems to prevent inadvertently increasing risks to the government. The DFARS requirements utilizing NIST-171 for compliance guidance is a crucial step in demonstrating information security awareness and capabilities. The BGS Cyber team routinely performs NIST-171 assessments for private organizations, both large and small, conducting government business, and additionally maintain internal compliance with the standards. Recent NIST-171 assessments include Kinemetrix and Fluor.
- Authority to Operate (ATO) for Y-12, Pantex, N3B, DUF6: The government requires that all government information systems create and maintain cyber programmatic planning documents in order to obtain and maintain the authority to operate. A compliant authorization package includes at a minimum: System Security Plans, Contingency Plans, Mission and Business Impact Assessments, Privacy Impact Assessments, Incident Response Plans, and Conduct of Operations plans. BGS not only evaluates for compliance, but additionally creates full cyber programs and associated authorization packages for organizations and modifies existing cyber programs to address compliance deficiencies or improve efficiencies. BGS creates the entire range of security related packages needed for facilities. Authorization packages are needed for general support systems (enterprise systems), operational systems (Industrial/Distributed Controls, Telemetry, Internet of Things), and Cloud-based information systems. Recent authorization package activities include: Y-12, Pantex, N3B, DUF6.
- Exascale Computing Project: The Exascale Computing Project is a $1.8B high performance computing project consisting of over 100 project teams with ~1,000 participants across the country. Our highly qualified staff designed and integrated a secure project management and agile software development toolset using Atlassian tools and custom integration with Oracle Primavera P6, and Deltek Cobra using Amazon Web Services Linux servers. Additionally, the staff managed and implemented the Business Intelligence Dashboard and supported the DOE review processes.
Center for Cyber Security Innovation
In a landscape of rapidly evolving threats and new technologies there is a pressing need for experts who can quickly respond and deliver effective solutions matched with each client’s unique requirements. The BGS Center for Cyber Security Innovation (BGS CCSI) was established to address emerging challenges and resolve complex, costly and time-consuming cyber security problems. Whether protecting critical infrastructure or delivering innovative solutions that advance cyber research initiatives, our experience with operational requirements in nuclear, government, and research cyber security environments sets us apart.
BGS brings together expertise from government programs, national laboratories, military cyber threat teams, the intelligence community, and critical energy infrastructure to provide innovative and effective cyber security services and solutions. Technological proficiency, partnerships with key technology providers, and access to experts in cutting-edge cyber security research enables BGS CCSI to address each client’s unique requirements, quickly and efficiently.
Using Security by Design principles, BGS CCSI assesses, designs and manages cyber security programs to meet client-specific environments and classification requirements. Our Security Operations Center capabilities include real-time security event monitoring, threat intelligence, incident response, and malware reverse engineering.
The BGS CCSI core capabilities include:
- Compliance assessments – NIST, DFARS, CSF, CMMC Preparation
- Cyber Security research – on the forefront of technologies to ensure Security by Design
- Critical infrastructure support – solving challenges in Operational Technologies, ICS/DCS/SCADA, and IoT