Cybersecurity & Privacy
When we provide engineering and architecture recommendations for enterprise security technologies and principles such as Zero Trust, CDM, cloud, dashboards, risk management, threat intelligence, wireless, mobile, phishing training and more -- our clients take notice.
Cloud Migration and Security
Continuous Diagnostics & Mitigation (CDM) Support
Cybersecurity PMO w/ Governance and Compliance
Information System Security Officer (ISSO) and Security Assessment and Authorization (SA&A) Support
Security Program Management Office support
Secure Systems Development
Security Training & Awareness
Technical and Operational Cybersecurity
Privacy program assessments & remediation strategies
Privacy operations including System of Records Notices (SORN), PTA, and PIA management and privacy incident response
Personally Identifiable Information (PII) protection strategies
Data loss prevention program and tools implementation
Evaluation of security controls for the protection of PII
Design and implementation of PII reduction plans
Privacy training and awareness
Multi-faceted Support for HHS
CSS Federal has provided a multitude of comprehensive ISSO training and/or support to 20+ systems within HHS since 2017, including systems categorized as High Value Assets (HVA). We implemented industry-leading risk management frameworks, information assurance support services, and a vulnerability management program in addition to updating and maintaining pertinent security best practices and strategies.
Risk Management & Remediation for CMS
In support of the CMS Financial Management Systems Group (FMSG), CSS Federal provided meticulous execution and risk management processes involving a SIEM solution. As a result, the Healthcare Integrated General Ledger Accounting System (HIGLAS), which accounts for over $1.2 trillion annually, successfully went live within 6 months, reduced nightly batch run-time by 50%, increased scalability by 20% while maintaining stable environments, which ultimately resulted in allowing HIGLAS to be the 1st Government Agency to upgrade to Oracle Federal Financials 12.2.7 and becoming legislatively mandated DATA Act compliant from Day One. HIGLAS also secured “Certificate of Appreciation” from Department of Health and Human Services for remediating a 20-year-old outstanding material weakness because of the innovative efforts.
Security Services & Testing for EXIM
In support of multiple EXIM IT systems, CSS Federal provides IT security support and documentation services for the Bank’s on-premises and cloud-hosted IT systems – on-premises systems currently include two General Support Systems (GSS) (Infrastructure and Oracle) and three applications (EXIM Online, Application Processing System, and the Financial Management System). CSS Federal also provides IT security testing, including external penetration tests, internal vulnerability assessments, web application security tests, social engineering (phishing) attack tests, and security incident response and disaster recovery tests.