Cyber Capabilities

Cloud Migration and Security

Continuous Diagnostics & Mitigation (CDM) Support

Cybersecurity PMO w/ Governance and Compliance

Information System Security Officer (ISSO) and Security Assessment and Authorization (SA&A) Support

Risk Management

Security Operations

Security Program Management Office support

Secure Systems Development

Security Training & Awareness

Technical and Operational Cybersecurity

​

Privacy Capabilities

Privacy policy creation & governance support

Privacy program assessments & remediation strategies

Privacy operations including System of Records Notices (SORN), PTA, and PIA management and privacy incident response

Personally Identifiable Information (PII) protection strategies

Data loss prevention program and tools implementation

Evaluation of security controls for the protection of PII

Design and implementation of PII reduction plans

Privacy training and awareness

​​

Multi-faceted Support for HHS

CSS Federal has provided a multitude of comprehensive ISSO training and/or support to 20+ systems within HHS since 2017, including systems categorized as High Value Assets (HVA). We implemented industry-leading risk management frameworks, information assurance support services, and a vulnerability management program in addition to updating and maintaining pertinent security best practices and strategies.

​​

Risk Management & Remediation for CMS

In support of the CMS Financial Management Systems Group (FMSG), CSS Federal provided meticulous execution and risk management processes involving a SIEM solution. As a result, the Healthcare Integrated General Ledger Accounting System (HIGLAS), which accounts for over $1.2 trillion annually, successfully went live within 6 months, reduced nightly batch run-time by 50%, increased scalability by 20% while maintaining stable environments, which ultimately resulted in allowing HIGLAS to be the 1st Government Agency to upgrade to Oracle Federal Financials 12.2.7 and becoming legislatively mandated DATA Act compliant from Day One. HIGLAS also secured “Certificate of Appreciation” from Department of Health and Human Services for remediating a 20-year-old outstanding material weakness because of the innovative efforts.

​​

Security Services & Testing for EXIM

In support of multiple EXIM IT systems, CSS Federal provides IT security support and documentation services for the Bank’s on-premises and cloud-hosted IT systems – on-premises systems currently include two General Support Systems (GSS) (Infrastructure and Oracle) and three applications (EXIM Online, Application Processing System, and the Financial Management System). CSS Federal also provides IT security testing, including external penetration tests, internal vulnerability assessments, web application security tests, social engineering (phishing) attack tests, and security incident response and disaster recovery tests.